...
- Create a release branch
Clone fresh repository copy
Code Block git clone https://git-wip-us.apache.org/repos/asf/sentry.git cd sentry
Checkout master branch
Code Block git checkout master
Check that current HEAD points to commit on which you want to base new release branch. Checkout particular commit if not.
Code Block git log # Check current branch history. HEAD should point to commit that you want to be base for your release branch git checkout abcdef123 # Check out particular commit that should be base for release branch if -^
Create new release branch with name "branch-$version"
Code Block git checkout -b branch-X.Y.Z
Update CHANGELOG in the trunk to indicate the changes going into the new version.
The change list can be swiped from the JIRA release note tool (use the "text" format for the change log). See JIRA Cleanup above to ensure that the release notes generated by this tool are what you are expecting.
RM should update the year of the file "NOTICE.txt".
Remove -SNAPSHOT from the release branch and commit
Code Block mvn versions:set -DnewVersion=X.Y.Z -DgenerateBackupPoms=false git add . git commit -m "SENTRY-XXXX: Removing -SNAPSHOT from X.Y release branch"
Check your changes and push new branch to Apache repository. "repository name" is the name of the repository, for example "origin".
Code Block mvn -U clean package -Pdownload-hadoop -Pdist -s <settings.xml> git push <repository name> origin branch-X.Y.Z
Check that branch was correctly propagated to Apache repository.
Prepare the master for next release (TODO: update change log?)
Code Block git checkout master mvn versions:set -DnewVersion=<X.Y.Z+1>-SNAPSHOT -DgenerateBackupPoms=false git add . git commit -m "SENTRY-XXXX: Preparing for sentry <Release name> development" git push origin master:master
- Send an email announcing new branch
No Format To: dev@sentry.apache.org Subject: New sentry release branch-X.Y I've just created new release branch for upcoming <Release name> release. Please continue committing to master branch as usual. I'll cherry-pick commits to branch-X.Y on per needed basis. Thanks, $RM
...
Code Block |
---|
for file in *.tar.gz; do gpg --armor --output $file.asc --detach-sig $file; done |
3. You can immediately verify your signature
Code Block |
---|
for file in *.tar.gz; do gpg --verify $file.asc $file; done |
4. Create sha1 sha512 check sum as sha1 is no longer safe
Code Block |
---|
for file in *.tar.gz; do sha1sumsha512sum $file > $file.shasha512; done |
Upload artifacts
Upload artifacts and all created check sums with signatures to httpssignatures to https://dist.apache.org/repos/dist/dev/sentry
Update KEYS file
If your PGP key is not yet in the project's KEYS file, you need to first add that in. To do this, checkout the KEYS file and update it using the following commands:
...
1. Install svn client "yum install subversion" more details in https://
...
tecadmin.net/install-subversion-1-8-on-centos-rhel/
2. Checkout the content from "https://dist.apache.org/repos/dist/dev/sentry/". Then create new branch directory, add binary files and source files. Then commit them to repository server.
Code Block |
---|
svn checkout https://dist.apache.org/repos/dist/dev/sentry/ <local path>
svn mkdir X.Y.Z
svn add <file_name>
svn commit -m 'commit message' |
Update KEYS file
Only PMC can change the KEYS file.
If your PGP key is not yet in the project's KEYS file, you need to first add that in. To do this, checkout the KEYS file and update it using the following commands:
$ cd sentry-release $ $ cd sentry-release $ (gpg --list-sigs <KEY-ID> && gpg --armor --export <KEY-ID> ) >> KEYS $ svn commit -m "Adding PGP public key to KEYS file" KEYS |
...
3. Deploy the release with: mvn clean deploy -Psign-artifactsartifacts
4. Go to https://repository.apache.org/ and log in using your Apache username + password.
...
6. Select the entry that starts with orgapachesentry and click on "close". If "close" fails, repeat Step 3-5.
7. Verify via the URL that should appear after refresh that the artifacts look as expected.
8. Run vote. The detail on running vote is in section "Running the vote"
9. After approval, click on "release".
...
- Make sure RCs are hosted @ https://dist.apache.org/repos/dist/dev/sentry
- Should be in format apache-$project-$version.tar.gz
- Verify Signatures and hashes. You may have to import the public key of the release manager to verify the signatures. (gpg --recv-key <last8 of public key>)
- git tag matches the released bits (diff -rf)
- Can compile successfully from source
- Verify DISCLAIMER, NOTICE and LICENCE (Verify NOTICE.txt file has right content (current year etc)
- All files have correct headers (Rat check should be clean - mvn verify)
- Make sure there are no conflicting licenses (TODO: how)
Running the vote
Voting has to be done on dev@sentry.apache.org You can close the vote after voting period expires and you accumulate sufficient votes.
Call for voting on dev list (PMC)
- sure there are no conflicting licenses (TODO: how)
- No jar files or the like in the release
Running the vote
...
Voting has to be done on dev@sentry.apache.org You can close the vote after voting period expires and you accumulate sufficient votes.
Call for voting on dev list (PMC)
1. Template of the email to call for voting
a. To find the link of fixed issues, go to "https://issues.apache.org/jira/projects/SENTRY/versions", and click the version to be released.
b. The "orgapachesentry-<id>" is from Step 6 in Section "Publishing Apache Sentry artifacts to maven central"
No Format |
---|
To: dev@sentry.apache.org Subject: [VOTE] Release Sentry version 1.8.0X.Y.Z Content: This is the release of Apache Sentry, version 1X.8Y.0Z. It fixes the following issues: httphttps://sissues.apache.org/VlU/jira/projects/SENTRY/versions/12342213 Source files : https://dist.apache.org/repos/dist/dev/sentry/sentry-1.8.0/X.Y.Z Maven artifacts are available: https://repository.apache.org/content/repositories/orgapachesentry-<id> Tag to be voted on (rc#): https://git-wip-us.apache.org/repos/asf/sentry/?p=sentry.git;a=commit;h=<commit-hash-of-the-tag> Sentry's KEYS containing the PGP key we used to sign the release: https://people.apache.org/keys/group/sentry.asc (or http://www.apache.org/dist/sentry/KEYS for non committers) Note that this is a source only release and we are voting on the source: tag=release-1X.2Y.0Z, SHA=5e6e34202b26d7d5bc1a41e3dd4ad0cacd123e3f<Checksum of the last commit in the branch> (You can get the hash of the tag by doing "git rev-list release-X.Y.Z | head -n 1" ) Vote will be open for 72 hours. [ ] +1 approve [ ] +0 no opinion [ ] -1 disapprove (and reason why) Thanks, $RM |
...
You need to close the release in JIRA so that everyone knows that your version should not be used as "fixVersion" for new bugs. You must be a Jira administrator or a project administrator to do the Jira Software tasks on this page. Sentry PM should have this access.
Go to JIRA "Administer project" page and follow "Versions" in left menu. Table with list of all releases should appear, click on additional menu on the right of your release and choose "Release" option. Submit release date and you're done.
...
In order to release you have to checkout release repository located on https://dist.apache.org/repos/dist/release/sentry/ and add release artifacts there. Only Sentry PMC can do this.
No Format |
---|
svn co https://dist.apache.org/repos/dist/release/sentry/ sentry-release cd sentry-release mkdir X.Y.Z/ cp $source_to_your_artifacts X.Y.Z/ svn add X.Y.Z svn commit -m "Add $source release" |
It may take up to 24 hours for all mirrors to sync up (http://www.apache.org/dyn/closer.cgi/sentry/)
...