Roman Shaposhnik created BIGTOP-2736:
----------------------------------------
Summary: Automate last mile of release process
Key: BIGTOP-2736
URL: https://issues.apache.org/jira/browse/BIGTOP-2736
Project: Bigtop
Issue Type: Improvement
Components: build
Affects Versions: 1.2.0
Reporter: Roman Shaposhnik
Assignee: Roman Shaposhnik
Fix For: 1.3.0
As an RM for 1.2.0 I did a lot of it via automation (relevant tasks in
release.gradle) but there also were quite a few things I had to do by hand.
I'll dump my notes here and hopefully we can put those in automation for the
next release:
# I had to sign RPM packages by:
{noformat}
$ echo > ~/.rpmmacros <<__EOT__
%_signature gpg
%_gpg_path /ws/gnupg
%_gpg_name 9475BD5D
%_gpgbin /usr/bin/gpg
__EOT__
$ rpm --addsign `find . -name \*rpm`
{noformat}
# I had to sign the YUM and Zypper repos by (the last two steps were Zypper
specific):
{noformat}
$ for i in ./*/*/*/repodata/repomd.xml ; do gpg --homedir /ws/gnupg
--detach-sign --armor $i ; done
$ gpg --homedir /ws/gnupg --armor --export [email protected] >
opensuse/42.1/x86_64/repodata/repomd.xml.key
$ for i in *.xml.gz repomd.xml.key ; do gpg --homedir /ws/gnupg --detach-sign
--armor $i ; done
{noformat}
# I had to sign APT repo by essentially rebuilding it from scratch with:
{noformat}
$ cat > apt/conf/distributions <<__EOT__
Origin: Bigtop
Label: Bigtop
Suite: stable
Codename: bigtop
Version: 1.2.0
Architectures: amd64 source
Components: contrib
Description: Apache Bigtop
SignWith: 9475BD5D
__EOT__
$ cat > apt/conf/options <<__EOT__
verbose
ask-passphrase
__EOT__
{noformat}
Also it helps to do this with GPG agent sine all these tools are super chatty
and will keep asking you for the master password to your key:
{noformat}
echo 'use-agent' >> ~/.gnupg/gpg.conf
echo 'pinentry-program /usr/bin/pinentry-curses' > ~/.gnupg/gpg-agent.conf
{noformat}
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
