This page is a guide, to making a release for the BookKeeper project. It's based off the Whirr instructions and our experience releasing.
First time
There are a few things which you need to set up before making a release.
PGP keys
You should have a 4096 bit RSA PGP key for signing the release. This key should be in the Apache web of trust. Once generated, ensure your key is in https://svn.apache.org/repos/asf/zookeeper/bookkeeper/dist/KEYS.
Maven setup
Put the following in ~/.m2/settings.xml. This will allow you to release and deploy to the apache maven repositories. Of course, it's best not to store your password in cleartext. See http://maven.apache.org/guides/mini/guide-encryption.html for a guide on how to make this a little more secure.
<settings> <servers> <server> <id>apache.snapshots.https</id> <username>APACHE-ID</username> <password>APACHE-PASSWORD</password> </server> <server> <id>apache.staging.https</id> <username>APACHE-ID</username> <password>APACHE-PASSWORD</password> </server> <server> <id>apache.releases.https</id> <username>APACHE-ID</username> <password>APACHE-PASSWORD</password> </server> </servers> </settings>
SSH setup on people.apache.org
The release procedure will require multiple logins to people.apache.org. To avoid having to log in many times, ensure that you have ssh password less login set up for people.apache.org.
Making the release
The steps for releasing are as follows.
- Create release branch
- Generate release notes
- Build and stage artifacts
- Inspect the artifacts
- Tag the release in Subversion
- Run the vote
- If vote gets +1 from 3 PMC members and no -1, go to next step, otherwise fix problem and repeat from step 2.
- Release artifacts
- Wait 24 hours for mirrors to sync
- Update the website
- Announce the release
Creating the release series branch
This only needs to be done for the first release of a series, (e.g. It needs to be done for 4.1.0 but not for 4.1.1 or 4.1.2).
- Update CHANGES.txt, renaming the trunk section to reflect the version being released.
Create a branch for the release:
svn copy https://svn.apache.org/repos/asf/zookeeper/bookkeeper/trunk \ https://svn.apache.org/repos/asf/zookeeper/bookkeeper/branches/branch-X.Y -m "Branching for X.Y releases"
Check out the new branch.
- Update the version in all pom files. X.Y.0-SNAPSHOT -> X.Y.0
- Commit these changes.
On trunk
- Add a new trunk section in CHANGES.txt
- Bump the version in all poms, X.Y.0-SNAPSHOT -> X.(Y+1).0-SNAPSHOT
Generate release notes
Generate the release notes from JIRA. https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12311293
Select the correct version, in HTML format. Make it look like previous release notes. https://svn.apache.org/repos/asf/zookeeper/bookkeeper/site/content/docs/r4.1.0/releaseNotes.textile
Generate a list of all issues committed since last release. In this example, the last release was the 1st February 2012.
bookkeeper/trunk$ svn log -r {2012-02-01}:HEAD
Manually check that the list from JIRA, SVN and CHANGES.txt all reflect the same changes.
Build the artifacts
Make sure the branch builds cleanly. Check for errors and warnings in the output.
mvn clean findbugs:findbugs apache-rat:check install
Then build the artifacts.
mvn clean package assembly:single -DskipTests
This will generate
- bookkeeper/target/bookkeeper-<VERSION>-src.tar.gz
- bookkeeper-server/target/bookkeeper-server-<VERSION>-bin.tar.gz
- hedwig-server/target/hedwig-server-<VERSION>-bin.tar.gz
Inspect the artifacts
Extract each of the generated artifacts;
- Check file permissions are correct for all files
- Check the LICENSE and NOTICE files cover all included jars (especially for the -bin packages)
- Check the source package builds, and all tests pass
- Check that "mvn apache-rat:check" passes on the source package.
- Check that a bookie can be run from the source package and from the bookkeeper-server binary package
- Check that a hedwig hub can be run from the source package and from the hedwig-server binary package
Staging the artifacts
Create a directory and copy the three tar.gz packages into it. Sign and generate md5 & sha1 hashes for each package.
md5 <FILE>.tar.gz > <FILE>.tar.gz.md5 shasum <FILE>.tar.gz > <FILE>.tar.gz.sha1 gpg --armor --output <FILE>.tar.gz.asc --detach-sig <FILE>.tar.gz