...
Make sure the tar and the rc match
Code Block cd /tmp/sentry-release-preparations tar -xvf apache-sentry-1.2.0-incubating-src.tar.gz #Do a fresh clone of the tag git clone https://git-wip-us.apache.org/repos/asf/incubator-sentry.git cd incubator-sentry/ git checkout tags/release-1.2.0 cd .. diff -r incubator-sentry apache-sentry-1.2.0-incubating-src
Make sure code compiles and tests pass on the untared src.
Code Block cd apache-sentry-1.2.0-incubating-src mvn clean install -DskipTests mvn test mvn verify -DskipTests (to do the rat check)
Create signatures and check sums (TODO: Use maven gpg plugin?)
All artifacts must be signed and checksummed. In order to sign a release you will need a PGP key. You should get your key signed by a few other people. You will also need to recv their keys from a public key server. See the Apache release signing page for more details. If If you add your PGP key fingerprint to your Apache profile, your key should automatically be added to https://people.apache.org/keys/group/sentry.asc
...
6. Upload artifacts and all created check sums with signatures to https://dist.apache.org/repos/dist/dev/incubator/sentry
Update KEYS file
If your PGP key is not yet in the project's KEYS file, you need to first add that in. To do this, checkout the KEYS file and update it using the following commands:
...