Page History

Before your first release, you should perform one-time configuration steps. This will set up your security keys for signing the release and access to various release repositories.

To prepare for each release, you should audit the project status in the JIRA issue tracker, and do necessary bookkeeping. Finally, you should create a release branch from which individual release candidates will be built.

One-time setup instructions

GPG Key

You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide release signing guidelines. If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines.

Determine your Apache GPG Key and Key ID, as follows:

gpg --list-keys

This will list your GPG keys. One of these should reflect your Apache account, for example:

--------------------------------------------------
pub   2048R/845E6689 2016-02-23
uid                  Nomen Nescio <anonymous@apache.org>
sub   2048R/BA4D50BE 2016-02-23

Here, the key ID is the 8-digit hex string in the pub line: 845E6689.

Now, add your Apache GPG key to the Flink’s KEYS file in the release repository at dist.apache.org. Follow the instructions listed at the top of these files. (Note: Only PMC members have write access to the release repository. If you end up getting 403 errors ask on the mailing list for assistance.)

Configure git to use this key when signing code by giving it your key ID, as follows:

git config --global user.signingkey 845E6689

You may drop the --global option if you’d prefer to use this key for the current repository only.

You may wish to start gpg-agent to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent varies based on operating system, but may be something like this:

eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
export GPG_TTY=$(tty)
export GPG_AGENT_INFO

Access to Apache Nexus repository

Configure access to the Apache Nexus repository, which enables final deployment of releases to the Maven Central Repository.

1. You log in with your Apache account.
2. Confirm you have appropriate access by finding org.apache.flink under Staging Profiles.
3. Navigate to your Profile (top right dropdown menu of the page).
4. Choose User Token from the dropdown, then click Access User Token. Copy a snippet of the Maven XML configuration block.

5. Insert this snippet twice into your global Maven settings.xml file, typically ${HOME}/.m2/settings.xml. The end result should look like this, where TOKEN_NAME and TOKEN_PASSWORDare your secret tokens:

   Code Block
   language xml title settings.xml
   <settings> <servers> <server> <id>apache.releases.https</id> <username>TOKEN_NAME</username> <password>TOKEN_PASSWORD</password> </server> <server> <id>apache.snapshots.https</id> <username>TOKEN_NAME</username> <password>TOKEN_PASSWORD</password> </server> </servers> </settings>

   
   

Website development setup

Get ready for updating the Flink website by following the website development instructions.

Create a new version in JIRA

When contributors resolve an issue in JIRA, they are tagging it with a release that will contain their changes. With the release currently underway, new issues should be resolved against a subsequent future release. Therefore, you should create a release item for this subsequent release, as follows:

1. In JIRA, navigate to the Flink > Administration > Versions.
2. Add a new release: choose the next minor version number compared to the one currently underway, select today’s date as the Start Date, and choose Add.

(Note: Only PMC members have access to the project administration. If you do not have access, ask on the mailing list for assistance.)

Triage release-blocking issues in JIRA

There could be outstanding release-blocking issues, which should be triaged before proceeding to build a release candidate. We track them by assigning a specific Fix version field even before the issue resolved.

The list of release-blocking issues is available at the version status page. Triage each unresolved issue with one of the following resolutions:

• If the issue has been resolved and JIRA was not updated, resolve it accordingly.
• If the issue has not been resolved and it is acceptable to defer this until the next release, update the Fix Version field to the new version you just created. Please consider discussing this with stakeholders and the dev@ mailing list, as appropriate.
• If the issue has not been resolved and it is not acceptable to release until it is fixed, the release cannot proceed. Instead, work with the Flink community to resolve the issue.

Review and update documentation

There are a few pages in the documentation that need to be reviewed and updated for each release.

• Ensure that there exists a release notes page for each non-bugfix release (e.g., 1.5.0) in ./docs/release-notes/, that it is up-to-date, and linked from the start page of the documentation.
• Upgrading Applications and Flink Versions: https://ci.apache.org/projects/flink/flink-docs-master/ops/upgrading.html
• please extend this list.

Unless the pages have not been updated before, please create a JIRA ticket and mark it as release blocker.

