Page History

...

1. Verify the project builds cleanly via ./sbt "+test"
2. Verify the site builds cleanly via ./sbt makeSite
3. Verify the files pass the audit check via ./sbt auditCheck
4. Make sure you have a 4096-bit RSA PGP key for signing releases uploaded to a public PGP key repository (preferably pgp.mit.edu) as well as located in the KEYS file.

5. Configure sbt with your pgp key by first exporting into the old format for use by sbt-pgp by running gpg --export-secret-keys --armor --output ~/.sbt/gpg/secring.asc and then edit the file ~/.sbt/gpg.sbt with the following:

   Code Block
   language scala title gpg.sbt
   useGpg := true pgpSecretRing := Path.userHome / ".sbt" / "gpg" / "secring.asc" usePgpKeyHex("1234567887654321")

   
   

6. Configure your Apache credentials by writing to ~/.sbt/1.0/global.sbt with something like:

   Code Block
   language scala title global.sbt
   credentials += Credentials("Sonatype Nexus Repository Manager", "repository.apache.org", "username", "password")

   
   

Releasing

1. Run ./sbt release and answer the version number prompts.
   1. Close the staging release repository afterwards by logging in to https://repository.apache.org/#stagingRepositories and finding the appropriate orgapachelogging-NNNN repository.
2. Check out the created tag and run GPG_KEYID=mykeyid ./create-distributions.sh 11.1
   1. FIXME: binary distributions may not be signed by default; make sure to sign them! As a workaround, use the following bash script: cd target; for f in *.zip *.gz; do shasum -a 256 $f >$f.sha256; shasum -a 512 $f >$f.sha512; done
3. Commit those to https://dist.apache.org/repos/dist/dev/logging/log4j/scala for staging (removing previous release candidates as necessary).
4. Commit the site to github pages for viewing.
5. Perform a release email and follow the usual release process as Log4j Core does.