Author: buildbot Date: Tue Jul 23 08:03:47 2013 New Revision: 870703 Log: Staging update by buildbot for sis
Added: websites/staging/sis/trunk/content/release-management-setup.html Removed: websites/staging/sis/trunk/content/release-setup.html Modified: websites/staging/sis/trunk/content/ (props changed) Propchange: websites/staging/sis/trunk/content/ ------------------------------------------------------------------------------ --- cms:source-revision (original) +++ cms:source-revision Tue Jul 23 08:03:47 2013 @@ -1 +1 @@ -1505721 +1505927 Added: websites/staging/sis/trunk/content/release-management-setup.html ============================================================================== --- websites/staging/sis/trunk/content/release-management-setup.html (added) +++ websites/staging/sis/trunk/content/release-management-setup.html Tue Jul 23 08:03:47 2013 @@ -0,0 +1,243 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html lang="en"> + <head> + <title>Release management setup</title> + <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> + <link rel="stylesheet" type="text/css" media="screen" href="css/bootstrap.min.css"> + <style type="text/css"> + body { + padding-top: 60px; + padding-bottom: 40px; + } + .sidebar-nav { + padding: 9px 0; + } + @media (max-width: 980px) { + /* Enable use of floated navbar text */ + .navbar-text.pull-right { + float: none; + padding-left: 5px; + padding-right: 5px; + } + } + </style> + <link rel="stylesheet" type="text/css" media="screen" href="css/bootstrap-responsive.min.css"> + + + <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. See the NOTICE file distributed with this work for additional information regarding copyright ownership. The ASF licenses this file to you under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at . http://www.apache.org/licenses/LICENSE-2.0 . Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. --> + </head> + + <body> + <div class="navbar navbar-inverse navbar-fixed-top"> + <div class="navbar-inner"> + <div class="container"> + <a class="btn btn-navbar" data-toggle="collapse" data-target=".nav-collapse"> + <span class="icon-bar"></span> + <span class="icon-bar"></span> + <span class="icon-bar"></span> </a> + <a class="brand" href="/index.html"> Apache SIS™ </a> + <div class="nav-collapse"> + <ul class="nav"> + <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown">About<b class="caret"></b></a> + <ul class="dropdown-menu"> + <li><a href="mailinglists.html">Mailing Lists</a></li> + <li><a href="license.html">Project License</a></li> + <li><a href="team.html">Project Team</a></li> + </ul> + </li> + <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown">Project Documentation<b class="caret"></b></a> + <ul class="dropdown-menu"> + <li><a href="downloads.html">Downloads</a></li> + <li><a href="source.html">Source Code</a></li> + <li><a href="https://issues.apache.org/jira/browse/SIS">Issue Tracker</a></li> + <li><a href="release-management.html">Release Management</a></li> + </ul> + </li> + <li class="dropdown"> <a class="dropdown-toggle" data-toggle="dropdown">ASF <b class="caret"></b></a> + <ul class="dropdown-menu"> + <li><a href="http://www.apache.org">Apache Software Foundation</a></li> + <li><a href="http://www.apache.org/foundation/thanks.html">Thanks</a></li> + <li><a href="http://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li> + <li><a href="http://www.apache.org/security/">Security</a></li> + </ul> + </li> + </ul> + </div> <!-- /.nav-collapse --> + </div><!-- /.container --> + </div><!-- /.navbar-inner --> + </div> + + <div class="container-fluid"> + <div class="row-fluid"> + <div class="span3"> + <div class="well sidebar-nav"> + <ul class="nav nav-list"> + <li class="nav-header">Apache SIS</li> + <li class="active"><a href="index.html">Home</a></li> + <li><a href="mailinglists.html">Mailing Lists</a></li> + <li><a href="license.html">Project License</a></li> + <li><a href="team.html">Project Team</a></li> + <li class="nav-header">Project Documentation</li> + <li><a href="downloads.html">Downloads</a></li> + <li><a href="source.html">Source Code</a></li> + <li><a href="https://issues.apache.org/jira/browse/SIS">Issue Tracker</a></li> + <li><a href="release-management.html">Release Management</a></li> + <li class="nav-header">ASF</li> + <li><a href="http://www.apache.org">Apache Software Foundation</a></li> + <li><a href="http://www.apache.org/foundation/thanks.html">Thanks</a></li> + <li><a href="http://www.apache.org/foundation/sponsorship.html">Become a Sponsor</a></li> + <li><a href="http://www.apache.org/security/">Security</a></li> + </ul> + </div><!