Author: psteitz
Date: Fri Dec 23 20:43:35 2005
New Revision: 358917
URL: http://svn.apache.org/viewcvs?rev=358917&view=rev
Log:
Some small updates:
* Added -b to md5sum example
* Changed link from Jakarta ReleaseSigning wiki page to apache FAQ
* Added more info on deploying release jar
* Noted that Jakarta site build requires JDK 1.5
* Eliminated reference to obsolete README in jakarta site directory.
* Eliminated reference to asfrepository wiki page
* Reduced indent on some example text (prevent horizontal scroll)
Modified:
jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml
Modified: jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml
URL:
http://svn.apache.org/viewcvs/jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml?rev=358917&r1=358916&r2=358917&view=diff
==============================================================================
--- jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml
(original)
+++ jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml Fri
Dec 23 20:43:35 2005
@@ -110,7 +110,7 @@
<p>
For example md5sum (on Linux):
<pre>
- $ md5sum commons-foo-1.2-src.tar.gz > commons-foo-1.2-src.tar.gz.md5
+ $ md5sum -b commons-foo-1.2-src.tar.gz > commons-foo-1.2-src.tar.gz.md5
</pre>
</p>
<p>
@@ -140,26 +140,26 @@
<a href='http://www.gnupg.org'>Gnu Privacy Guard</a> on linux:
</p>
<p>
- General instructions about signing releases can be found
- <a href="http://wiki.apache.org/jakarta-commons/SigningReleases";>here</a>.
+ See the <a
href="http://www.apache.org/dev/release-signing.html#faq";>Apache Release
Signing FAQ</a>
+ for more information on release signing.
</p>
<p>
Example:
<pre>
- $ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig
commons-foo-1.2-src.tar.gz
- You need a passphrase to unlock the secret key for
- user: "Robert Burrell Donkin (CODE SIGNING KEY) <[EMAIL PROTECTED]>"
- 1024-bit DSA key, ID B1313DE2, created 2003-01-15
+$ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig
commons-foo-1.2-src.tar.gz
+You need a passphrase to unlock the secret key for
+user: "Robert Burrell Donkin (CODE SIGNING KEY) <[EMAIL PROTECTED]>"
+1024-bit DSA key, ID B1313DE2, created 2003-01-15
</pre>
</p>
<p>
Signatures for all varieties of release need to be create. The signature
files should be
named after the original with <code>.asc</code> suffixed.
<pre>
- $ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig
commons-foo-1.2-src.tar.gz
- $ gpg --armor --output commons-foo-1.2-src.zip.asc --detach-sig
commons-foo-1.2-src.zip
- $ gpg --armor --output commons-foo-1.2.zip.asc --detach-sig
commons-foo-1.2.zip
- $ gpg --armor --output commons-foo-1.2.tar.gz.asc --detach-sig
commons-foo-1.2.tar.gz
+$ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig
commons-foo-1.2-src.tar.gz
+$ gpg --armor --output commons-foo-1.2-src.zip.asc --detach-sig
commons-foo-1.2-src.zip
+$ gpg --armor --output commons-foo-1.2.zip.asc --detach-sig commons-foo-1.2.zip
+$ gpg --armor --output commons-foo-1.2.tar.gz.asc --detach-sig
commons-foo-1.2.tar.gz
</pre>
</p>
<p>
@@ -176,22 +176,22 @@
<subsection name='4 Verify the Releases'>
<ul>
<li>
- <strong>Verify signatures</strong><br/>.
