ashulin commented on code in PR #124: URL: https://github.com/apache/incubator-seatunnel-website/pull/124#discussion_r979425869
########## community/contribution_guide/release.md: ########## @@ -0,0 +1,586 @@ +# Release Guide + +## GPG Settings + +### Install GPG + +Download installation package on [official GnuPG website](https://www.gnupg.org/download/index.html). +The command of GnuPG 1.x version can differ a little from that of 2.x version. +The following instructions take `GnuPG-2.1.23` version for example. + +After the installation, execute the following command to check the version number. + +```shell +gpg --version +``` + +### Create Key + +After the installation, execute the following command to create key. + +This command indicates `GnuPG-2.x` can be used: + +```shell +gpg --full-gen-key +``` + +This command indicates `GnuPG-1.x` can be used: + +```shell +gpg --gen-key +``` + +Finish the key creation according to instructions: + +**Notice: Please use Apache mail for key creation.** + +```shell +gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc. +This is free software: you are free to change and redistribute it. +There is NO WARRANTY, to the extent permitted by law. + +Please select what kind of key you want: + (1) RSA and RSA (default) + (2) DSA and Elgamal + (3) DSA (sign only) + (4) RSA (sign only) +Your selection? 1 +RSA keys may be between 1024 and 4096 bits long. +What keysize do you want? (2048) 4096 +Requested keysize is 4096 bits +Please specify how long the key should be valid. + 0 = key does not expire + <n> = key expires in n days + <n>w = key expires in n weeks + <n>m = key expires in n months + <n>y = key expires in n years +Key is valid for? (0) +Key does not expire at all +Is this correct? (y/N) y + +GnuPG needs to construct a user ID to identify your key. + +Real name: ${Input username} +Email address: ${Input email} +Comment: ${Input comment} +You selected this USER-ID: + "${Inputed username} (${Inputed comment}) <${Inputed email}>" + +Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O +You need a Passphrase to protect your secret key. # Input passwords +``` + +### Check Generated Key + +```shell +gpg --list-keys +``` + +Execution Result: + +```shell +pub 4096R/85E11560 2019-11-15 +uid ${Username} (${Comment}) <{Email}> +sub 4096R/A63BC462 2019-11-15 +``` + +Among them, 85E11560 is public key ID. + +### Upload the Public Key to Key Server + +The command is as follow: + +```shell +gpg --keyserver pgpkeys.mit.edu/ --send-key 85E11560 +``` +* Here pgpkeys.mit.edu is a random selection of keyserver. Any key server from the list https://sks-keyservers.net/status/ is acceptable because they are automatically synchronized. + + +`pool.sks-keyservers.net` is randomly chosen from [public key server](https://sks-keyservers.net/status/). +Each server will automatically synchronize with one another, so it would be okay to choose any one. + +## Apache Maven Central Repository Release + +### Set settings.xml + +Add the following template to `~/.m2/settings.xml`, all the passwords need to be filled in after encryption. +For encryption settings, please see [here](http://maven.apache.org/guides/mini/guide-encryption.html). + +```xml +<settings> + <servers> + <server> + <id>apache.snapshots.https</id> + <username> <!-- APACHE LDAP username --> </username> + <password> <!-- APACHE LDAP encrypted password --> </password> + </server> + <server> + <id>apache.releases.https</id> + <username> <!-- APACHE LDAP username --> </username> + <password> <!-- APACHE LDAP encrypted password --> </password> + </server> + </servers> +</settings> +``` + +### Update Release Notes + +``` +https://github.com/apache/incubator-seatunnel/blob/dev/ReleaseNotes.md +``` + +### Create Release Branch + +Suppose SeaTunnel source codes downloaded from GitHub is under `~/incubator-seatunnel/` directory and the version to be released is `${RELEASE.VERSION}`. +Create `${RELEASE.VERSION}-release` branch, where all the following operations are performed. + +```shell +cd ~/incubator-seatunnel/ +git pull +git checkout -b ${RELEASE.VERSION}-release +git push origin ${RELEASE.VERSION}-release +``` + +### Pre-Release Check + +```shell +mvn release:prepare -Prelease -Darguments="-DskipTests" -DdryRun=true -Drevison=${RELEASE-VERSION} -Dusername=${Github username} +``` + +-Prelease: