...
Each release is executed by a Release Manager, who needs to be a Apache Flink committer and is selected among the by the Flink PMC members. This document describes the process that the Release Manager follows to perform a release. Any changes to this process should be discussed and adopted on the dev@ mailing list.
...
- Decide to release
- Prepare for the release
- Build a release candidate
- Vote on the release candidate
- If necessary, fix any issues and go back to step 3.
- Finalize the release
- Promote the release
- Update flink-shaded dependencies in other repositories
Decide to release
Deciding to release and selecting a Release Manager is the first step of the release process. This is a consensus-based decision of the entire community.
...
To prepare for each release, you should audit the project status in the JIRA issue tracker, and do necessary bookkeeping. Finally, you should create a release branch from which individual release candidates will be built.
One-time setup instructions
GPG Key
You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide release signing guidelines. If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines.
Determine your Apache GPG Key and Key ID, as follows:
Code Block | ||
---|---|---|
| ||
gpg --list-keys |
This will list your GPG keys. One of these should reflect your Apache account, for example:
There was a change being made to the way how the flink-shaded
releases are organized within git due to the fact that bugfix releases happen quite rarely. Changes were only performed on master
. x.0
releases would be created by tagging the relevant commit on the master
branch. This was done to reduce unnecessary effort. If it comes to a point where a bugfix release becomes necessary, one should go ahead and create a release branch release-x.0
(to match the naming scheme of the past branches) which should be based on the tag with the same name release-x.0.
Info |
---|
Branches are prefered by git in case of name collisions, i.e. |
One-time setup instructions
GPG Key
You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide release signing guidelines. If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines.
Determine your Apache GPG Key and Key ID, as follows:
Code Block | ||
---|---|---|
| ||
gpg --list-keys |
This will list your GPG keys. One of these should reflect your Apache account, for example:
Code Block | ||
---|---|---|
| ||
-- | ||
Code Block | ||
| ||
----------------------------------------------------------------------- pub 2048R/845E6689 2016-02-23 uid Nomen Nescio <anonymous@apache.org> sub 2048R/BA4D50BE 2016-02-23 |
...
Now, add your Apache GPG key to the Flink’s KEYS
file both in dev
and release
repositories at dist.apache.org
. Follow the instructions listed at the top of these files. (Note: Only PMC members have write access to the release repository. If you end up getting 403 errors ask on the mailing list for assistance.)Configure git
to use this key when signing code by giving it your key ID, as follows: PMC member can refer following scripts to add your Apache GPG key to the KEYS in the release repository.
Code Block | ||
---|---|---|
| ||
git config --global user.signingkey 845E6689 |
You may drop the --global
option if you’d prefer to use this key for the current repository only.
wget https://dist.apache.org/repos/dist/release/flink/KEYS -O NEW_KEYS
(gpg --list-sigs <YOUR_KEY_ID> && gpg --armor --export <YOUR_KEY_ID>) >> ~/NEW_KEYS
svn co https://dist.apache.org/repos/dist/release/flink flink-dist-release
cd flink-dist-release
cp ../NEW_KEYS KEYS
svn ci -m "[flink] Add <YOUR_NAME>'s public key" |
Configure git
to use this key when signing code by giving it your key ID, as followsYou may wish to start gpg-agent
to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent
varies based on operating system, but may be something like this:
Code Block | ||
---|---|---|
| ||
eval $(gpg-agentgit config --daemon --no-grab --write-env-file $HOME/.gpg-agent-info) export GPG_TTY=$(tty) export GPG_AGENT_INFO |
Access to Apache Nexus repository
Configure access to the Apache Nexus repository, which enables final deployment of releases to the Maven Central Repository.
global user.signingkey 845E6689 |
You may drop the --global
option if you’d prefer to use this key for the current repository only.
You may wish to start gpg-agent
to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent
varies based on operating system, but may be something like this:
Code Block | ||
---|---|---|
| ||
eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
export GPG_TTY=$(tty)
export GPG_AGENT_INFO |
Access to Apache Nexus repository
Configure access to the Apache Nexus repository, which enables final deployment of releases to the Maven Central Repository.
- You log in with your Apache account.
- Confirm you have appropriate access by finding
org.apache.flink
underStaging Profiles
. - Navigate to your
Profile
(top right dropdown menu of the page). - Choose
User Token
from the dropdown, then clickAccess User Token
. Copy a snippet of the Maven XML configuration block. Insert
- You log in with your Apache account.
- Confirm you have appropriate access by finding
org.apache.flink
underStaging Profiles
. - Navigate to your
Profile
(top right dropdown menu of the page). - Choose
User Token
from the dropdown, then clickAccess User Token
. Copy a snippet of the Maven XML configuration block. Insert this snippet twice into your global Maven
settings.xml
file, typically${HOME}/.m2/settings.xml
. The end result should look like this, whereTOKEN_NAME
andTOKEN_PASSWORD
are your secret tokens:Code Block language xml title settings.xml <settings> <servers> <server> <id>apache.releases.https</id> <username>TOKEN_NAME</username> <password>TOKEN_PASSWORD</password> </server> <server> <id>apache.snapshots.https</id> <username>TOKEN_NAME</username> <password>TOKEN_PASSWORD</password> </server> </servers> </settings>
...
