This is an automated email from the ASF dual-hosted git repository.
markt pushed a commit to branch 8.5.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/8.5.x by this push:
new cf85469926 Back port automation and reproducibility improvements
cf85469926 is described below
commit cf85469926280d62e54e6ff8177ab2e904cac5a2
Author: Mark Thomas <[email protected]>
AuthorDate: Thu Jun 9 17:34:11 2022 +0100
Back port automation and reproducibility improvements
---
BUILDING.txt | 27 +++++++++++
build.properties.default | 9 +---
build.xml | 112 ++++++++++++++++++++++++++++++++-------------
res/maven/README.txt | 11 ++---
res/maven/mvn-pub.xml | 1 +
webapps/docs/changelog.xml | 19 ++++++++
6 files changed, 134 insertions(+), 45 deletions(-)
diff --git a/BUILDING.txt b/BUILDING.txt
index 4c1bfd2625..6e660f1141 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -301,8 +301,35 @@ You can build them by using the following commands:
4. Build the release:
+ Apache Tomcat releases are fully reproducible.
+
+ Release managers producing release builds must follow the following
+ procedure:
+
cd ${tomcat.source}
+ ant pre-release
+ ant release
+ git commit -a -m "Tag <version-number>"
+ git tag <vesion-number>
+ git push origin <version-number>
ant release
+ git reset --hard HEAD~1
+
+ The output from either 'ant release' call may be uploaded as the official
+ release since they will be identical. It is recommended that the output
from
+ the second call is used.
+
+ Anyone wishing to reproduce an official build must do so from an official
+ source release. The build tool chain defined in build.properties.release
+ must be used to reproduce an official build. Once unpacked to
+ ${tomcat.source}, the following steps must be followed
+
+ cd ${tomcat.source}
+ ant release
+
+ Following the same steps without using the defined build tool chain will
+ create a release that is functionally the same as an official release but
+ not bit for bit identical.
(7) Tests
diff --git a/build.properties.default b/build.properties.default
index 37eea4a9d9..f8f0b4ca7a 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -33,17 +33,12 @@ version.major=8
version.minor=5
version.build=82
version.patch=0
-version.suffix=-dev
+version.suffix=
+version.dev=-dev
# ----- Build tools -----
ant.version.required=1.9.10
-# ----- Reproducible builds -----
-# Uncomment and set to current time for reproducible builds
-# Note: The value is in seconds (unlike milliseconds used by
System.currentTimeMillis()).
-#2022-03-31T12:00:00Z
-#ant.tstamp.now.iso=1648728000
-
# ----- Build control flags -----
compile.debug=true
# Do not pass -deprecation (-Xlint:deprecation) flag to javac
diff --git a/build.xml b/build.xml
index 87294ea2d3..3700162006 100644
--- a/build.xml
+++ b/build.xml
@@ -34,7 +34,7 @@
<!-- property values you may customize.
