THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
Release files must be signed with an OpenPGP compatible key. If you do not already have a key for signing Apache releases, follow the developer instructions in the Daffodil KEYS file to generate a key and add it to the KEYS file. Follow the contributor workflow and create a review branch and pull request to commit your changes to the KEYS file. Once merged, perform the following steps:
Clone the Apache Dist Daffodil release directory, copy the KEYS file, and commit it:
Code Block language bash $ svn checkout https://dist.apache.org/repos/dist/release/incubator/daffodil/ daffodil-dist $ cp daffodil.git/KEYS daffodil-dist $ cd daffodil-dist $ svn ci -m "Update Apache Daffodil KEYS"
Note: Committers do not have write access to the
dist/releasedirectory. If you are a committer, work with a PMC member to complete this step.Add your key fingerprint to https://id.apache.org. To get your fingerprint, run the following:
Code Block language bash $ gpg --fingerprint KEYID
Send your key to a keyserver via the command:
Code Block language bash $ gpg --send-keys KEYID
...
Build the Daffodil release candidate image:
Code Block language bash $ podman build -t daffodil-release-candidate /path/to/daffodil.git/containers/release-candidate/
This may take 20-30 minutes the first time, but should be significantly faster in subsequent runs unless something changes in the image where a full rebuild is needed.
Run the daffodil release candidate container:
Code Block language bash $ podman run -it \ -v ~/.gitconfig:/root/.gitconfig \ -v ~/.gnupg/:/root/.gnupg/ \ -v ~/.ssh/:/root/.ssh/ \ daffodil-release-candidateNote that the
-voption is used to bind mount files/directories from the host system in the container so the container has access to git configurations and gpg/ssh keys.The container will periodically ask for user input (e.g. usenames, passwords) to sign and publish release files. This includes:
- Release candidate label. For example:
rc1if this is the first release candidate
- Long format of your signing key ID. This can be found by running
gpg --list-secret-keys --keyid-format long
- Git name and email (e.g. "John Doe" and "john.doe@company.com"). This is the name and email you want to show up as the "Committer" when the release script creates a git tag or commit, which could potentially be different than what is the the bind mounted
.gitconfigfile. This is not your GitHub or Apache credentials--simply the name and email address you use for Daffodil commits.
- Apache username and password. This is the username and password credentials used to log in at https://id.apache.org.
- GitHub SSH key password. The Daffodil repository will be cloned using SSH authentication. If your SSH key is password protected, you may be prompted for that password.
- Private GPG password. The release process will sign artifacts with your GPG key–you will be prompted for a password to sign these artifacts.
- Release candidate label. For example:
After entering the necessary information, this script will perform the following actions:
- Create a zip of the source
- Create tgz, zip, msi, and rpm of the helper binary
- Create sha256 and sha512 checksum and ASCII armored detached signatures of the above files
- Place the above files to the Apache dist dev directory. This svn files are not comitted until further action is taken.
- Create javadoc and scaladoc and move to the daffodil site repository docs directory for this release, and create a commit. This commit is not pushed until further action is taken.
- Create a signed git tag. This tag is not pushed until further action is taken.
- Stage jars/poms to https://repository.apache.org
- Create a zip of the source
- Once the script completes, you should verify the exiistence generated files. Note The script will list the files and locations to verify. This includes:
Verify the checksums and signatures are created in the Apache dist directories and are read for commit, for example:
Code Block $ cd /root/incubator-daffodil-dist/ $ ls -R $ svn status
Verify the git tag is on the correct commit in the Daffodil repo, for example:
Code Block language bash $ git -C /root/incubator-daffodil/ log -1 v2.0.0-rc1
Verify the javadoc and scala docs in the daffodil site repository exist, for example:
Code Block language bash $ git -C /root/incubator-daffodil-site/ log -1
- Verify the all the expected jars/poms at https://repository.apache.org/ exist.
To do so, visit that url, login in the top right using id.apache.org credentials, select "Staging Repositories" on the left, and find theorgapachedaffodil-XXXXrepository. Inspect the "Content"tab to make sure the appropriate jars are uploaded and appear valid.
- If any of the above do not look correct, perform the following steps:
- Drop the published jars/poms (at https://repository.apache.org -- check the box for the staging repository just created and choose "Drop" at the top)
- Type
exitto close the container. All files/commits created in the container will be deleted.
- Fix the issue and repeat the "Create Release Candidate" process from the beginning.
- Drop the published jars/poms (at https://repository.apache.org -- check the box for the staging repository just created and choose "Drop" at the top)
- After verifying all is correct, follow the instructions to complete the release candidate. These steps include:
Run the command:
Code Block language bash $ /root/complete-release
All the previous commands have prepared commits and tags in the three repositories (Apache Dist, Daffodil, and Site). Running this command will push those commits and tag to the remote repositories.
- Close the staged file at https://repository.apache.org
- Type
exitto close the container.
...
Move the release candidate files to the release directory:
Code Block language bash $ svn mv -m "Release Apache Daffodil (incubating) 2.0.0" \ https://dist.apache.org/repos/dist/dev/incubator/daffodil/2.0.0-rc1/ \ https://dist.apache.org/repos/dist/release/incubator/daffodil/2.0.0/Note: Committers do not have write access to the
dist/releasedirectory. If you are a committer, work with a PMC member to complete this step.In the Daffodil git repository, create a signed git tag based on the release candidate tag:
Code Block language bash $ git tag -as -u KEYID -m "Release v2.0.0" v2.0.0 v2.0.0-rc1^{} $ git push asf v2.0.0- Release the published Nexus files by visiting https://repository.apache.org, log in, find the release in "Staging Repositories" and selecting "Release".
Give approximately 24 hours for the release files to sync to mirrors and Maven Central.
Once the mirrors have synced, make the following changes to the daffodil site repository and publish them:
Modify the release page to have the following parameters:
Code Block released: true date: <date of release> artifact-root: "https://www.apache.org/dyn/closer.lua/incubator/daffodil/2.0.0/" checksum-root: "https://downloads.apache.org/incubator/daffodil/2.0.0/"
Modify the release page of the previous release to use archived root URLs, for example:
Code Block artifact-root: "https://archive.apache.org/dist/incubator/daffodil/1.0.0/" checksum-root: "https://archive.apache.org/dist/incubator/daffodil/1.0.0/"
Modify the doap.rdf file to include the release date and version, for example:
Code Block language xml <release> <Version> <name>Apache Daffodil</name> <created>2018-02-18</created> <revision>2.0.0</revision> </Version> </release>Update the symlink to the latest Javadoc and Scaladocs (note that there is no forward slash at the end of
latest.Code Block language bash $ ln -sfn 2.0.0 site/docs/latest
Now that the download URLS of the previous release point to the archive, remove that release from Apache dist to free up space on mirrors:
Code Block $ svn delete -m "Archive Apache Daffodil (incubating) 1.0.0" \ https://dist.apache.org/repos/dist/release/incubator/daffodil/1.0.0/Note: Committers do not have write access to the
dist/releasedirectory. If you are a committer, work with a PMC member to complete this step.- Update the JIRA versions to mark the version as released.
...