+ <strong>Verify signatures</strong><br/>
Use another user to verify the signatures. (The user must have your
code-signing
public key loaded into their key ring.) Here's an example using GnuPG:
<pre>
- % gpg --verify commons-foo-1.2.tar.gz.asc commons-foo-1.2.tar.gz
- gpg: Signature made 03/01/03 19:34:31 GMT using DSA key ID B1313DE2
- gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY)
<[EMAIL PROTECTED]>"
- % gpg --verify commons-foo-1.2.zip.asc commons-foo-1.2.zip
- gpg: Signature made 03/01/03 19:34:05 GMT using DSA key ID B1313DE2
- gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY)
<[EMAIL PROTECTED]>"
- % gpg --verify commons-foo-1.2-src.zip.asc commons-foo-1.2-src.zip
- gpg: Signature made 03/01/03 19:33:42 GMT using DSA key ID B1313DE2
- gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY)
<[EMAIL PROTECTED]>"
- % gpg --verify commons-foo-1.2-src.tar.gz.asc commons-foo-1.2-src.tar.gz
- gpg: Signature made 03/01/03 19:32:56 GMT using DSA key ID B1313DE2
- gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY)
<[EMAIL PROTECTED]>"
+% gpg --verify commons-foo-1.2.tar.gz.asc commons-foo-1.2.tar.gz
+gpg: Signature made 03/01/03 19:34:31 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) <[EMAIL
PROTECTED]>"
+% gpg --verify commons-foo-1.2.zip.asc commons-foo-1.2.zip
+gpg: Signature made 03/01/03 19:34:05 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) <[EMAIL
PROTECTED]>"
+% gpg --verify commons-foo-1.2-src.zip.asc commons-foo-1.2-src.zip
+gpg: Signature made 03/01/03 19:33:42 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) <[EMAIL
PROTECTED]>"
+% gpg --verify commons-foo-1.2-src.tar.gz.asc commons-foo-1.2-src.tar.gz
+gpg: Signature made 03/01/03 19:32:56 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) <[EMAIL
PROTECTED]>"
</pre>
</li>
<li>
@@ -356,13 +356,7 @@
<subsection name='8 Deploy jar, project.xml and license.html to
Java-Repository'>
<p>
The ASF Java Respository is the home for distributions in jar format.
- The details of this repository are evolving constantly so please check
- the <a href='http://wiki.apache.org/asfrepository'>current repository
documentation</a>
- before uploading. If you discover that the instructions below are now
outdated,
- please patch them :)
- </p>
- <p>
- Your jar file(s) should also be placed in
+ Your jar file(s) should be placed in
<code>/www/www.apache.org/dist/java-repository/commons-foo/jars</code> on
people.apache.org. The jars placed here will be rsynched (after some delay)
to the public distribution repository on www.apache.org, as well as to the
@@ -371,7 +365,7 @@
as the file <code>commons-foo-1.2.pom</code>.
Ensure the version number matches the one inside the
<code>project.xml</code>.
</p>
- <p><strong>N.B.</strong> Remember to sign files placed in the ASF Java
+ <p><strong>N.B.</strong> Remember to sign files placed in the ASF Java
Respository.
</p>
<p>
@@ -394,7 +388,17 @@
deployment using scp. A how-to showing how to get an apache ssh key set up
can be found
<a
href="http://forrest.apache.org/community/howto/cvs-ssh/howto-cvs-ssh.html";>
- here</a>
+ here.</a> Given this setup,
+ <pre>
+ maven -Dmaven.repo.list=apache.releases -Duser.name=your-apache-id
jar:deploy
+ </pre>
+ will deploy the jar to the Apache Maven repository (with your user name
+ as the value of the Built-By attribute in the manifest). Note that the
+ maven jar plugin does not (yet) create or publish signatures, so if you use
+ maven to deploy the jar, you need to manually sign it and copy the
signature
+ file separately to
/www/www.apache.org/dist/java-repository/commons-foo/jars.
+ Make sure that the signature file has correct permissions and group
+ ownership (matching the jar) after you copy it.
</p>
</subsection>
@@ -493,6 +497,7 @@
<p>
Check out the subversion directory
http://svn.apache.org/repos/asf/jakarta/site/, make
the changes described below, then in the site directory run "ant" to build
HTML files.
+ In order for the site build to work correctly, you need to run Ant under a
1.5 JDK.
Once you have checked the generated HTML files are correct, commit the
changes to both
the xml and HTML files, then log onto people.apache.org and in directory
/www/jakarta.apache.org run the command "svn update index.html site" to
update the jakarta
@@ -500,13 +505,9 @@
few hours until those changes are transferred to the actual webserver host
machine.
</p>
<p>
- Note that in order to commit changes to the site directory you must be in
subversion
+ In order to commit changes to the site directory you must be in subversion
group "jakarta-site". If you are not in this group, then just ask on
the [EMAIL PROTECTED] mailing list - all Jakarta committers can get access
on request.
- </p>
- <p>
- See the README.txt file in the subversion site directory for more
information on how to
- update and deploy the jakarta website.
</p>
<ul>
<li>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
