Making releases (TUSCANY) edited by Simon Laws
Page: http://cwiki.apache.org/confluence/display/TUSCANY/Making+releases
Changes:
http://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=60576&originalVersion=15&revisedVersion=16
Content:
---------------------------------------------------------------------
{section:border=false}
{column:width=15%}
{include: Menus}
{column}
{column:width=85%}
h3. Getting Ready
[Setting up ssh]
[Create signing key]
[Get hold of RAT]
h3. Useful Resources
[Incubator release best practice |
http://incubator.apache.org/guides/releasemanagement.html#best-practice]
[Incubator Policy |
http://incubator.apache.org/incubation/Incubation_Policy.html]
[ASF Developer Guide | http://www.apache.org/dev/]
[ASF Release FAQ | http://www.apache.org/dev/release.html]
[ASF Release Licensing FAQ | http://www.apache.org/dev/release.html#license]
[ASF Release Signing | http://www.apache.org/dev/release-signing.html]
[ASF Comitters Guide | http://www.apache.org/dev/new-committers-guide.html#pgp]
[Henk's ASF Key Guide | http://people.apache.org/~henkp/]
[Surfnet Key Server | http://pgp.surfnet.nl/]
[MIT Key Server | http://pgp.mit.edu/]
[Raymond's release script|
http://svn.apache.org/repos/asf/incubator/tuscany/java/etc/release-sca.sh]
h3. High Level Check List
(/) Check that all RELEASE-NOTES and READMEs etc have the right release number
and date
(/) Check that the RAT output doesn't report missing or non-ASF licenses other
than for files that can't have ASF licenses.
(/) Check that all files (that need it) have the ASF copyright and it's the
right date
(/) Check that the LICENSE and NOTICE files appear at the top level of source
distro
(/) Check that the LICENSE and NOTICE files appear at the top level of binary
distro
(/) Check that the LICENSE and NOTICE files appear at the top level of all
/maven modules that will be distributed (these are the tricky ones as they get
copied when people add new modules)
(/) Check that LICENSE files have a copy of all third part licenses for the
files in directories below them (jar name and version to which license relates
must be clearly marked. Use the list from the distribution lib dir)
(/) Check that NOTICE files have a copy of all of the copyright statements for
the files in directories below the. You have to go through all dependency
jars/files that have been copied in and check
(/) Check that the signatures are in the right format
(/) Check that your signing key is in the KEYS file and in an external repo
(/) Check that there are no SNAPSHOT dependencies still in the distribution
(/) Check that there is no junk left in the distributions (.log, .tmp, .bak etc)
(/) Check that the distribution match the tag as far as possible. (Our NOTICE
files have the module name dropped in automatically so don't match and we don't
ship svg files)
(/) Check that the manifests in the jars that we produce have enough
information (name of product and version. Scripts below should do this).
(/) Check that the project depends on the smallest number of versions of each
third party jar
h3. Detailed Release Process
The borrows many of the commands from [Raymond's release
script|http://svn.apache.org/repos/asf/incubator/tuscany/java/etc/release-sca.sh]
but with a bit more explanation and a few extra useful commands. The commands
here we taken from when release 1.1 RC3a was under preparation. It's also fair
to say that it's unlikely that you will want to run all of these commands in
sequence as you generally end up repeating sections as release preparation
progresses.
h4. Call for release
At some point someone in the community will call for a release based on the
features and fixes that have been under development in the trunk. Typically the
first stage in the release process is to decide on who is going to be the
release manager, i.e. who is going to ensure that all the steps are taken to
ensure a good release. This will typical involve someone volunteering and a
vote on the dev list. The next thing is the create a branch where the code can
be stabalized and testing can start on the release artifacts. It's useful to
try and ensure that the code is complete as possible and that all the samples
run before the branch is created. This removes the need for a lot of double
fixing between the branch and the trunk.
h4. Create the branch
{code}
svn copy https://svn.apache.org/repos/asf/incubator/tuscany/java/sca
https://svn.apache.org/repos/asf/incubator/tuscany/branches/sca-java-1.1 -m
"Branch for 1.1"
{code}
Once the branch is created the version number in trunk can be updated.
h4. Fix up the branch work
First checkout the branch so that you can work on it. These commands assume
that a local directory called "branches" is present.
{code}
cd branches
svn co
https://svn.apache.org/repos/asf/incubator/tuscany/branches/sca-java-1.1/
1.1-RC3a
{code}
Remove all the files that are not going to be part of the release, test all the
samples and check all of the LICENSE and NOTICE files.