Review Release Notes in JIRA

JIRA automatically generates Release Notes based on the Fix Version field applied to issues. Release Notes are intended for Flink users (not Flink committers/contributors). You should ensure that Release Notes are informative and useful.

Open the release notes from the version status page by choosing the release underway and clicking Release Notes.

You should verify that the issues listed automatically by JIRA are appropriate to appear in the Release Notes. Specifically, issues should:

• Be appropriately classified as Bug, New Feature, Improvement, etc.
• Represent noteworthy user-facing changes, such as new functionality, backward-incompatible API changes, or performance improvements.
• Have occurred since the previous release; an issue that was introduced and fixed between releases should not appear in the Release Notes.
• Have an issue title that makes sense when read on its own.

Adjust any of the above properties to the improve clarity and presentation of the Release Notes.

Ensure that the JIRA release notes are also included in the release notes of the documentation (see section "Review and update documentation").

Content of Release Notes field from JIRA tickets 

To get the list of "release notes" field from JIRA, you can ran the following script using JIRA REST API:

curl -s https://issues.apache.org/jira//rest/api/2/search?jql=project%20%3D%20FLINK%20AND%20%22Release%20Note%22%20is%20not%20EMPTY%20and%20fixVersion%20%3D%201.11.0 | jq '.issues[]|.key,.fields.summary,.fields.customfield_12310192' | paste - - -

Were last parameter passed in curl in jql is fixVersion%20%3D%201.11.0  defines tickets for which fix version will be searched for (in this case it is 1.11.0) .  

jq  is present in most Linux distributions and on MacOS can be installed via brew.

Verify that a Release Build Works

Run mvn -Prelease clean install to ensure that the build processes that are specific to that profile are in good shape.

Create a release branch

Release candidates are built from a release branch. As a final step in preparation for the release, you should create the release branch, push it to the code repository (you should probably do this once the whole process is done), and update version information on the original branch.

Set up a few environment variables to simplify Maven commands that follow. (We use bash Unix syntax in this guide.)

RELEASE_VERSION="1.5.0"
SHORT_RELEASE_VERSION="1.5"
CURRENT_SNAPSHOT_VERSION="$SHORT_RELEASE_VERSION-SNAPSHOT"
NEXT_SNAPSHOT_VERSION="1.6-SNAPSHOT"
SHORT_NEXT_SNAPSHOT_VERSION="1.6"

Most of the following commands have to be executed in the tools directory, we will prefix the command prompt to make this explicit.

If you are doing a new major release, create a branch for the new version that we want to release before updating the master branch to the next development version:

tools $ releasing/create_snapshot_branch.sh
tools $ git checkout master
tools $ OLD_VERSION=$CURRENT_SNAPSHOT_VERSION NEW_VERSION=$NEXT_SNAPSHOT_VERSION releasing/update_branch_version.sh

If you're creating a new minor release, you will skip the above step and simply check out the the already existing branch for that version:

tools $ git checkout release-$SHORT_RELEASE_VERSION
tools $ OLD_VERSION=$CURRENT_SNAPSHOT_VERSION NEW_VERSION=$NEXT_SNAPSHOT_VERSION releasing/update_branch_version.sh

If this is a major release, the newly created branch needs to be pushed to the official repository. Afterwards fork off the dev-master  a dev-x.y  branch in the https://github.com/apache/flink-docker repository. Make sure {{flink-docker/testing/run_travis_tests}} points to a correct snapshot version.

After pushing the new major release branch, as the last step you should also update the documentation build bot to also build the documentation for the new release branch. Check Managing Documentation on details on how to do that. You may also want to manually trigger a build to make the changes visible as soon as possible.

The rest of this guide assumes that commands are run in the root (or tools directory) of a repository on the branch of the release version with the above environment variables set.