- Create the source release archive
- Deploy jar artifacts to the Apache Nexus Repository, which is the staging area for deploying the jars to Maven Central
- Note: Please do not use VPN or change your IP address when stage artifacts to Apache Nexus Repository, it may lead to multiple staging repositories which is unexpected.
Code Block | ||
---|---|---|
| ||
# tag release commit git tag -s ${TAG} -m "${TAG}" # create source release cd ${FLINK_SHADED_DIR}/tools RELEASE_VERSION=$RELEASE_VERSION releasing/create_source_release.sh # stage maven artifacts cd ${FLINK_SHADED_DIR}/tools releasing/deploy_staging_jars.sh cd ${FLINK_SHADED_DIR} |
...
Close the staging repository on Apache Nexus. When prompted for a description, enter “Apache Flink-shaded, version X, release candidate Y”.
Stage source on dist.apache.org
Copy the source release to the dev repository of dist.apache.org
.
If you have not already, check out the Flink section of the dev
repository on dist.apache.org
via Subversion. In a fresh directory:
Code Block | ||
---|---|---|
| ||
svn checkout https://dist.apache.org/repos/dist/dev/flink --depth=immediates
# make a directory for the new release
mkdir flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}
# copy Flink source distributions, hashes, and GPG signature
mv ${FLINK_SHADED_DIR}/tools/release/* flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}
pushd flink
svn add flink-shaded-${RELEASE_VERSION}-rc${RC_NUM}
svn commit -m "Add flink-shaded ${RELEASE_VERSION}-rc${RC_NUM}"
popd |
dist.apache.org
Copy the source release to the dev repository of dist.apache.org
.
If you have not already, check out the Flink section of the
dev
repository ondist.apache.org
via Subversion. In a fresh directory:Code Block language bash svn checkout https://dist.apache.org/repos/dist/dev/flink --depth=immediates # make a directory for the new release mkdir flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM} # copy Flink source distributions, hashes, and GPG signature mv ${FLINK_SHADED_DIR}/tools/release/* flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM} pushd flink svn add flink-shaded-${RELEASE_VERSION}-rc${RC_NUM} svn commit -m "Add flink-shaded ${RELEASE_VERSION}-rc${RC_NUM}" popd
Verify that files are present.
Propose a pull request for website updates
The final step of building the candidate is to propose a website pull request.
- The
docs/data/
additional_components.yml
must be updated to contain the new release: you there need to update the source source_release_url, source_release_asc_url and source_release_sha512_url inflink-shaded
Add a new entry to
docs/data/release_archive.yml
underflink_shaded
. You will need to add the version and release_date. The release_date is the date you make today, but needs to be updated to the actual release date when the release is official completed.
...
Verify that files are present.
Propose a pull request for website updates
The final step of building the candidate is to propose a website pull request.
The _config.yml
must be updated to contain the new release:
...
Do NOT update the "Pre-bundled hadoop"
entries for the main Flink releases.
...
Start the review-and-vote thread on the dev@ mailing list. Here’s an email template; please adjust as you see fit.
Code Block | ||
---|---|---|
| ||
echo " From: Release Manager To: dev@flink.apache.org Subject: [VOTE] Release flink-shaded X.Y${RELEASE_VERSION}, release candidate #Z#${RC_NUM} Content: echo " Hi everyone, Please review and vote on the release candidate #${RC_NUM} for the version ${RELEASE_VERSION}, as follows: [ ] +1, Approve the release [ ] -1, Do not approve the release (please provide specific comments) The complete staging area is available for your review, which includes: * JIRA release notes [1], * the official Apache source release to be deployed to dist.apache.org [2], which are signed with the key with fingerprint $(git config user.signingKey) [3], * all artifacts to be deployed to the Maven Central Repository [4], * source code tag \"${TAG}\" [5], * website pull request listing the new release [6]. The vote will be open for at least 72 hours. It is adopted by majority approval, with at least 3 PMC affirmative votes. Thanks, Release Manager [1] link [2] https://dist.apache.org/repos/dist/dev/flink/flink-shaded-${RELEASE_VERSION}-rc${RC_NUM} [3] https://dist.apache.org/repos/dist/release/flink/KEYS [4] link [5] https://github.com/apache/flink-shaded/releases/tag/${TAG} [6] link " |
...
Use reporter.apache.org to seed the information about the release into future project reports.
Checklist to declare the process completed
...
.
Checklist to declare the process completed
- Website pull request to list the release merged
- Release recorded in reporter.apache.org.
- Release announced on the dev@ mailing list.
- Prepare for the next development iteration by creating/merging a PR bumping the flink-shaded version (e.g. 725c0caf3ab)
Update flink-shaded dependency in other repositories
Repositories that have the flink-shaded dependency included and need updates (flink-shaded
and shaded dependency versions):
...
Improve the process
It is important that we improve the release processes over time. Once you’ve finished the release, please take a step back and look what areas of this process and be improved. Perhaps some part of the process can be simplified. Perhaps parts of this guide can be clarified.
...