Prerequisites
Before starting the process, you need to ensure several things before proceed to create a release.
- You need to clone the latest pinot code base in your local machine
- You need to ensure that you have the access to Apache Repository Manager. Try to log in with Apache LDAP credential.
You need to check out Apache staging & release distribution directories for Pinot.
svn co https://dist.apache.org/repos/dist/release/incubator/pinot pinot-release-dist svn co https://dist.apache.org/repos/dist/dev/incubator/pinot pinot-dev-dist
https://dist.apache.org/repos/dist/release/incubator/pinot: this is where the actual release (PMC approved) will be placed. Do not upload anything here until voting from both dev@pinot and general@incubator pass.
- https://dist.apache.org/repos/dist/dev/incubator/pinot: this is where we put the release candidates and link for this will be used for reference during the voting process.
GPG Key Setup
The release manager must hold a GPG key for signing the release artifacts. GPG key has to be associated with the apache email address. One can create the GPG by using the following cmd. Note that the key length should be 4096 bits. Please refer to the example below:
$ gpg2 --full-generate-key gpg (GnuPG) 2.1.22; Copyright (C) 2017 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y ... gpg: key 2C9B34D6A54AAFAE marked as ultimately trusted ...
After you generate the GPG key, copy the key. "gpg: key 2C9B34D6A54AAFAE marked as ultimately trusted" (From here, I will use $GPG_KEY).
$ GPG_KEY=<your_gpg_key> # fill in your key
Once you generate the gpg key, you need to go through the following steps:
Upload GPG public key to a public key server. Copy the following command's output to "Submit a key" box and click the submit button. http://pgp.mit.edu
$ gpg --export --armor $GPG_KEY -----BEGIN PGP PUBLIC KEY BLOCK----- ... -----END PGP PUBLIC KEY BLOCK-----
Update key fingerprint at https://id.apache.org
$ gpg --fingerprint $GPG_KEY
Copy the hex numbers (e.g. "0D9E 9997 4D5A 59F1 7183 362F 2C9B 34D6 A54A AFAE") to "OpenPGP Public Key Primary Fingerprint" box and submit the change.
Update KEYS file under pinot-release-dist
$ cd pinot-release-dist # Append the public key to KEYS file gpg --list-sigs $GPG_KEY && gpg --armor --export $GPG_KEY >> KEYS... # Commit the change svn commit -m "Update Pinot KEYS file for $GPG_KEY"
After following 1-3, you should have the following:
- Your public key is listed in https://dist.apache.org/repos/dist/release/incubator/pinot/KEYS
- Your public key is viewable at https://people.apache.org/keys/committer/<apache_ldap_id>.asc (e.g. https://people.apache.org/keys/committer/snlee.asc)
- Your public key is viewable at https://people.apache.org/keys/group/pinot.asc
Maven Setup
As part of the release process, we will upload our artifacts to maven central staging repository and "maven-release-plugin" will do it for you automatically for the most of part. In order to use the plugin, we need to set up the maven config correctly.
$ vim ~/.m2/settings.xml # Paste the below text <settings> <servers> <server> <id>apache.snapshots.https</id> <username>{apache LDAP id}</username> <password>{apache user password}</password> </server> <server> <id>apache.releases.https</id> <username>{apache LDAP id}</username> <password>{apache user password}</password> </server> <server> <id>gpg.passphrase</id> <passphrase>{gpg key phrase}</passphrase> </server> </servers> <profiles> <profile> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.keyname>${GPG_KEY}</gpg.keyname> </properties> </profile> </profiles> </settings>
Reference
- http://plc4x.apache.org/developers/release.html
- https://cwiki.apache.org/confluence/display/GOBBLIN/Release+Process