Versions Compared

Old Version 20

changes.mady.by.user Chesnay Schepler

Saved on

compared with

New Version Current

changes.mady.by.user Matthias Pohl

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Each release is executed by a Release Manager, who needs to be a Apache Flink committer and is selected among the by the Flink PMC members. This document describes the process that the Release Manager follows to perform a release. Any changes to this process should be discussed and adopted on the dev@ mailing list.

...

  1. Decide to release
  2. Prepare for the release
  3. Build a release candidate
  4. Vote on the release candidate
  5. If necessary, fix any issues and go back to step 3.
  6. Finalize the release
  7. Promote the release
  8. Update flink-shaded dependencies in other repositories

Decide to release

Deciding to release and selecting a Release Manager is the first step of the release process. This is a consensus-based decision of the entire community.

...

To prepare for each release, you should audit the project status in the JIRA issue tracker, and do necessary bookkeeping. Finally, you should create a release branch from which individual release candidates will be built.

One-time setup instructions

GPG Key

You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide release signing guidelines. If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines.

Determine your Apache GPG Key and Key ID, as follows:

Code Block
languagebash
gpg --list-keys
This will list your GPG keys. One of these should reflect your Apache account, for example:

There was a change being made to the way how the flink-shaded releases are organized within git due to the fact that bugfix releases happen quite rarely. Changes were only performed on master. x.0 releases would be created by tagging the relevant commit on the master branch. This was done to reduce unnecessary effort. If it comes to a point where a bugfix release becomes necessary, one should go ahead and create a release branch release-x.0  (to match the naming scheme of the past branches) which should be based on the tag with the same name release-x.0.

Info

Branches are prefered by git in case of name collisions, i.e. git checkout release-13.0  will always check out the branch. The following command can be used to refer to the tag: git checkout refs/tags/release-13.0 .

One-time setup instructions

GPG Key

You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide release signing guidelines. If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines.

Determine your Apache GPG Key and Key ID, as follows:

Code Block
languagebash
gpg --list-keys
This will list your GPG keys. One of these should reflect your Apache account, for example:
Code Block
languagebash
-----------------------
Code Block
languagebash
---------------------------------------------------------------
pub   2048R/845E6689 2016-02-23
uid                  Nomen Nescio <anonymous@apache.org>
sub   2048R/BA4D50BE 2016-02-23

...

Now, add your Apache GPG key to the Flink’s KEYS file both in dev and release repositories at dist.apache.org. Follow the instructions listed at the top of these files. (Note: Only PMC members have write access to the release repository. If you end up getting 403 errors ask on the mailing list for assistance.)Configure git to use this key when signing code by giving it your key ID, as follows: PMC member can refer following scripts to add your Apache GPG key to the KEYS in the release repository.

Code Block
languagebash
git config --global user.signingkey 845E6689

You may drop the --global option if you’d prefer to use this key for the current repository only.

You may wish to start gpg-agent to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent varies based on operating system, but may be something like this:

Code Block
languagebash
eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
export GPG_TTY=$(tty)
export GPG_AGENT_INFO

Access to Apache Nexus repository

Configure access to the Apache Nexus repository, which enables final deployment of releases to the Maven Central Repository.

...

Insert this snippet twice into your global Maven settings.xml file, typically ${HOME}/.m2/settings.xml. The end result should look like this, where TOKEN_NAME and TOKEN_PASSWORDare your secret tokens:

Code Block
languagexml
titlesettings.xml
<settings>
   <servers>
     <server>
       <id>apache.releases.https</id>
       <username>TOKEN_NAME</username>
       <password>TOKEN_PASSWORD</password>
     </server>
     <server>
       <id>apache.snapshots.https</id>
       <username>TOKEN_NAME</username>
       <password>TOKEN_PASSWORD</password>
     </server>
   </servers>
 </settings>
wget https://dist.apache.org/repos/dist/release/flink/KEYS -O NEW_KEYS  
(gpg --list-sigs <YOUR_KEY_ID> && gpg --armor --export <YOUR_KEY_ID>) >> ~/NEW_KEYS
svn co https://dist.apache.org/repos/dist/release/flink flink-dist-release
cd flink-dist-release
cp ../NEW_KEYS KEYS
svn ci -m "[flink] Add <YOUR_NAME>'s public key"

Configure git to use this key when signing code by giving it your key ID, as follows:

Code Block
languagebash
git config --global user.signingkey 845E6689

You may drop the --global option if you’d prefer to use this key for the current repository only.

You may wish to start gpg-agent to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent varies based on operating system, but may be something like this:

Code Block
languagebash
eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
export GPG_TTY=$(tty)
export GPG_AGENT_INFO

Access to Apache Nexus repository

Configure access to the Apache Nexus repository, which enables final deployment of releases to the Maven Central Repository.

