Child pages
  • Geronimo 3.0.x Release Process
Skip to end of metadata
Go to start of metadata

Geronimo 3.0.x Release Process


Have 3.0.1 release as an example.

Release Checklist

1. Better to use a non-Windows system to create the release candidate

2. mvn rat:check

3. Manually update some files:

  • Updates all pom.xml files to search "SNAPSHOT" to ensure there is no snapshot dependencies
  • Updates plugin-list url in $SRC\framework\configs\plugin\pom.xml
  • Updates ##VERSION## in README.txt and RELEASE_NOTES.txt in source code root folder and $SRC\framework\configs\karaf-framework
  • Updates JIRAs in RELEASE_NOTES.txt (bugs, improvement, new features, known issues, and limitations)
  • Updates the copyright year number in NOTICE files
  • Updates some un-released modules' versions to 3.0.1. Refer to this ant scripts to update the versions in batch.
  • Commit them

4. mvn release:prepare -DdryRun=true -Pall-subprojects

5. Release Prepare

  • Before doing release prepare, clean up you local repository to avoid the bad staging release artifacts to be included in the geronimo release. see reference.
  • This will update the versions in branch 3.0 and create the release tag
    • Manually remove all *.log files in the source code root folder, otherwise those might be packed into the source code zip files.
    • mvn release:clean -Pall-subprojects
    • mvn release:prepare -Pall-subprojects
      • you need "mvn clean install -Dstage=bootstrap" in midway

6. Release Perform

7. Vote

  • Vote in mailing list, meanwhile wait TCK results. Sample release vote email as following:
[VOTE] Release Geronimo 3.0.0
  • Post "VOTE PASSxxx" in the subject, and summarize the vote status in the body when vote close.

8. Release artifacts

  • In Apache nexus, click "release"
    • the artifacts will be synchronized to maven central repository in some time.

9. Update geronimo-plugins.xml

10. Check-in artifacts into dist svnpubsub

11. Announce in Mailing list and Post news in homepage

12. Update the security advisory page

13. Manaually update files in the 3.0 branch after release

  • update 3.0.1-SNAPSHOT to ##VERSION## in README.txt and RELEASE_NOTES.txt
  • remove the JIRA list in RELEASE_NOTES.txt (bugs, improvement, new features, limitations)
  • search "3.0.0" and change them to "3.0.1-SNAPSHOT"
  • Update artifact-alias, add version 3.0.0 in artifact-alias after 3.0.0 release
    • /framework/configs/pom.xml
    • /plugins/client/pom.xml
    • /plugins/corba/client-corba-yoko/pom.xml
    • /plugins/pom.xml
  • commit them


1. Use Genesis 2.0 as a parent pom

  • genesis-java5-flava-2.0.pom
    • genesis-default-flava-2.0.pom
      • genesis-2.0.pom
        • apache-6.pom

2. Use Maven 3.0.3

It is highly recommended to use Maven's password encryption capabilities for your passwords.

3. Setup PGP Keys (for the ones who be the release manager the first time)

  • Download gnupg2
  • Generate your PGP Key (refer: so that maven-release-plugin can sign your built artifacts when do release:perform
    • How To Avoid SHA-1
    • How To Generate a Strong Key
  • Update Maven's settings.xml with following:
  • Meanwhile, append your public key to and so that user can verify the artifacts you released.
    • gpg --gen-key
      • RSA and RSA (default), 4096
    • gpg --list-sigs "xxxxxx" && gpg --armor --export "xxxxxx" > xxxxxx.key
      • "cat" your public key to above KEYS file


  • No labels