You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

This is based on the release guide of the Apache Beam project: https://beam.apache.org/contribute/release-guide/

Introduction

The Apache Flink project periodically declares and publishes releases. A release is one or more packages of the project artifact(s) that are approved for general public distribution and use. They may come with various degrees of caveat regarding their perceived quality and potential for change, such as “alpha”, “beta”, “incubating”, “stable”, etc.

The Flink community treats releases with great importance. They are a public face of the project and most users interact with the project only through the releases. Releases are signed off by the entire Flink community in a public vote.

Each release is executed by a Release Manager, who is selected among the Flink PMC members. This document describes the process that the Release Manager follows to perform a release. Any changes to this process should be discussed and adopted on the dev@ mailing list.

Please remember that publishing software has legal consequences. This guide complements the foundation-wide Product Release Policy and Release Distribution Policy.

Overview

 

The release process consists of several steps:

  1. Decide to release
  2. Prepare for the release
  3. Build a release candidate
  4. Vote on the release candidate
  5. If necessary, fix any issues and go back to step 3.
  6. Finalize the release
  7. Promote the release

Decide to release

Deciding to release and selecting a Release Manager is the first step of the release process. This is a consensus-based decision of the entire community.

Anybody can propose a release on the dev@ mailing list, giving a solid argument and nominating a committer as the Release Manager (including themselves). There’s no formal process, no vote requirements, and no timing requirements. Any objections should be resolved by consensus before starting the release.

In general, the community prefers to have a rotating set of 3-5 Release Managers. Keeping a small core set of managers allows enough people to build expertise in this area and improve processes over time, without Release Managers needing to re-learn the processes for each release. That said, if you are a committer interested in serving the community in this way, please reach out to the community on the dev@ mailing list.

Checklist to proceed to the next step

  1. Community agrees to release
  2. Community selects a Release Manager

Prepare for the release

Before your first release, you should perform one-time configuration steps. This will set up your security keys for signing the release and access to various release repositories.

To prepare for each release, you should audit the project status in the JIRA issue tracker, and do necessary bookkeeping. Finally, you should create a release branch from which individual release candidates will be built.

One-time setup instructions

GPG Key

You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide release signing guidelines. If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines.

Determine your Apache GPG Key and Key ID, as follows:

gpg --list-keys
This will list your GPG keys. One of these should reflect your Apache account, for example:
--------------------------------------------------
pub   2048R/845E6689 2016-02-23
uid                  Nomen Nescio <anonymous@apache.org>
sub   2048R/BA4D50BE 2016-02-23

Here, the key ID is the 8-digit hex string in the pub line: 845E6689.

Now, add your Apache GPG key to the Flink’s KEYS file both in dev and release repositories at dist.apache.org. Follow the instructions listed at the top of these files. (Note: Only PMC members have write access to the release repository. If you end up getting 403 errors ask on the mailing list for assistance.)

Configure git to use this key when signing code by giving it your key ID, as follows:

git config --global user.signingkey 845E6689

You may drop the --global option if you’d prefer to use this key for the current repository only.

You may wish to start gpg-agent to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent varies based on operating system, but may be something like this:

eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info)
export GPG_TTY=$(tty)
export GPG_AGENT_INFO

Access to Apache Nexus repository

Configure access to the Apache Nexus repository, which enables final deployment of releases to the Maven Central Repository.

  1. You log in with your Apache account.
  2. Confirm you have appropriate access by finding org.apache.flink under Staging Profiles.
  3. Navigate to your Profile (top right dropdown menu of the page).
  4. Choose User Token from the dropdown, then click Access User Token. Copy a snippet of the Maven XML configuration block.

