...
Check out release branch
Code Block git checkout branch-1.2.0
Create tag on this commit to identify precise point where the RC was generated and push this tag to main repository
Code Block git tag -a release-1.2.0 -m "Sentry 1.2.0 incubating release" #Make sure compiles/tests run fine and rat check is fine mvn clean install -DskipTests mvn test mvn verify -DskipTests (to do the rat check) git push origin release-1.2.0
If an rc1, rc2, etc is needed, delete that tag before creating a new one:
Code Block git tag -d release-1.2.0 git push origin :refs/tags/release-1.2.0
Create temporary directory where you'll be preparing all required artifacts
Code Block mkdir -p /tmp/sentry-release-preparations
Create source artifact and move it to your temporary directory (TODO: git archive?)
Code Block git archive --format=tar --prefix=apache-sentry-1.2.0-incubating-src/ HEAD | gzip > /tmp/sentry-release-preparations/apache-sentry-1.24.0-incubating-src.tar.gz
Sanity Check
Make sure code compiles and tests pass on the untared src.
Code Block cd /tmp/sentry-release-preparations tar -xvf apache-sentry-1.2.0-incubating-src.tar.gz cd apache-sentry-1.2.0-incubating-src mvn clean install -DskipTests mvn test mvn verify -DskipTests (to do the rat check)
Make sure the tar and the rc match
Code Block #Do a fresh clone of the tag git clone https://git-wip-us.apache.org/repos/asf/incubator-sentry.git cd incubator-sentry/ git checkout tags/release-1.2.0 cd .. diff -r incubator-sentry /tmp/sentry-release-preparations/
Check out the candidate
Code Block git checkout release-X.Y.Z
Generate a tarball
Code Block mvn clean install -DskipTests
Unpack the source tarball
Code Block cd sentry-dist/target rm -rf ./apache-sentry-1.2.0-incubating-src tar xzvf apache-sentry-1.2.0-incubating-src.tar.gz
Do another full build inside the source tarball. This time, allow all unit tests & integration tests to run and also include the docs
Code Block cd apache-sentry-1.2.0-incubating-src mvn test
Signatures and Checksums
All artifacts must be signed and checksummed. In order to sign a release you will need a PGP key. You should get your key signed by a few other people. You will also need to recv their keys from a public key server. See the Apache release signing page for more details. If you add your PGP key fingerprint to your Apache profile, your key should automatically be added to https://people.apache.org/keys/group/sentry.asc
...