--/.well --> + </div><!--/span--> + <div class="span9"> + <section id="content" class="row"> + <article class="span12"> + <h1 id="one-time-release-management-setup">One time release management setup</h1> +<p>The following instructions need to be done only once by new release managers, +or when configuring a new machine for performing the releases. +If those steps have already been done, jump directly to the <a href="release-process.html">Release process</a> page.</p> +<h2 id="directory-layout-including-subversion-checkout">Directory layout (including Subversion checkout)</h2> +<p>The steps described in the release process page assume the following directory layout. +Some directories are SVN checkout, other are ordinary directories. Any other layout can be used. +However in the later case, all relative paths in the release process page will need to be adjusted accordingly.</p> +<div class="codehilite"><pre><any root directory for SIS> +ââ trunk +ââ branches +ââ tags +ââ distribution +</pre></div> + + +<p>Create the above directory structure as below:</p> +<div class="codehilite"><pre>svn checkout https://svn.apache.org/repos/asf/sis/trunk +svn checkout https://dist.apache.org/repos/dist/dev/sis distribution +mkdir branches +mkdir tags +</pre></div> + + +<h2 id="shell-configuration">Shell configuration</h2> +<p>It is better for Unix shells to contain the following line in their initialization file +(typically <code>~/.bashrc</code> or <code>~/.profile</code>, where <code>~</code> stands for the user's home directory):</p> +<div class="codehilite"><pre><span class="nb">export </span><span class="nv">GPG_TTY</span><span class="o">=</span><span class="k">$(</span>tty<span class="k">)</span> +</pre></div> + + +<h2 id="generate-gpg-key">Generate GPG key</h2> +<p>The releases have to be signed by public key cryptography signatures. +Detailed instructions about why releases have to be signed are provided on the <a href="http://www.apache.org/dev/release-signing.html">Release Signing</a> page. +The standard used is OpenPGP (<em>Open Pretty Good Privacy</em>), and a popular software implementation of that standard is GPG (<em>GNU Privacy Guard</em>). +The <a href="http://www.apache.org/dev/openpgp.html">OpenPGP instructions</a> list out detailed steps on managing your keys. +The following steps provide a summary:</p> +<p>Edit the <code>~/.gnupg/gpg.conf</code> configuration file and add the following configuration options, +or edit the existing values if any:</p> +<div class="codehilite"><pre>personal-digest-preferences SHA512 +cert-digest-algo SHA512 +default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2 ZIP Uncompressed +</pre></div> + + +<p>Generate 4096 bits RSA key pair using the following command-line. GPG will prompts for various informations. +The list below the command suggests some values, keeping in mind that the new key should be used only for +signing Apache softwares - not for daily emails.</p> +<div class="codehilite"><pre>gpg --gen-key +</pre></div> + + +<ul> +<li>Kind of key: RSA and RSA (default). Do not create DSA key.</li> +<li>Key size: 4096 bits.</li> +<li>Validity time: 0 (key does not expire).</li> +<li>Real name: the developer's name.</li> +<li>Email address: developer's email address at <a href="mailto:<<@apache.org"><<@apache.org</a>>>.</li> +<li>Comment: "CODE SIGNING KEY".</li> +<li>Passphrase: please choose a strong one.</li> +</ul> +<p>Verify the key information (replace <em>Real Name</em> by the above-cited developer's name, keeping quotes in the command below). +Note the key identifier, which is a value like <code>EB98E066</code>. This key identifier will be needed for the next steps.