Check dependencies are as you would expect them to be. In particular check that
we aren't depending on many different versions of third part jars. If we are
this has the side effect of messing up the generated build files. If module A
depends on x.jar v1.2 and module B depends on x.jar v1.3 then when a build file
that is generated for a sample that only depends on module A the stated x.jar
dependency will be v1.2. Of course the distribution build will make sure that
only v1.3 is actually shipped and so the ant build will fail. (TODO - need
better automation)
{code}
cd sca
mvn -o -Pdependencies -Dmaven.test.skip=true
find . -name dependency.txt -exec cat '{}' >> deptotal.txt \;
{code}
Use you favorite spreadsheet tool to open deptotal.txt and order on the first
column to see across the project what dependencies we have on what
libraries/versions.
Once the branch is at the stage where a release candidate can be created for
testing prepare to make a tag.
h4. Create Tag 1.1-RC3a
These commands assume that a local directory called "tags" is present.
{code}
cd tags
svn co
https://svn.apache.org/repos/asf/incubator/tuscany/branches/sca-java-1.1/
1.1-RC3a
{code}
Notice that all we are doing here is just checking out the branch again. This
allows any last minute fixes to be taken from the branch in subversion and
allows the version numbers in the tag to be corrected without affecting the
branch, assuming that more than one tag will be required to complete the
release process.
h4. Change the version ID
The "-SNAPSHOT" is removed from the end of the version string. This ensures
that the only thing building with the release version number on your PC is the
tag being tested.
{code}
cd tags/1.1-RC3a
for i in `/usr/bin/find . -name "*.xml"`; do if grep 1.1-incubating-SNAPSHOT
$i>/dev/null; then sed "s/1.1-incubating-SNAPSHOT/1.1-incubating/g" $i
>/tmp/tmp.xml; cp /tmp/tmp.xml $i; fi; done
{code}
h4. Generate the RAT report
Create the report.
{code}
cd tags
java -jar C:\simon\apps\rat-0.5.1\rat-0.5.1.jar 1.1-RC3a > rat-1.1-RC3a.txt
{code}
Copy the report up onto the staging repo. You should of course check the
report at this stage.
{code}
scp rat-1.1-RC3a.txt [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
{code}
{note:title="Tips}
If you need to regenerate the RAT report after you have started on the steps
that follow run "mvn clean" first to avoid complains about the files under
target folders
{note}
h4. Build from top level
{code}
cd tags/1.1-RC3a
mvn -o clean install
{code}
h4. Build the demos
{code}
cd tags/1.1-RC3a/demos
mvn -fae -o clean install
{code}
h4. Build distribution
{code}
cd tags/1.1-RC3a/distribution
mvn -o clean install
{code}
Check that the "all" jar is in place as with some JDKs this step fails
intermittently
h4. Copy the distribution to somewhere and try it
Try all the samples/demos
{code}
ant run
{code}
and
{code}
ant build
ant run
{code}
The war samples are currently to be tested with
- Tomcat 5.5.20 and Tomcat 6.0.14
- Jetty 6.1.3
- Geronimo 2.0.2 Tomcat6 jee5
- WebSphere 6.1 fix pack 9+
Clean you local repo of SCA modules and compile the source distro and run some
samples to
Check for copyrights in the code to ensure that are what you are expecting
{code}
grep -iR Copyright *
{code}
check all the NOTICE files
{code}
for i in `find . -name NOTICE`; do echo XXXXXXXXXXXXXXXXXXXXXXXXXXXX; echo $i;
cat $i; done > ../tmp
{code}
Check for any SNAPSHOTS left in by mistake
{code}
grep -r --include=*.xml SNAPSHOT *
{code}
Check the LICENSE file against what is provided in the distributions. There is
no automation for this bit.
Check for junk included by accident
{code}
find . -name log -print
find . -name work -print
find . -name lck -print
find . -name activemq-data -print
find . -name temp -print
find . -name tmp -print
{code}
Once you are happy with the release artifacts you can sign them and make them
available from review.
h4. Sign the artifacts
Linux
{code}
cd tags/1.1-RC3a/distribution/target
for i in *.zip *.gz; do gpg --output $i.asc --detach-sig --armor $i; done
for i in *.zip *.gz; do openssl md5 -hex $i | sed 's/MD5(\([^)]*\))=
\([0-9a-f]*\)/\2 *\1/' > $i.md5; done
{code}
Windows:
{code}
for %A in (*.zip) do gpg --output %A.asc --detach-sig --armor %A
for %A in (*.gz) do gpg --output %A.asc --detach-sig --armor %A
for %A in (*.zip) do gpg --print-md md5 %A > %A.md5
for %A in (*.gz) do gpg --print-md md5 %A > %A.md5
{code}
The commands above should produce artifacts of an appropriate format, as
follows.
