You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 16 Next »

Preliminaries

Apache Release Documentation

Code Signing Key

Create a code signing gpg key for release signing; use <your Apache ID>@apache.org for your primary ID for the code signing key. See the Apache Release Signing documentation for further information.

Ensure JIRA Issues are Appropriately Tagged for the Release 

Ensure that all MADlib JIRA issues that are addressed in this release are marked with the release version in the ‘FixVersion’ field of the issue.

 


Creating and Validating the Release Candidate

Create the Release Candidate

Prepare Release Notes

See example release notes from previous releases on the wiki site and prepare similar notes. 

https://cwiki.apache.org/confluence/display/MADLIB/MADlib+1.11

  1. Update the wiki with these release notes for the new release
  2. Update the release notes file in the source code: https://github.com/rashmi815/incubator-madlib/blob/master/RELEASE_NOTES (create PR and merge)


Prepare Tarballs

  1. Branch your release:

    git checkout -b <your release name> <commit sha1> 

    push to origin:
    git push origin <your release name>


  2. Apply signed tag on release branch

    Example:

     git tag -u <GPG KEY ID> --sign <your release name>-rc# -m "Apache MADlib (Incubating) <your release name> RC#" <SHA of HEAD of branch>
     

  3. Make a tarball and gzip:
    git archive -o ../apache-madlib-<your release name>-incubating-src.tar --prefix=apache-madlib-<your release name>-incubating-src/ <your tag/branch name>
    gzip ../apache-madlib-<your release name>-incubating-src.tar

    Example:

    $ git archive -o ../apache-madlib-1.11-incubating-src.tar --prefix=apache-madlib-1.11-incubating-src/ 1.11-incubating
    $ gzip ../apache-madlib-1.11-incubating-src.tar

     

Prepare rpm and dmg binaries

Execute the following commands in the build directory:

$ cmake <path to source code directory>

$ make 

$ make package

Sign the Release Candidate

Check that md5, shasum, and gpg (or gpg2) are installed on your machine:

$ which gpg shasum md5
/usr/local/bin/gpg
/usr/bin/shasum
/sbin/md5

Install using Hombrew (on Mac OS) if needed e.g.:

$ brew install gnupg
==> Downloading ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-1.4.19.tar.bz2
######################################################################## 100.0%
==> ./configure --disable-silent-rules --prefix=/usr/local/Cellar/gnupg/1.4.19 --disable-asm
==> make
==> make check
==> make install

    /usr/local/Cellar/gnupg/1.4.19: 53 files, 5.4M, built in 87 seconds
office-4-125:release_manager_stuff rraghu$ which gpg
/usr/local/bin/gpg

 

Prepare MD5, SHA256 and ASC files from the source tarball and binaries:

md5 <your release tarball or binary> > <your release tarball or binary>.md5
shasum -a 512 <your release tarball or binary> > <your release tarball or binary>.sha512
gpg --detach-sign -a <your release tarball or binary>

Example:

$ md5 apache-madlib-1.11-incubating-src.tar.gz > apache-madlib-1.11-incubating-src.tar.gz.md5
$ shasum -a 512 apache-madlib-1.11-incubating-src.tar.gz > apache-madlib-1.11-incubating-src.tar.gz.sha512
$ gpg --detach-sign -a apache-madlib-1.11-incubating-src.tar.gz

You need a passphrase to unlock the secret key for
user: "Rashmi Raghu (CODE SIGNING KEY) <rashmiraghu@apache.org>"
4096-bit RSA key, ID 28D2C789, created 2017-05-01

 

$ ls -la

-rw-r--r--@ 1 rraghu staff 9961787 May 1 13:55 apache-madlib-1.11-incubating-bin-Darwin.dmg
-rw-r--r-- 1 rraghu staff 819 May 1 14:29 apache-madlib-1.11-incubating-bin-Darwin.dmg.asc
-rw-r--r-- 1 rraghu staff 86 May 1 14:27 apache-madlib-1.11-incubating-bin-Darwin.dmg.md5
-rw-r--r-- 1 rraghu staff 175 May 1 14:28 apache-madlib-1.11-incubating-bin-Darwin.dmg.sha512
-rw-r--r--@ 1 rraghu staff 3868116 May 1 13:55 apache-madlib-1.11-incubating-bin-Linux-GPDB5alpha1.rpm
-rw-r--r-- 1 rraghu staff 819 May 1 14:48 apache-madlib-1.11-incubating-bin-Linux-GPDB5alpha1.rpm.asc
-rw-r--r-- 1 rraghu staff 97 May 1 14:46 apache-madlib-1.11-incubating-bin-Linux-GPDB5alpha1.rpm.md5
-rw-r--r-- 1 rraghu staff 186 May 1 14:47 apache-madlib-1.11-incubating-bin-Linux-GPDB5alpha1.rpm.sha512
-rw-r--r--@ 1 rraghu staff 18527053 May 1 13:55 apache-madlib-1.11-incubating-bin-Linux.rpm
-rw-r--r-- 1 rraghu staff 819 May 1 14:43 apache-madlib-1.11-incubating-bin-Linux.rpm.asc
-rw-r--r-- 1 rraghu staff 85 May 1 14:41 apache-madlib-1.11-incubating-bin-Linux.rpm.md5
-rw-r--r-- 1 rraghu staff 174 May 1 14:41 apache-madlib-1.11-incubating-bin-Linux.rpm.sha512
-rw-r--r--@ 1 rraghu staff 2474217 May 1 13:56 apache-madlib-1.11-incubating-src.tar.gz
-rw-r--r-- 1 rraghu staff 819 May 1 14:45 apache-madlib-1.11-incubating-src.tar.gz.asc
-rw-r--r-- 1 rraghu staff 82 May 1 14:44 apache-madlib-1.11-incubating-src.tar.gz.md5
-rw-r--r-- 1 rraghu staff 171 May 1 14:45 apache-madlib-1.11-incubating-src.tar.gz.sha512