  1. You log in with your Apache account.
  2. Confirm you have appropriate access by finding org.apache.flink under Staging Profiles.
  3. Navigate to your Profile (top right dropdown menu of the page).
  4. Choose User Token from the dropdown, then click Access User Token. Copy a snippet of the Maven XML configuration block.

  5. Insert this snippet twice into your global Maven settings.xml file, typically ${HOME}/.m2/settings.xml. The end result should look like this, where TOKEN_NAME and TOKEN_PASSWORDare your secret tokens:

    Code Block
    languagexml
    titlesettings.xml
    <settings>
   <servers>
     <server>
       <id>apache.releases.https</id>
       <username>TOKEN_NAME</username>
       <password>TOKEN_PASSWORD</password>
     </server>
     <server>
       <id>apache.snapshots.https</id>
       <username>TOKEN_NAME</username>
       <password>TOKEN_PASSWORD</password>
     </server>
   </servers>
 </settings>


Verify that a Release Build Works

Run mvn -Prelease clean install to ensure that the build processes that are specific to that profile are in good shape

Verify that a Release Build Works

Run mvn -Prelease clean install to ensure that the build processes that are specific to that profile are in good shape.

Create a release branch

Release candidates are built from a release branch. As a final step in preparation for the release, you should create the release branch, push it to the code repository (you should probably do this once the whole process is done), and update version information on the original branch.

Check out the version of the codebase from which you start the release. For a new minor or major release, this may be HEAD of the master branch. To build a hotfix/incremental release, instead of the master branch, use the release branch of the release being patched. (Please make sure your cloned repository is up-to-date before starting.)

Code Block
languagebash
$ git checkout <master branch OR release tag>

Set up a few environment variables to simplify Maven commands that follow. (We use bash Unix syntax in this guide.)

Code Block
languagebash
RELEASE_VERSION="4.0"
NEXT_VERSION="5.0"

Most of the following commands have to be executed in the tools directory, we will prefix the command prompt to make this explicit.

If you are doing a new major release, first create a branch for the new version that we want to release before updating the master branch to the next development version:

Code Block
languagebash
$ git checkout -b release-$RELEASE_VERSION
$ git checkout master
$ cd tools
tools $ OLD_VERSION=$RELEASE_VERSION NEW_VERSION=$NEXT_VERSION releasing/update_branch_version.sh
$ cd ..
git checkout release-$RELEASE_VERSION

If you're creating a new minor release, you will skip the above step and simply check out the the already existing branch for that version:

Code Block
languagebash
$ git checkout release-$RELEASE_VERSION

The rest of this guide assumes that commands are run in the root (or tools directory) of a repository on the branch of the release version with the above environment variables set.

Checklist to proceed to the next step

  1. Release Manager’s GPG key is published to dist.apache.org
  2. Release Manager has org.apache.flink listed under Staging Profiles in Nexus
  3. Release Manager’s Nexus User Token is configured in settings.xml
  4. Release branch has been created
  5. Originating branch has the version information updated to the new version

Build a release candidate

The core of the release process is the build-vote-fix cycle. Each cycle produces one release candidate. The Release Manager repeats this cycle until the community approves one release candidate, which is then finalized.

Build and stage Java artifacts with Maven

Set up a few environment variables to simplify Maven commands that follow. This identifies the release candidate being built. Start with RC_NUM equal to 1 and increment it for each candidate.

Code Block
languagebash
RC_NUM="1"
TAG="release-${RELEASE_VERSION}-rc${RC_NUM}"

Now, create a release branch:

Code Block
languagebash
$ cd tools
tools $ RELEASE_VERSION=$RELEASE_VERSION RELEASE_CANDIDATE=$RC_NUM releasing/create_release_branch.sh

Tag the release commit:

...

Prepare environment

Check out the commit from which you intend to create the release, and run these commands in the flink-shaded directory:

Code Block
# Set up a few environment variables to simplify Maven commands that follow.
# (We use bash Unix syntax in this guide.)
export RELEASE_VERSION="4.0"
export NEXT_VERSION="5.0"
# This must be incremented for each release candidate
export RC_NUM="1"
export TAG="release-${RELEASE_VERSION}-rc${RC_NUM}"
FLINK_SHADED_DIR=$(pwd)

Build and stage Java artifacts with Maven

We now need to do several things:

  • Create the source release archive
  • Deploy jar artifacts to the Apache Nexus Repository, which is the staging area for deploying the jars to Maven Central

First, we build the source release:

  • for deploying the jars to Maven Central
  • Note: Please do not use VPN or change your IP address when stage artifacts to Apache Nexus Repository, it may lead to multiple staging repositories which is unexpected.
Code Block
languagebash
# tag release commit
git tag -s ${TAG} -m "${TAG}"

# create source release
cd ${FLINK_SHADED_DIR}/tools
Code Block
languagebash
tools $ RELEASE_VERSION=$RELEASE_VERSION releasing/create_source_release.sh
 

Next, we stage the maven artifacts:

Code Block
languagebash
tools $  

# stage maven artifacts
cd ${FLINK_SHADED_DIR}/tools
releasing/deploy_staging_jars.sh

cd ${FLINK_SHADED_DIR}

Review all staged artifacts (https://repository.apache.org/). They should contain a .pom and .jar file for each module. Carefully review any new artifacts.