  5. Insert this snippet twice into your global Maven settings.xml file, typically ${HOME}/.m2/settings.xml. The end result should look like this, where TOKEN_NAME and TOKEN_PASSWORDare your secret tokens:

    settings.xml
    <settings>
   <servers>
     <server>
       <id>apache.releases.https</id>
       <username>TOKEN_NAME</username>
       <password>TOKEN_PASSWORD</password>
     </server>
     <server>
       <id>apache.snapshots.https</id>
       <username>TOKEN_NAME</username>
       <password>TOKEN_PASSWORD</password>
     </server>
   </servers>
 </settings>

Website development setup

Get ready for updating the Flink website by following the website development instructions.

Create a new version in JIRA

When contributors resolve an issue in JIRA, they are tagging it with a release that will contain their changes. With the release currently underway, new issues should be resolved against a subsequent future release. Therefore, you should create a release item for this subsequent release, as follows:

  1. In JIRA, navigate to the Flink > Administration > Versions.
  2. Add a new release: choose the next minor version number compared to the one currently underway, select today’s date as the Start Date, and choose Add.

Triage release-blocking issues in JIRA

There could be outstanding release-blocking issues, which should be triaged before proceeding to build a release candidate. We track them by assigning a specific Fix version field even before the issue resolved.

The list of release-blocking issues is available at the version status page. Triage each unresolved issue with one of the following resolutions:

  • If the issue has been resolved and JIRA was not updated, resolve it accordingly.
  • If the issue has not been resolved and it is acceptable to defer this until the next release, update the Fix Version field to the new version you just created. Please consider discussing this with stakeholders and the dev@ mailing list, as appropriate.
  • If the issue has not been resolved and it is not acceptable to release until it is fixed, the release cannot proceed. Instead, work with the Flink community to resolve the issue.

Review Release Notes in JIRA

JIRA automatically generates Release Notes based on the Fix Version field applied to issues. Release Notes are intended for Flink users (not Flink committers/contributors). You should ensure that Release Notes are informative and useful.

Open the release notes from the version status page by choosing the release underway and clicking Release Notes.

You should verify that the issues listed automatically by JIRA are appropriate to appear in the Release Notes. Specifically, issues should:

  • Be appropriately classified as BugNew FeatureImprovement, etc.
  • Represent noteworthy user-facing changes, such as new functionality, backward-incompatible API changes, or performance improvements.
  • Have occurred since the previous release; an issue that was introduced and fixed between releases should not appear in the Release Notes.
  • Have an issue title that makes sense when read on its own.

Adjust any of the above properties to the improve clarity and presentation of the Release Notes.

Verify that a Release Build Works

Run mvn -Prelease clean install to ensure that the build processes that are specific to that profile are in good shape.

Create a release branch

Release candidates are built from a release branch. As a final step in preparation for the release, you should create the release branch, push it to the code repository (you should probably do this once the whole process is done), and update version information on the original branch.

Check out the version of the codebase from which you start the release. For a new minor or major release, this may be HEAD of the master branch. To build a hotfix/incremental release, instead of the master branch, use the release branch of the release being patched. (Please make sure your cloned repository is up-to-date before starting.)

git checkout <master branch OR release tag>

Set up a few environment variables to simplify Maven commands that follow. (We use bash Unix syntax in this guide.)

VERSION="1.2.3"
NEXT_VERSION="1.2.4"
BRANCH_NAME="release-${VERSION}"
DEVELOPMENT_VERSION="${NEXT_VERSION}-SNAPSHOT"
Version represents the release currently underway, while next version specifies the anticipated next version to be released from that branch. Normally, 1.2.0 is followed by 1.3.0, while 1.2.3 is followed by 1.2.4.

Use Maven release plugin to create the release branch and update the current branch to use the new development version. This command applies for the new major or minor version. (Warning: this command automatically pushes changes to the code repository.)

mvn release:branch \
    -DbranchName=${BRANCH_NAME} \
    -DdevelopmentVersion=${DEVELOPMENT_VERSION}

However, if you are doing an incremental/hotfix release, please run the following command after checking out the release tag of the release being patched.

mvn release:branch \
    -DbranchName=${BRANCH_NAME} \
    -DupdateWorkingCopyVersions=false \
    -DupdateBranchVersions=true \
    -DreleaseVersion="${VERSION}-SNAPSHOT"

Check out the release branch.

git checkout ${BRANCH_NAME}

The rest of this guide assumes that commands are run in the root of a repository on ${BRANCH_NAME} with the above environment variables set.