 

Validate the Release Candidate 

As per the Apache documentation, verify that the release candidate artifacts satisfy the following:

  • PGP signatures and SHA256/MD4 checksum verification

Example (performed on Mac OS):

$ brew install gpg coreutils

$ which gpg gsha512sum gmd5sum
/usr/local/bin/gpg
/usr/local/bin/gsha512sum
/usr/local/bin/gmd5sum

$ gpg --verify apache-madlib-1.11-incubating-bin-Linux.rpm.asc
gpg: assuming signed data in `apache-madlib-1.11-incubating-bin-Linux.rpm'
gpg: Signature made Mon May 1 14:42:16 2017 PDT using RSA key ID 28D2C789
gpg: Good signature from "Rashmi Raghu (CODE SIGNING KEY) <rashmiraghu@apache.org>"
$ gsha512sum --check apache-madlib-1.11-incubating-bin-Linux.rpm.sha512
apache-madlib-1.11-incubating-bin-Linux.rpm: OK
$ gmd5sum --check apache-madlib-1.11-incubating-bin-Linux.rpm.md5
apache-madlib-1.11-incubating-bin-Linux.rpm: OK

 

Check Jenkins build here to make sure it does not show any errors: https://builds.apache.org/job/madlib-master-build/ 

  • DISCLAIMER is correct, filenames include “incubating”
  • All source files have license headers where appropriate, RAT checks pass

$ mvn apache-rat:check 

  • The provenance of all source files is clear (ASF or software grants)

Commit artifacts to Apache dist site:

The Apache dist dev site for MADlib (incubating) is located at: https://dist.apache.org/repos/dist/dev/incubator/madlib/

Uploading to this site is via Subversion.

  1. Retrieve the subversion dev incubator madlib repo
    Example: svn checkout https://dist.apache.org/repos/dist/dev/incubator/madlib/ --username=<your apache user>
  2. Create a local folder for the release (e.g. 1.11-incubating.RC1) in svn. We use apache's distribution repo: https://dist.apache.org/repos/dist/dev/incubator/madlib/
  3. Move the files into the release folder on local disk
  4. svn add <release folder>
  5. Commit artifacts:
    Example: svn commit -m 'adding 1.11-incubating RC1 candidate release artifacts' --username=<your apache user id>



Vote on the Release

General information regarding the Apache voting process can be found here: http://www.apache.org/foundation/voting.html

Once the release candidate has been created, validated and the artifacts have been uploaded to the Apache dist site, it is time to have the community vote on the release.

Apache MADlib Community Vote

The MADlib user and developer communities have to vote on every release. The release manager must send out an email to the user and dev mailing lists calling for the vote (link to the example is below). A period of 3 business days is the usual time window for the vote. There are three voting options for the community members to choose from:

[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)

Please see the Apache voting process site for information on how many +1 votes are needed, what to do in case of -1 votes and for any clarifications to the voting process. 

Example email to the community calling for the vote can be found in Apache mail archives site here.

Once the community vote has been completed, the release manager must send out an email to the user and dev mailing lists with the results of the vote.  If other scenarios arise in the voting process, please refer to experienced community members or other similar projects for guidance on next steps.

Example email to the community with the results of the vote.

 

Incubator PMC Vote

Once the community vote has been successfully completed and results have been sent to the community, a round of voting by the Incubator PMC is required. The Incubator PMC (or IPMC) oversees all Apache projects in Incubating state. This vote is not needed once the project reaches Top Level status (TLP status).

The release manager must send out an email (link to an example is below) to the general@incubator.apache.org mailing list calling for the IPMC vote. A period of 3 business days is the usual time window for the vote. 

Example email to the Incubator PMC calling for their vote on the release candidate.

After the IPMC voting has been successfully completed, the release manager must send an email to general@incubator.apache.org with the results of the vote. At this point the release candidate is ready to become GA.

Example email to the Incubator PMC with the results of the vote.

 


Publishing and Distributing Release

Once the release candidate has successfully passed through the voting processes, it is ready to be GA.

  1. Move the source, binaries and corresponding signature files to the release dist site: https://dist.apache.org/repos/dist/release/incubator/madlib/ .
    See section above on committing artifacts to the dev dist site and follow the same process for the release dist site.
  2. Update the main website with new version GA info (see previous examples already on the site): http://madlib.incubator.apache.org/
  3. Update the user docs link to point to the correct version of the docs and also update any version numbers / links in the page content: http://madlib.incubator.apache.org/docs/latest/ 

 


Announce the Release

General Apache information regarding announcing a release may be found here.

Announce the release on user@ and dev@ mailing lists. See example email of past announcement.
 


Miscellaneous

 

  • No labels