[
https://issues.apache.org/jira/browse/DRILL-7230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17009102#comment-17009102
]
ASF GitHub Bot commented on DRILL-7230:
---------------------------------------
vvysotskyi commented on pull request #1937: DRILL-7230: Add README.md with
instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363417007
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do
the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we
*must* include in the release, please post in reply to this thread. Based on
your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss
possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge
into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to
1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on
http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill
~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC
member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the
release.
+ 1. Read [Apache docs for release
signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't
done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key
MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing
parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache
email.
+ 7. Publish your public key to a public server (e.g.
http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model
always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill
sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the
beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in
`https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill
~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to
KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and
password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key
from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running
`ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple
machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the
following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your
`~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to
`~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and
`security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master
password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP
password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an
automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone g...@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false
-DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true
-Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0
-DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the
correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details
at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and
checksum
+ (see details at
https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh
target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh
distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform
-DconnectionUrl=scm:git:g...@github.com:vvysotskyi/drill.git -DskipTests
-Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true
-DconnectionUrl=scm:git:g...@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add
`-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform
-DconnectionUrl=scm:git:g...@github.com:vvysotskyi/drill.git -DskipTests
-Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true
-DconnectionUrl=scm:git:g...@github.com:vvysotskyi/drill.git
-Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests
-Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp
~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz*
~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip*
~/release/1.17.0-rc0/ \
+ cp
~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz*
~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh
~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh
~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh
~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/*
<username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
Review comment:
Thanks, fixed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
> Add README.md with instructions for release
> -------------------------------------------
>
> Key: DRILL-7230
> URL: https://issues.apache.org/jira/browse/DRILL-7230
> Project: Apache Drill
> Issue Type: Sub-task
> Components: Tools, Build & Test
> Reporter: Sorabh Hamirwasia
> Assignee: Vova Vysotskyi
> Priority: Major
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