choose release profile, which will pack all the source codes, jar files and executable binary packages. + +--Drevison=${RELEASE-VERSION}:it can make the version number is inputted. + +-DdryRun=true:rehearsal, which means not to generate or submit new version number and new tag. + +### Prepare for the Release + +First, clean local pre-release check information. + +```shell +mvn release:clean +``` + +Then, prepare to execute the release. + +```shell +mvn release:prepare -Prelease -Darguments="-DskipTests" -Drevison=${RELEASE-VERSION} -DpushChanges=false -Dusername=${Github username} +``` + +It is basically the same as the previous rehearsal command, but deleting -DdryRun=true parameter. + +-DpushChanges=false:do not submit the edited version number and tag to Github automatically. + +After making sure there is no mistake in local files, submit them to GitHub. + +```shell +git push +git push origin --tags +``` + +### Deploy the Release + +```shell +mvn release:perform -Prelease -Darguments="-DskipTests" -Drevison=${RELEASE-VERSION} -Dusername=${Github username} Review Comment: ```suggestion mvn release:perform -Prelease -Darguments="-DskipTests" -Dhttps.protocols=TLSv1.2 -Dusername=${Github username} ``` https://stackoverflow.com/questions/50328668/maven-java-build-ssl-peer-shut-down-incorrectly ########## community/contribution_guide/release.md: ########## @@ -0,0 +1,586 @@ +# Release Guide + +## GPG Settings + +### Install GPG + +Download installation package on [official GnuPG website](https://www.gnupg.org/download/index.html). +The command of GnuPG 1.x version can differ a little from that of 2.x version. +The following instructions take `GnuPG-2.1.23` version for example. + +After the installation, execute the following command to check the version number. + +```shell +gpg --version +``` + +### Create Key + +After the installation, execute the following command to create key. + +This command indicates `GnuPG-2.x` can be used: + +```shell +gpg --full-gen-key +``` + +This command indicates `GnuPG-1.x` can be used: + +```shell +gpg --gen-key +``` + +Finish the key creation according to instructions: + +**Notice: Please use Apache mail for key creation.** + +```shell +gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc. +This is free software: you are free to change and redistribute it. +There is NO WARRANTY, to the extent permitted by law. + +Please select what kind of key you want: + (1) RSA and RSA (default) + (2) DSA and Elgamal + (3) DSA (sign only) + (4) RSA (sign only) +Your selection? 1 +RSA keys may be between 1024 and 4096 bits long. +What keysize do you want? (2048) 4096 +Requested keysize is 4096 bits +Please specify how long the key should be valid. + 0 = key does not expire + <n> = key expires in n days + <n>w = key expires in n weeks + <n>m = key expires in n months + <n>y = key expires in n years +Key is valid for? (0) +Key does not expire at all +Is this correct? (y/N) y + +GnuPG needs to construct a user ID to identify your key. + +Real name: ${Input username} +Email address: ${Input email} +Comment: ${Input comment} +You selected this USER-ID: + "${Inputed username} (${Inputed comment}) <${Inputed email}>" + +Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O +You need a Passphrase to protect your secret key. # Input passwords +``` + +### Check Generated Key + +```shell +gpg --list-keys +``` + +Execution Result: + +```shell +pub 4096R/85E11560 2019-11-15 +uid ${Username} (${Comment}) <{Email}> +sub 4096R/A63BC462 2019-11-15 +``` + +Among them, 85E11560 is public key ID. + +### Upload the Public Key to Key Server + +The command is as follow: + +```shell +gpg --keyserver pgpkeys.mit.edu/ --send-key 85E11560 +``` +* Here pgpkeys.mit.edu is a random selection of keyserver. Any key server from the list https://sks-keyservers.net/status/ is acceptable because they are automatically synchronized. + + +`pool.sks-keyservers.net` is randomly chosen from [public key server](https://sks-keyservers.net/status/). +Each server will automatically synchronize with one another, so it would be okay to choose any one. Review Comment: Can you add the description of " Search Key in key server" to verify whether your key can be found? ```shell gpg --keyserver ${key server} --search-keys {public key ID} ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
