...
- Create a release branch
Clone fresh repository copy
Code Block git clone https://git-wip-us.apache.org/repos/asf/sentry.git cd sentry
Checkout master branch
Code Block git checkout master
Check that current HEAD points to commit on which you want to base new release branch. Checkout particular commit if not.
Code Block git log # Check current branch history. HEAD should point to commit that you want to be base for your release branch git checkout abcdef123 # Check out particular commit that should be base for release branch if -^
Create new release branch with name "branch-$version"
Code Block git checkout -b branch-X.Y.Z
Update CHANGELOG in the trunk to indicate the changes going into the new version.
The change list can be swiped from the JIRA release note tool (use the "text" format for the change log). See JIRA Cleanup above to ensure that the release notes generated by this tool are what you are expecting.
RM should update the year of the file "NOTICE.txt".
Remove -SNAPSHOT from the release branch and commit
Code Block mvn versions:set -DnewVersion=X.Y.Z -DgenerateBackupPoms=false git add . git commit -m "SENTRY-XXXX: Removing -SNAPSHOT from X.Y release branch"
Check your changes and push new branch to Apache repository. "repository name" is the name of the repository, for example "origin".
Code Block mvn -U clean package -Pdownload-hadoop -Pdist -s <settings.xml> git push <repository name> origin branch-X.Y.Z
Check that branch was correctly propagated to Apache repository.
Prepare the master for next release (TODO: update change log?)
Code Block git checkout master mvn versions:set -DnewVersion=<X.Y.Z+1>-SNAPSHOT -DgenerateBackupPoms=false git add . git commit -m "SENTRY-XXXX: Preparing for sentry <Release name> development" git push origin master:master
- Send an email announcing new branch
No Format To: dev@sentry.apache.org Subject: New sentry release branch-X.Y I've just created new release branch for upcoming <Release name> release. Please continue committing to master branch as usual. I'll cherry-pick commits to branch-X.Y on per needed basis. Thanks, $RM
...
Code Block |
---|
for file in *.tar.gz; do gpg --armor --output $file.asc --detach-sig $file; done |
3. You can immediately verify your signature
Code Block |
---|
for file in *.tar.gz; do gpg --verify $file.asc $file; done |
4. Create sha1 sha512 check sum as sha1 is no longer safe
Code Block |
---|
for file in *.tar.gz; do sha1sumsha512sum $file > $file.shasha512; done |
Upload artifacts
Upload artifacts and all created check sums with signatures to httpssignatures to https://dist.apache.org/repos/dist/dev/sentry
1. Install svn client "yum install subversion" more details in https://tecadmin.net/install-subversion-1-8-on-centos-rhel/
2. Checkout the content from "https://dist.apache.org/repos/dist/dev/sentry
...
repos/dist/dev/sentry/". Then create new branch directory, add binary files and source files. Then commit them to repository server.
Code Block |
---|
svn checkout https://dist.apache.org/repos/dist/dev/sentry/ <local path>
svn mkdir X.Y.Z
svn add <file_name>
svn commit -m 'commit message' |
Update KEYS file
Only PMC can change the KEYS file.
If your PGP key is not yet in the project's KEYS file, you need to first add that in. To do this, checkout the KEYS file and update it using the following commands:
...
3. Deploy the release with: mvn clean deploy -Psign-artifactsartifacts
4. Go to https://repository.apache.org/ and log in using your Apache username + password.
...
6. Select the entry that starts with orgapachesentry and click on "close". If "close" fails, repeat Step 3-5.
7. Verify via the URL that should appear after refresh that the artifacts look as expected.
8. Run vote. The detail on running vote is in section "Running the vote"
8. After approval, click on "release".
...
- Make sure RCs are hosted @ https://dist.apache.org/repos/dist/dev/sentry
- Should be in format apache-$project-$version.tar.gz
- Verify Signatures and hashes. You may have to import the public key of the release manager to verify the signatures. (gpg --recv-key <last8 of public key>)
- git tag matches the released bits (diff -rf)
- Can compile successfully from source
- Verify DISCLAIMER, NOTICE and LICENCE (Verify NOTICE.txt file has right content (current year etc)
- All files have correct headers (Rat check should be clean - mvn verify)
- Make sure there are no conflicting licenses (TODO: how)
- No jar files or the like in the release
...
Voting has to be done on dev@sentry.apache.org You can close the vote after voting period expires and you accumulate sufficient votes.
...
accumulate sufficient votes.
Call for voting on dev list (PMC)
1. Template of the email to call for voting
a. To find the link of fixed issues, go to "https://issues.apache.org/jira/projects/SENTRY/versions", and click the version to be released.
b. The "orgapachesentry-<id>" is from Step 6 in Section "Publishing Apache Sentry artifacts to maven central"
No Format |
---|
To: dev@sentry.apache.org Subject: [VOTE] Release Sentry version 1X.8.0Y.Z Content: This is the release of Apache Sentry, version 1X.8Y.0Z. It fixes the following issues: http://s.apache.org/VlUhttps://issues.apache.org/jira/projects/SENTRY/versions/12342213 Source files : https://dist.apache.org/repos/dist/dev/sentry/sentry-1.8.0//X.Y.Z Maven artifacts are available: https://repository.apache.org/content/repositories/orgapachesentry-<id> Tag to be voted on (rc#): https://git-wip-us.apache.org/repos/asf/sentry/?p=sentry.git;a=commit;h=<commit-hash-of-the-tag> Sentry's KEYS containing the PGP key we used to sign the release: https://people.apache.org/keys/group/sentry.asc (or http://www.apache.org/dist/sentry/KEYS for non committers) Note that this is a source only release and we are voting on the source: tag=release-1X.2Y.0Z, SHA=5e6e34202b26d7d5bc1a41e3dd4ad0cacd123e3f<Checksum of the last commit in the branch> (You can get the hash of the tag by doing "git rev-list release-X.Y.Z | head -n 1" ) Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Thanks, $RM |
...