Versions Compared

Old Version 50

changes.mady.by.user Steve Lawrence

Saved on

compared with

New Version 51

changes.mady.by.user Steve Lawrence

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Build the Daffodil release candidate image:

    Code Block
    languagebash
    $ podman build -t daffodil-release-candidate /path/to/daffodil.git/containers/release-candidate/

    This may take 20-30 minutes the first time, but should be significantly faster in subsequent runs unless something changes in the image where a full rebuild is needed.
        

  2. Run the daffodil release candidate container:

    Code Block
    languagebash
    $ podman run -it \
    -v ~/.gitconfig:/root/.gitconfig \
    -v ~/.gnupg/:/root/.gnupg/ \
    -v ~/.ssh/:/root/.ssh/ \
    daffodil-release-candidate

    Note that the -v option is used to bind mount files/directories from the host system in the container so the container has access to git configurations and gpg/ssh keys.

      

  3. The container will periodically ask for user input (e.g. usenames, passwords) to sign and publish release files. This includes:
      

    1. Release candidate label. For example: rc1 if this is the first release candidate
        
    2. Long format of your signing key ID. This can be found by running gpg --list-secret-keys --keyid-format long 
        
    3. Git commit name and email (e.g. "John Doe" and "john.doe@company.com"). This is the name and email you want to show up as the "ComitterCommitter" when creating the release script creates a git tag or commit, which could potentially be different than what is the the bind mounted .gitconfig  file. This is not your github or Apache credentialsGitHub or Apache credentials--simply the name and email address you use for Daffodil commits.
       
    4. Apache username and password. This is the username and password credentials used to log in at https://id.apache.org.
       
    5. GitHub SSH key password. The Daffodil repository will be cloned using SSH authentication. If your SSH key is password protected, you may be prompted for that password.
        
    6. Private GPG password. The release process will sign artifacts with your GPG key–you will be prompted for a password to sign these artifacts.
        

  4. After entering the necessary information, this script will perform the following actions:

    1. Create a zip of the source

    2. Create tgz, zip, msi, and rpm of the helper binary

    3. Create sha256 and sha512 checksum and ASCII armored detached signatures of the above files

    4. Place the above files to the Apache dist dev directory. This svn files are not comitted until further action is taken.

    5. Create javadoc and scaladoc and move to the daffodil site repository docs directory for this release, and create a commit. This commit is not pushed until further action is taken.

    6. Create a signed git tag. This tag is not pushed until further action is taken.

    7. Stage jars/poms to https://repository.apache.org
        
  5. Once the script completes, you should verify all the exiistence generated files. Note The script will list the files and locations to verify. This includes:

    1. Verify the checksums and signatures are created in the Apache

      dist directories are correct

      dist directories and are read for commit, for example:

      Code Block
      $ cd /root/incubator-daffodil-dist/
$ ls -R
$ svn status

        

    2. Verify the git tag is on the correct commit in the Daffodil repo, for example:

      Code Block
      languagebash
      $ git -C /root/incubator-daffodil/ log -1 v2.0.0-rc1 

        

    3. Verify the javadoc and scala docs in the daffodil site repository exist, for example:

      Code Block
      languagebash
      $ git -C /root/incubator-daffodil-site/ log -1


    4. Verify the all the expected Verify the staged jars/poms at https://repository.apache.org/ are correct exist.

      To do so, visit that url, login in the top right using id.apache.org credentials, select "Staging Repositories" on the left, and find the orgapachedaffodil-XXXX repository. Inspect the "Content" tab to make sure the appropriate jars are uploaded and appear valid.
      Verify the git tag is correct
      Verify the javadoc and scala docs in the daffodil site repository are correctjars are uploaded and appear valid.
      
  6. If any of the above do not look correct, perform the following steps:
      
    1. Drop the published jars/poms (at https://repository.apache.org -- check the box for the staging repository just created and choose "Drop" at the top)
       
    2. Type exit  to close the container. All files/commits created in the container will be deleted.
       
    3. Fix the issue and repeat the "Create Release Candidate" process from the beginning.
        
  7. After verifying all is correct, follow the instructions to complete the release candidate. The These steps include:
       

    1. Run the command:

       

      Code Block
      languagebash
      $ /root/complete-release
       
      All the previous commands have prepared commits and tags in the three repositories (Apache Dist, Daffodil, and Site). Running this command will push those commits and tag to the remote repositories.
        
    2. Close the staged file at https://repository.apache.org
          
    3. Type exit  to close the container.
...