Dear OpenWhiskers, Currently, my team members and I are trying to figure out how we can release OpenWhisk in Apache in an automated way on a regular basis. We have created a repo called incubator-openwhisk-release: https://github.com/apache/incubator-openwhisk-release, targeting to become a tool to do the release for all openwhisk projects.
From the source code as they are in Github, to the packaged artifacts available in staging repository to vote on, and to the official release version. We are working on the whole process from one end to the other end. I am drafting some specifications about how to implement as a PR: https://github.com/apache/incubator-openwhisk-release/pull/15 You can also access it via my fork: https://github.com/houshengbo/incubator-openwhisk-release/blob/draft-plan/docs/general_spec.md In general, we will try to use Travis CI as much as possible to do all the work. Since we are developing scripts for Travis to run, we can run them locally as well. We opened a couple of issues, as you can see here: https://github.com/apache/incubator-openwhisk-release/issues, and already earned some folks' comment on them. Thank you for your care. We are looking at tools, like Apache Creadur, Apache Tentacles, some building tools, like gradle, maven, gogradle, etc, to find our how they can play out to smooth our release process. Feel free to comment out my PR( https://github.com/apache/incubator-openwhisk-release/pull/15), or open an issue at(https://github.com/apache/incubator-openwhisk-release/issues) with your suggestions and comments for the openwhisk release process. Thank you very much. Best wishes. Vincent Hou (侯胜博) Advisory Software Engineer, OpenWhisk Contributor, Open Technology, IBM Cloud Notes ID: Vincent S Hou/Raleigh/IBM, E-mail: s...@us.ibm.com, Phone: +1(919)254-7182 Address: 4205 S Miami Blvd (Cornwallis Drive), Durham, NC 27703, United States From: Michael Marth <mma...@adobe.com.INVALID> To: "dev@openwhisk.apache.org" <dev@openwhisk.apache.org> Date: 01/25/2018 10:43 AM Subject: Re: Using Apache Creadur to audit in the release process Hi Daisy, Tangential question (sorry): is there a wiki or GH page describing the overall plan for releases? I am especially interested in the Travis part, but would be great to see the full picture. Thanks! Michael On 25/01/18 15:04, "Ying Chun Guo" <guoyi...@cn.ibm.com> wrote: Hi, all As we are setting up the release process, I'm investigating how Apache Creadur[1] - the auditing tools - can help us in the release process. This email describes what I found and what I propose. We can discuss together. First of all, we need to understand audit is very important in a Apache release process. "every ASF release MUST comply with ASF licensing policy. This requirement is of utmost importance and an audit SHOULD be performed before any full release is created.", described by Apache Release Policy [2]. Apache Creadur is such audit tooling to help us. Apache Creadur includes three projects: - Apache Rat audits license headers. It will check if files have Apache License or not, and generate a report. - Apache Tentacles helps to audit in bulk components uploaded to a staging repository. It will check if there is a LICENSE and NOTICE files under each archived source package and compiled package. A HTML report will be generated. - Apache Whisker will generate a correct legal documentation if a package bundles code under several licenses. I propose to use: - Apache Rat to check license headers during the release of the source package. We can develop a program to auto 'read' the report generated by Rat. If the report doesn't find any issues, the release can be continued. Or else, it will be stopped and errors will be returned. - Apache Tentacles to check if every archived package has a LICENSE and a NOTICE file. The check need to be done both in the release of the source package and the release of the compiled package after the artifacts are uploading to a staging repository. Similar as Rat report, we will develop program to auto "read" the report and decide whether there are issues. Apache Whisker is not relevant to us up to now, because we don't have codes under none Apache licenses. ( Correct me if I'm wrong ). In the future, we may need it. Let me know if you have any comments and suggestions to the audit process and tooling. Best regards Daisy Guo [1] https://urldefense.proofpoint.com/v2/url?u=http-3A__creadur.apache.org&d=DwIGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=LUNmCHjmrhrkjp9ZF9fhwg&m=JUb9mfEl9cRtHgYOrMM3A07G5ZTPwjvr9Ok9zPN0spM&s=8PO1bIlCFxzTwRl134HTfpui88duotT66lYPYdawRcU&e= [2] https://urldefense.proofpoint.com/v2/url?u=http-3A__www.apache.org_legal_release-2Dpolicy.html-23licensing&d=DwIGaQ&c=jf_iaSHvJObTbx-siA1ZOg&r=LUNmCHjmrhrkjp9ZF9fhwg&m=JUb9mfEl9cRtHgYOrMM3A07G5ZTPwjvr9Ok9zPN0spM&s=FQulTVxLUmkyW1xsBBatCTdL7GSZJAKJCd2izHOGFso&e=