Checklist to proceed to the next step

1. Release Manager’s GPG key is published to dist.apache.org
2. Release Manager’s GPG key is configured in git configuration
3. Release Manager has org.apache.flink listed under Staging Profiles in Nexus
4. Release Manager’s Nexus User Token is configured in settings.xml
5. JIRA release item for the subsequent release has been created
6. There are no release blocking JIRA issues
7. Release Notes in JIRA have been audited and adjusted
8. Release branch has been created and pushed if it is a major release.
9. Originating branch has the version information updated to the new version
10. (major/minor only) Jenkins deployment updated to create snapshot artifacts for release branch (see here)
11. (major/minor only) Cron end-to-end-tests branch setup for release branch
12. (major only) Make sure flink-docker has dev-x.y branch and docker e2e tests run against this branch
13. (major/minor only) Update upgrade compatibility table (docs/ops/upgrading.md.
14. docs/config.toml has been updated appropriately.
15. The new documentation for major releases is visible under https://ci.apache.org/projects/flink/flink-docs-release-$SHORT_RELEASE_VERSION (after at least one doc build finishes).
16. The new documentation for major releases do not contain "-SNAPSHOT" in its version title, and all links refer to the corresponding version docs instead of master.

The core of the release process is the build-vote-fix cycle. Each cycle produces one release candidate. The Release Manager repeats this cycle until the community approves one release candidate, which is then finalized.

Build and stage Java and Python artifacts

Set up a few environment variables to simplify Maven commands that follow. This identifies the release candidate being built. Start with RC_NUM equal to 1 and increment it for each candidate.

RC_NUM="1"
TAG="release-${RELEASE_VERSION}-rc${RC_NUM}"

Now, create a release branch:

$ cd tools
tools $ OLD_VERSION=$CURRENT_SNAPSHOT_VERSION NEW_VERSION=$RELEASE_VERSION RELEASE_CANDIDATE=$RC_NUM releasing/create_release_branch.sh

Tag the release commit:

git tag -s ${TAG} -m "${TAG}"

We now need to do several things:

• Create the source release archive
• Deploy jar artefacts to the Apache Nexus Repository, which is the staging area for deploying the jars to Maven Central
• Build PyFlink wheel packages (since 1.11)
• Create binary convenience releases for different Hadoop versions

You might want to create a directory on your local machine for collecting the various source and binary releases before uploading them. Creating the binary releases is a lengthy process but you can do this on a another machine (for example, in the "cloud"). When doing this, you can skip signing the release files on the remote machine, download them to your local machine and sign them there.

First, we build the source release:

tools $ RELEASE_VERSION=$RELEASE_VERSION releasing/create_source_release.sh

Next, we stage the maven artifacts:

tools $ releasing/deploy_staging_jars.sh

Review all staged artifacts (https://repository.apache.org/). They should contain all relevant parts for each module, including pom.xml, jar, test jar, source, test source, javadoc, etc. Carefully review any new artifacts.

Close the staging repository on Apache Nexus. When prompted for a description, enter “Apache Flink, version X, release candidate Y”.

Then, you need to build the PyFlink wheel packages.(since 1.11) 

1. Firstly, you need to set up an azure pipeline in your own Azure account. You can refer to Azure Pipelines for more details on how to set up azure pipeline for a fork of the Flink repository. Note that a google cloud mirror in Europe is used for downloading maven artifacts, therefore it is recommended to set your Azure organization region to Europe to speed up the downloads.

2. Secondly, you need to push the release candidate branch to your forked personal Flink repository, e.g.

   Code Block
   language bash
   tools $ git push <remote> refs/heads/release-${RELEASE_VERSION}-rc${RC_NUM}:release-${RELEASE_VERSION}-rc${RC_NUM}

   
   

3. Thirdly, you need to trigger the Azure Pipelines manually to build the PyFlink wheel packages
   
   1. Click the "Run pipeline" button on the top right
   2. Select your branch / commit, and click on "Variables"
   3. Then click "Add Variable" bottom, fill the name with "MODE", and the value with "release". Click "Create" to set the variable, then go back to the "Run pipeline" screen and trigger the build.
   4. You should now see a build where only the "CI build (release)" is running
      