md5 should look like
{code}
8fb7cb398063ed0dffa414168468fffc *apache-tuscany-sca-1.1-incubating.zip
{code}
asc should look like
{code}
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQBHnLGGE8fTrnkHPxIRAqPmAJ4tOR6W663FKCXHPi1GlLBWDyZwJgCeMqbb
68DOq0YsU/O7kJsBHuZXhJw=
=elh0
-----END PGP SIGNATURE-----
{code}
h4. Put the artifacts up in your home directory on people.apache.org
{code}
cd tags/1.1-RC3a/distribution/target
scp *.asc [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
scp *.md5 [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
scp *.zip [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
scp *.gz [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
{code}
{code}
cd tags/1.1-RC3a/distribution/src/main/release
scp RELEASE_NOTES [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
scp CHANGES [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
{code}
h4. Check permissions on the files
{code}
chmod 644 *.zip
chmod 644 *.gz
chmod 644 *.txt
{code}
h4. Deploy the maven artifacts
{code}
cd tags/1.1-RC3a
mvn -N
-DaltDeploymentRepository=apache.incubator::default::scp://people.apache.org/home/slaws/public_html/tuscany/1.1-RC3a/maven
verify gpg:sign install:install deploy:deploy -Dgpg.passphrase=
cd tools
mvn clean
mvn
-DaltDeploymentRepository=apache.incubator::default::scp://people.apache.org/home/slaws/public_html/tuscany/1.1-RC3a/maven
verify gpg:sign install:install deploy:deploy -Dgpg.passphrase=
cd modules
mvn clean
mvn
-DaltDeploymentRepository=apache.incubator::default::scp://people.apache.org/home/slaws/public_html/tuscany/1.1-RC3a/maven
verify gpg:sign install:install deploy:deploy -Dgpg.passphrase=
{code}
h4. Deploy the all jar
{code}
cd tags/1.1-RC3a/distribution/bundle/target
mvn gpg:sign-and-deploy-file -DgroupId=org.apache.tuscany.sca
-DartifactId=tuscany-sca-all -Dversion=1.1-incubating -Dpackaging=jar
-Dfile=tuscany-bundle-1.1-incubating.jar -DrepositoryId=apache.incubator
-Durl=scp://people.apache.org/home/slaws/public_html/tuscany/1.1-RC3a/maven
-Dkeyname=slaws -Dpassphrase=
{code}
h4. Check that the Maven artifacts work
Point you maven build at your p.a.o dir as a temporary mirror, for example, add
mirror element to the settings.xml file (usually found at .m2/settings)
{code}
<mirrors>
<mirror>
<id>ant.staging</id>
<url>http://people.apache.org/~slaws/tuscany/1.1-RC3a/maven</url>
<mirrorOf>apache.incubator</mirrorOf>
</mirror>
</mirrors>
{code}
Clean you local SCA artifacts and use maven to compile samples and see if they
run.
h4. Check in the tag
{code}
svn copy 1.1-RC3a
https://svn.apache.org/repos/asf/incubator/tuscany/tags/java/sca/1.1-RC3a/ -m
"Tag for 1.1-RC3a"
{code}
h4. Start voting
The PPMC will vote first. This may give rise to a new release candidate being
required. If so you need to go back and start at the "Create Tag" step but
using the next RC number.
Once the PPMC vote is complete the vote is moved across to the IPMC. Once all
the votes are complete the artifacts that have been voted on can be release.
h4. Once all the voting is complete
Copy the artifacts up to www.apache.org/dist/incubator/tuscany.
Also check that the KEYS file is up to date.
{code}
scp KEYS [EMAIL PROTECTED]:public_html/tuscany/1.1-RC3a
{code}
h4. Copy the staging repo to the live incubating repo
{code}
mvn stage:copy
-Dsource="http://people.apache.org/~slaws/tuscany/1.1-RC3a/maven";
-Dtarget="scp://people.apache.org/www/people.apache.org/repo/m2-incubating-repository"
-Dversion=1.1
{code}
You'll need the maven stage plugin to do this. Since maven-stage-plugin is not
published, the release manager should checkout the source for the plugin and
build it.
{code}
http://svn.apache.org/repos/asf/maven/plugins/trunk/maven-stage-plugin/
{code}
h4. Check the permissions in the repo
There is a script in the SNAPSHOT report that sets the permissions correctly.
{code}
cd /www/people.apache.org/repo/m2-incubating-repository/org/apache
/tuscany/sca]
/www/people.apache.org/repo/m2-snapshot-repository/fix-permissions.sh
{code}
h4. Copy the release candidate tag to the final tag name.
{code}
svn copy
https://svn.apache.org/repos/asf/incubator/tuscany/tags/java/sca/1.1-RC3a/
https://svn.apache.org/repos/asf/incubator/tuscany/tags/java/sca/1.1 -m "Copy
1.1-RC3a tag as 1.1"
{code}
{column}
{section}
---------------------------------------------------------------------
CONFLUENCE INFORMATION
This message is automatically generated by Confluence
Unsubscribe or edit your notifications preferences
http://cwiki.apache.org/confluence/users/viewnotifications.action
If you think it was sent incorrectly contact one of the administrators
http://cwiki.apache.org/confluence/administrators.action
If you want more information on Confluence, or have a bug to report see
http://www.atlassian.com/software/confluence
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