Checklist to proceed to the next step

  1. Release Manager’s GPG key is published to dist.apache.org
  2. Release Manager’s GPG key is configured in git configuration
  3. Release Manager has org.apache.flink listed under Staging Profiles in Nexus
  4. Release Manager’s Nexus User Token is configured in settings.xml
  5. JIRA release item for the subsequent release has been created
  6. There are no release blocking JIRA issues
  7. Release Notes in JIRA have been audited and adjusted
  8. Release branch has been created
  9. Originating branch has the version information updated to the new version

Build a release candidate

The core of the release process is the build-vote-fix cycle. Each cycle produces one release candidate. The Release Manager repeats this cycle until the community approves one release candidate, which is then finalized.

Build and stage Java artifacts with Maven

Set up a few environment variables to simplify Maven commands that follow. This identifies the release candidate being built. Start with RC_NUM equal to 1 and increment it for each candidate.

RC_NUM="1"
TAG="v${VERSION}-RC${RC_NUM}"

Use Maven release plugin to build the release artifacts, as follows:

mvn release:prepare \
    -Dresume=false \
    -DreleaseVersion=${VERSION} \
    -Dtag=${TAG} \
    -DupdateWorkingCopyVersions=false

Use Maven release plugin to stage these artifacts on the Apache Nexus repository, as follows:

mvn release:perform

Review all staged artifacts. They should contain all relevant parts for each module, including pom.xml, jar, test jar, source, test source, javadoc, etc. Carefully review any new artifacts.

Close the staging repository on Apache Nexus. When prompted for a description, enter “Apache Flink, version X, release candidate Y”.

Stage source release on dist.apache.org

Copy the source release to the dev repository of dist.apache.org.

  1. If you have not already, check out the Flink section of the dev repository on dist.apache.org via Subversion. In a fresh directory:

     svn co https://dist.apache.org/repos/dist/dev/flink

  2. Make a directory for the new release:

     mkdir flink/${VERSION}
 cd flink/${VERSION}
    Copy and rename the Beam source distribution, hashes, and GPG signature:
    cp ${FLINK_ROOT}/target/flink-${VERSION}-source-release.tar.gz .
cp ${FLINK_ROOT}/target/flink-${VERSION}-source-release.tar.gz.asc .

  3. Create hashes for source files 

    sha512sum flink-${VERSION}-source-release.tar.gz > flink-${VERSION}-source-release.tar.gz.sha
md5sum flink-${VERSION}-source-release.tar.gz > flink-${VERSION}-source-release.tar.gz.md5

  4. Add and commit all the files.

     svn add flink/${VERSION}
 svn commit

  5. Verify that files are present.

Propose a pull request for website updates

The final step of building the candidate is to propose a website pull request.

Start by updating the variables for the latest released version in the top-level _config.yml, and list the new release in downloads.md, linking to the source code download and the Release Notes in JIRA. Also add a new blog entry announcing the release in _posts.

Finally, propose a pull request with these changes. (Don’t merge before finalizing the release.)

Checklist to proceed to the next step

  1. Maven artifacts deployed to the staging repository of repository.apache.org
  2. Source distribution deployed to the dev repository of dist.apache.org
  3. Website pull request proposed to list the release

You can (optionally) also do additional verification by:

  1. Check hashes (e.g. md5sum -c *.md5 and sha512sum -c *.sha1)
  2. Check signatures (e.g. gpg --verify flink-1.2.3-source-release.tar.gz.asc flink-1.2.3-source-release.tar.gz)
  3. grep for legal headers in each file.
  • No labels