</p> +<div class="codehilite"><pre>gpg --list-sigs <span class="s2">"Real Name"</span> +</pre></div> + + +<p>Sends the public key to a keys server (replace <code><key_id></code> by the above-cited key identifier). +The default GPG configuration sends the key to <code>hkp://keys.gnupg.net</code>. +Note that while there is many key servers, most of them synchronize changes with each other, +so a key uploaded to one should be disseminated to the rest.</p> +<div class="codehilite"><pre>gpg --send-key <key_id> +</pre></div> + + +<p>Generate a revocation certificate. This is not for immediate use, but generating the certificate now +is a safety in case the passphrase is lost. Keep the revocation certificate in a safe place.</p> +<div class="codehilite"><pre>gpg --output revocation_certificate.asc --gen-revoke <key_id> +</pre></div> + + +<p>Have the key signed by at least three Apache commiters. This can be done by executing the following commands on +the machine of the other Apache commiter, where <code><key_to_use></code> is the identifier of the other commiter's key. +Those operation should preferably be done in some event where the commiters can meet face-to-face. +The other commiter should verify that the <code>gpg --fingerprint</code> command output matches the fingerprint of the key to sign.</p> +<div class="codehilite"><pre>gpg --recv-keys <key_id> +gpg --fingerprint <key_id> +gpg --default-key <key_to_use> --sign-key <key_id> +gpg --send-key <key_id> +</pre></div> + + +<p>The above-cited <em>Release Signing</em> page provides more instructions. +Then, the signed public key shall be appended to the <code>KEYS</code> file on <a href="http://dist.apache.org/repos/dist/release/sis/">SIS distribution directory</a>.</p> +<h2 id="maven-configuration-nexus-setup">Maven Configuration & Nexus Setup</h2> +<p>Detailed instructions are at <a href="http://www.apache.org/dev/publishing-maven-artifacts.html">Publishing Maven Artifacts</a>. +In summary, the developer needs to specify username, and optionally password, in his local <code>~/.m2</code> directory. +If not already done, create a Maven master password:</p> +<div class="codehilite"><pre>mvn --encrypt-master-password <password> +</pre></div> + + +<p>The command will produce an encrypted version of the given password, something like <code>{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</code>. +Store this password in the <code>~/.m2/settings-security.xml</code> file like below:</p> +<div class="codehilite"><pre><span class="nt"><settingsSecurity></span> + <span class="nt"><master></span>{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}<span class="nt"></master></span> +<span class="nt"></settingsSecurity></span> +</pre></div> + + +<p>Then encrypt the passphrase of the GPG key created in above steps, like below:</p> +<div class="codehilite"><pre>mvn --encrypt-password <passphrase> +</pre></div> + + +<p>The command will produce an encrypted version of the passphrase, something like <code>{COQLCE6DU6GtcS5P=}</code>. +Cut-and-paste it in a section of the <code>~/.m2/settings.xml</code> file like below:</p> +<div class="codehilite"><pre><span class="nt"><settings></span> +... + <span class="nt"><servers></span> + <span class="nt"><server></span> + <span class="nt"><id></span>apache.releases.https<span class="nt"></id></span> + <span class="nt"><username></span> <span class="c"><!-- YOUR APACHE USERNAME --></span> <span class="nt"></username></span> + <span class="nt"><password></span>{COQLCE6DU6GtcS5P=}<span class="nt"></password></span> + <span class="nt"></server></span> + ... + <span class="nt"></servers></span> +<span class="nt"></settings></span> +</pre></div> + </article> + </section> + </div><!--/span--> + </div><!--/row-fluid--> + </div><!--/container-fluid--> + + <footer class="footer" align="center"> + <div class="container"> + <p>Copyright © 2013 The Apache Software Foundation, Licensed under the + <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.<br /> + Apache SIS, Apache, the Apache feather logo are trademarks of The Apache Software Foundation.</p> + </div> + </footer> + + <script src="js/jquery-1.9.1.min.js"></script> + <script src="js/bootstrap.min.js"></script> + +</body> +</html>