Preparation
- Verify the project builds cleanly via
./sbt "+test"
- Verify the site builds cleanly via
./
sbt makeSite
- Verify the files pass the audit check via
./
sbt auditCheck
- Make sure you have a 4096-bit RSA PGP key for signing releases uploaded to a public PGP key repository (preferably pgp.mit.edu) as well as located in the KEYS file.
Configure sbt with your pgp key by first exporting into the old format for use by sbt-pgp by running
gpg --export-secret-keys --armor --output ~/.sbt/gpg/secring.asc
and then edit the file~/.sbt/gpg.sbt
with the following:gpg.sbtuseGpg := true pgpSecretRing := Path.userHome / ".sbt" / "gpg" / "secring.asc" usePgpKeyHex("1234567887654321")
Configure your Apache credentials by writing to ~/.sbt/1.0/global.sbt with something like:
global.sbtcredentials += Credentials("Sonatype Nexus Repository Manager", "repository.apache.org", "username", "password")
Releasing
- Run
./sbt release
and answer the version number prompts.- Close the staging release repository afterwards by logging in to https://repository.apache.org/#stagingRepositories and finding the appropriate
orgapachelogging-NNNN
repository.
- Close the staging release repository afterwards by logging in to https://repository.apache.org/#stagingRepositories and finding the appropriate
- Check out the created tag and run
GPG_KEYID=mykeyid ./create-distributions.sh 11.1
- FIXME: binary distributions may not be signed by default; make sure to sign them! As a workaround, use the following bash script:
cd target; for f in *.zip *.gz; do shasum -a 256 $f >$f.sha256; shasum -a 512 $f >$f.sha512; done
- FIXME: binary distributions may not be signed by default; make sure to sign them! As a workaround, use the following bash script:
- Commit those to https://dist.apache.org/repos/dist/dev/logging/log4j/scala for staging (removing previous release candidates as necessary).
- Commit the site to github pages for viewing.
- Perform a release email and follow the usual release process as Log4j Core does.