-->
<property file="${user.home}/build.properties"/>
<property file="build.properties"/>
- <property file="build-release.properties"/>
+ <property file="build.properties.release"/>
<property file="build.properties.default"/>
<!-- Check Ant Version -->
@@ -58,7 +58,7 @@
<!-- Version numbers -->
<!-- Keep in sync with webapps/docs/tomcat-docs.xsl -->
- <property name="version"
value="${version.major}.${version.minor}.${version.build}${version.suffix}" />
+ <property name="version"
value="${version.major}.${version.minor}.${version.build}${version.suffix}${version.dev}"
/>
<property name="version.number"
value="${version.major}.${version.minor}.${version.build}.${version.patch}" />
<property name="version.major.minor"
value="${version.major}.${version.minor}" />
@@ -258,6 +258,7 @@
<format property="today-iso-8601" pattern="yyyy-MM-dd" locale="en"
timezone="UTC"/>
<format property="tstamp" pattern="HH:mm:ss" locale="en" timezone="UTC"/>
<format property="tstamp.file" pattern="yyyy-MM-dd HH:mm:ss"/>
+ <format property="tstamp.iso.release" pattern="yyyy-MM-dd'T'HH:mm:ssX"
timezone="UTC"/>
</tstamp>
<filterset id="version.filters">
<filter token="YEAR" value="${year}"/>
@@ -320,6 +321,7 @@
<include name="**/*.project"/>
<include name="**/*.properties"/>
<include name="**/*.properties.default"/>
+ <include name="**/*.properties.release"/>
<include name="**/*.svg"/>
<include name="**/*.tag"/>
<include name="**/*.tagx"/>
@@ -623,7 +625,6 @@
<exclude name="test/webapp/jsp/encoding/**"/>
<!-- Exclude developer specific local files -->
<exclude name="build.properties" />
- <exclude name="build-release.properties" />
<exclude name="res/maven/mvn.properties" />
</fileset>
<fileset dir="modules/jdbc-pool" >
@@ -1214,7 +1215,8 @@
<echo message="Building Tomcat JDBC pool libraries"/>
<ant antfile="${tomcat.jdbc.dir}/build.xml" dir="${tomcat.jdbc.dir}"
inheritAll="false" target="build">
- <property name="ant.tstamp.now" value ="${ant.tstamp.now}" />
+ <property name="ant.tstamp.now.iso" value ="${ant.tstamp.now.iso}" />
+ <property name="tstamp.file" value ="${tstamp.file}" />
<property name="tomcat.pool" value="${tomcat.pool}" />
<property name="tomcat.juli.jar" value="${tomcat-juli.jar}" />
<property name="skip.download" value="set"/>
@@ -2285,37 +2287,83 @@ skip.installer property in build.properties" />
<input message="Enter ASF username" addproperty="release.asfusername"
defaultValue="${user.name}" />
</target>
- <target name="pre-release" depends="-pre-release-lone-target-check,
-pre-release-read-asf-username" description="Prepares for a release build by
writing build-release.properties which contains information about the
release-build environment.">
- <tstamp>
- <format pattern="yyyy-MM-dd'T'HH:mm:ss'Z'" property="now-readable"
timezone="UTC" />
- </tstamp>
- <echo file="build-release.properties">
-# These ant.tstamp properties specify the build-timestamp for repeatable
builds.
-ant.tstamp.now.iso=${now-readable}
-# This is the ASF user who is the Release Manager for this release.
-release.asfusername=${release.asfusername}
-# Set the version-suffix to "" (empty string) as this is not a development
release.
-version.suffix=
-# Release build environment information:
-release.java.version=${java.version}
-release.java.vm.name=${java.vm.name}
-release.java.vm.version=${java.vm.version}
-release.os=${os.arch} ${os.name} ${os.version}
-release.default.file.encoding=${file.encoding}
-release.ant.version=${ant.version}
+ <target name="pre-release" depends="-pre-release-lone-target-check,
-pre-release-read-asf-username"
+ description="Prepares for a release build by writing
build.properties.release which contains information about the release-build
environment.">
+ <echo file="build.properties.release">#
-----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -----------------------------------------------------------------------------
+
+# This file was auto-generated by the pre-release Ant target
+
+# Set the version-dev to "" (empty string) as this is not a development
release.
+version.dev=
+
+# Ensure consistent timestamps for reproducible builds
+ant.tstamp.now.iso=${tstamp.iso.release}
+
+# Reproducible builds require the use of the build tools defined below. The
+# vendors (where appropriate) and versions must match exactly for a
reproducible
+# build since this data is embedded in various files, particularly JAR file
+# manifests, as part of the build process
+#
+# Apache Ant: ${ant.version}
+#
+# Java Name: ${java.vm.name}
+# Java Vendor: ${java.vm.vendor}
+# Java Version: ${java.vm.version}
+
+# The following is provided for information only. Builds will be repeatable
+# whether or not the build ennvironment in consistent with this information
+#
+# OS: ${os.arch} ${os.name} ${os.version}
+# File encoding: ${file.encoding}
+#
+# Release Manager: ${release.asfusername}
</echo>
- <echo>Wrote file build-release.properties</echo>
- <!-- Note that res/maven/mvn.properties is ignored by git and won't show
- up as a "new file". We use
${version.major}.${version.minor}.${version.build}
- instead of ${version} to explicitly remove the version suffix,
- because we are preparing a release build. -->
- <echo file="res/maven/mvn.properties">
-asf.ldap.username=${release.asfusername}
+ <echo file="res/maven/mvn.properties.release">#
-----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# -----------------------------------------------------------------------------
+
+# This file was auto-generated by the pre-release Ant target
+
+# Remove version-dev to from the version since this is not a development
release.