...

  1. If you have not already, check out the Flink section of the dev repository on dist.apache.org via Subversion. In a fresh directory:

    Code Block
    languagebash
     svn checkout https://dist.apache.org/repos/dist/dev/flink --depth=immediates

    Make a directory for the new release:

    Code Block
    languagebash
     

# make a directory for the new release
mkdir flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}
    Copy
     

# copy Flink source distributions, hashes, and GPG signature
    .
    Code Block
    mv <flink-shaded-dir>
mv ${FLINK_SHADED_DIR}/tools/release/* flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}

    Add and commit all the files.

    Code Block
    languagebash
    cd

pushd flink
svn add flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}
svn commit -m "Add flink-shaded ${RELEASE_VERSION}-rc${RC_NUM}"
popd


  2. Verify that files are present.

Info

Alternatively, you can stage the source releases on home.apache.org, i.e. sftp <apache-id>@home.apache.org, which would be available at http://people.apache.org/~<apache-id>. You would store the files in a sub folder of public_html that has the version and RC encoded, i.e. flink-shaded-3.0-rc2.

Propose a pull request for website updates

The final step of building the candidate is to propose a website pull request.

Propose a pull request for website updates

The final step of building the candidate is to propose a website pull request.

  1. The docs/data/additional_components.yml must be updated to contain the new release: you there need to update the source source_release_url, source_release_asc_url and source_release_sha512_url in flink-shaded

  2. Add a new entry to docs/data/release_archive.yml under flink_shaded . You will need to add the version and release_date. The release_date is the date you make today, but needs to be updated to the actual release date when the release is official completed. 

Do NOT update the "Pre-bundled hadoop" entries for the main Flink releasesStart by updating the variables for the latest released version in the top-level _config.yml, and list the new release in downloads.md, linking to the source code download.

Finally, propose a pull request with these changes. (Don’t merge before finalizing the release.)

...

Start the review-and-vote thread on the dev@ mailing list. Here’s an email template; please adjust as you see fit.

Code Block
languagetext
echo " 

From: Release Manager
To: dev@flink.apache.org
Subject: [VOTE] Release flink-shaded X.Y${RELEASE_VERSION}, release candidate #Z#${RC_NUM}
Content:

Hi everyone,
Please review and vote on the release candidate #Z#${RC_NUM} for the version X.Y${RELEASE_VERSION}, as follows:
[ ] +1, Approve the release
[ ] -1, Do not approve the release (please provide specific comments)


The complete staging area is available for your review, which includes:
* JIRA release notes [1],
* the official Apache source release to be deployed to dist.apache.org [2], which are signed with the key with fingerprint FFFFFFFF$(git config user.signingKey) [3],
* all artifacts to be deployed to the Maven Central Repository [4],
* source code tag "release-X.Y-rcZ\"${TAG}\" [5],
* website pull request listing the new release [6].

The vote will be open for at least 72 hours. It is adopted by majority approval, with at least 3 PMC affirmative votes.

Thanks,
Release Manager

[1] link
[2] link https://dist.apache.org/repos/dist/dev/flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}
[3] https://dist.apache.org/repos/dist/release/flink/KEYS
[4] link
[5] linkhttps://github.com/apache/flink-shaded/releases/tag/${TAG}
[6] link
"

If there are any issues found in the release candidate, reply on the vote thread to cancel the vote. There’s no need to wait 72 hours. Proceed to the Fix Issues step below and address the problem. However, some issues don’t require cancellation.

...

Create a new Git tag for the released version by copying the tag for the final release candidate, as follows:

Code Block
git tag -s "release-${RELEASE_VERSION}" ${TAG} -m

...

"release-${RELEASE_VERSION}"
git push upstream release-${RELEASE_VERSION}

...

Mark the version as released in JIRA
...
Use reporter.apache.org to seed the information about the release into future project reports.
Checklist to declare the process completed
  1. Website pull request to list the release merged
  2. Release recorded in reporter.apache.org.
  3. Release announced on the dev@ mailing list.
  4. Prepare for the next development iteration by creating/merging a PR bumping the flink-shaded version (e.g. 
...
  1.  725c0caf3ab)
Repositories that have the flink-shaded dependency included and need updates (flink-shaded  and shaded dependency versions):
Checklist to declare the process completed
...
Improve the process
It is important that we improve the release processes over time. Once you’ve finished the release, please take a step back and look what areas of this process and be improved. Perhaps some part of the process can be simplified. Perhaps parts of this guide can be clarified.
...