4. Lastly, you need to download the PyFlink wheel packages from the build result page after the jobs of "build_wheels mac" and "build_wheels linux" have finished.
   1. Download the PyFlink wheel packages
      1. Open the build result page of the pipeline
      2. Go to the `Artifacts` page (build_wheels linux -> 1 artifact)
      3. Click `wheel_Darwin_build_wheels mac` and `wheel_Linux_build_wheels linux` separately to download the zip files

   2. Unzip these two zip files

      Code Block
      language bash
      $ cd /path/to/downloaded_wheel_packages $ unzip wheel_Linux_build_wheels\ linux.zip $ unzip wheel_Darwin_build_wheels\ mac.zip

      
      

   3. Create directory `dist` under the directory of flink-python

      Code Block
      language bash
      $ cd <flink-dir> $ mkdir flink-python/dist

      
      

   4. Move the unzipped wheel packages to the directory of flink-python/dist

      Code Block
      language bash
      $ mv /path/to/wheel_Darwin_build_wheels\ mac/* flink-python/dist/ $ mv /path/to/wheel_Linux_build_wheels\ linux/* flink-python/dist/ $ cd tools

      
      

Finally, we create the binary convenience release files:

tools $ RELEASE_VERSION=$RELEASE_VERSION releasing/create_binary_release.sh

If you want to run this step in parallel on a remote machine you have to make the release commit available there (for example by pushing to a repository). This is important: the commit inside the binary builds has to match the commit of the source builds and the tagged release commit. When building remotely, you can skip gpg signing by setting  SKIP_GPG=true. You would then sign the files manually after downloading them to your machine:

for f in flink-*-bin*.tgz; do gpg --armor --detach-sig $f; done

gpg --armor --detach-sig apache-flink-*.tar.gz

The release manager need to make sure the PyPI project `apache-flink` and `apache-flink-libraries` has enough available space for the python artifacts. The remaining space must be larger than the size of `tools/releasing/release/python`. Login with the PyPI admin account (account info is only available to PMC members) and check the remaining space in project settings. 

Request an increase if there's not enough space. Note, it could take some days for PyPI to review our request. 

Stage source and binary releases on dist.apache.org

Copy the source release to the dev repository of dist.apache.org.

1. If you have not already, check out the Flink section of the dev repository on dist.apache.org via Subversion. In a fresh directory:

   Code Block
   language bash
   svn checkout https://dist.apache.org/repos/dist/dev/flink --depth=immediates

   
   

2. Make a directory for the new release:

   Code Block
   language bash
   mkdir flink/flink-${RELEASE_VERSION}-rc${RC_NUM}

   Copy Flink source/binary distributions, hashes, and GPG signature and the python subdirectory:

   Code Block
   mv <flink-dir>/tools/releasing/release/* flink/flink-${RELEASE_VERSION}-rc${RC_NUM}

   
   

3. Add and commit all the files.

   Code Block
   language bash
   cd flink svn add flink-${RELEASE_VERSION}-rc${RC_NUM} svn commit

   
   

4. Verify that files are present

(Push the release tag)

If you haven't pushed the release tag yet, here's the command:

git push <remote> refs/tags/release-${RELEASE_VERSION}-rc${RC_NUM}

Propose a pull request for website updates

The final step of building the candidate is to propose a website pull request.

Start by updating the variables for the latest released version in the top-level _config.tomlyml, (this should've been done when creating a new branch for the release) and list the new release in downloads.md, linking to the source code download and the Release Notes in JIRA. Also add a new blog entry announcing the release in _posts.

Finally, propose a pull request with these changes. (Don’t merge before finalizing the release.)

Checklist to proceed to the next step

1. Maven artifacts deployed to the staging repository of repository.apache.org
2. Source distribution deployed to the dev repository of dist.apache.org
3. Website pull request proposed to list the release
4. Check docs/config.toml to ensure that
   • the version constants refer to the new version
   • the baseurl does not point to flink-docs-master  but flink-docs-release-X.Y instead

You can (optionally) also do additional verification by:

1. Check hashes (e.g. shasum -c *.sha512)

2. Check signatures (e.g. gpg --verify flink-1.2.3-source-release.tar.gz.asc flink-1.2.3-source-release.tar.gz)
3. grep for legal headers in each file.