+maven.asf.release.deploy.version=${version.major}.${version.minor}.${version.build}${version.suffix}
+
+# Re-use the same GPG executable
gpg.exec=${gpg.exec}
-maven.asf.release.deploy.version=${version.major}.${version.minor}.${version.build}
+
+# Set the user name to use to upload the artefacts to Nexus
+asf.ldap.username=${release.asfusername}
</echo>
- <echo>Wrote file res/maven/mvn.properties</echo>
- <replace file="webapps/docs/changelog.xml" token="rtext="in
development"" value="rtext="release in progress"" />
+ <replace file="webapps/docs/changelog.xml"
+ token="rtext="in development""
+ value="rtext=""" />
</target>
<target name="release"
diff --git a/res/maven/README.txt b/res/maven/README.txt
index 3b2c0843d8..d686185cb1 100644
--- a/res/maven/README.txt
+++ b/res/maven/README.txt
@@ -16,12 +16,11 @@
================================================================================
General preparations before any publishing:
-1 - Generate a standard Tomcat release (ant release)
-2 - Copy mvn.properties.default to mvn.properties and adjust it as necessary.
- You will need to set asf.ldap.username and you'll probably need to set
- gpg.exec
- The other properties should be OK. Note: you will be prompted for your
- GPG pass-phrase and LDAP password when the script runs.
+1 - Generate a standard Tomcat release.
+ This will generate a mvn.properties.release file as part of the tag. It
+ should include the property settings required to complete the release.
+2 - Should any of the properties need to be overridden, create a
+ mvn.properties and override as necessary.
To publish a snapshot do the following:
1 - ant -f mvn-pub.xml deploy-snapshot
diff --git a/res/maven/mvn-pub.xml b/res/maven/mvn-pub.xml
index 867b53ee76..8d420f23bf 100644
--- a/res/maven/mvn-pub.xml
+++ b/res/maven/mvn-pub.xml
@@ -21,6 +21,7 @@
xmlns:unless="ant:unless">
<property file="${basedir}/mvn.properties"/>
+ <property file="${basedir}/mvn.properties.release"/>
<property file="${basedir}/mvn.properties.default"/>
<property name="local.repo" value="${user.home}/.m2/repository"/>
<property name="aether.checksums.algorithms"
value="MD5,SHA-1,SHA-256,SHA-512"/>
diff --git a/webapps/docs/changelog.xml b/webapps/docs/changelog.xml
index 7e24cbd497..352b0afbc3 100644
--- a/webapps/docs/changelog.xml
+++ b/webapps/docs/changelog.xml
@@ -105,6 +105,25 @@
issues do not "pop up" wrt. others).
-->
<section name="Tomcat 8.5.82 (schultz)" rtext="in development">
+ <subsection name="Other">
+ <changelog>
+ <update>
+ The minimum Ant version required to perform a release build for Tomcat
+ 8.5.x is now 1.10.2. (markt)
+ </update>
+ <add>
+ Add additional automation to the build process to reduce the number of
+ manual steps that release managers must perform. (schultz)
+ </add>
+ <add>
+ Implement support for reproducible builds. Reproducible builds are
+ independent of operating system but require the same Ant version and
+ same JDK (vendor and version) to be used as associated version
+ information is embedded in a number of build outputs such as JAR file
+ manifests. (markt)
+ </add>
+ </changelog>
+ </subsection>
</section>
<section name="Tomcat 8.5.81 (schultz)" rtext="release in progress">
<subsection name="Catalina">
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
