This document provides steps involved in pre and post (Apache) release of Apache Ranger.
Pre Release Tasks
Ensure that there is no OPEN lira associated with the release
Notify dev list in advance of the release with details on the release such as purpose of release, who will be be release-manager, ….
Create a separate branch for the release (e.g.: ranger-0.6)
In the release branch:
Update all of the version number to release version number (from SNAPSHOT version number)
$ mvn versions:set -DnewVersion=<newReleaseVersion> -DgenerateBackupPoms=false
Release VOTE Tasks
Build release artifacts
- DEV VOTE
Verify all of the source is ready for release
Able to validate maven install works fine.
Verify LICENSE and NOTICE files for the release is updated based on changes in the release
Update the release notes
Create a tag in the release branch (${release-version}-rc{release-candidate-number}
Create the release artifacts using $ant –f release-build.xml -Dranger–release-version=<new-version-number>)
This should create below 4 files in the
target/apache-ranger-<version-number>.tar.gz
- target/apache-ranger-<version-number>.tar.gz.asc
- target/apache-ranger-<version-number>.tar.gz.sha256
- target/apache-ranger-<version-number>.tar.gz.sha512Note: Delete the target/apache-ranger-<version-number>.tar.gz.sha256 and target/apache-ranger-<version-number>.tar.gz.sha512 and regenerate using below command from target directory
- shasum -a 256 apache-ranger-<version-number>.tar.gz > apache-ranger-<version-number>.tar.gz.sha256
- shasum -a 512 apache-ranger-<version-number>.tar.gz > apache-ranger-<version-number>.tar.gz.sha512
Upload the release artifacts (4 files from target folder) to svn (https://dist.apache.org/repos/dist/dev/ranger/${new-version}-rc${release-candidate-number})
If the signer's key is not in KEYS file in https://dist.apache.org/repos/dist/release/ranger/KEYS, Update the KEYS file to add that the signer key using SVN.
Send release VOTE request to dev@ranger.apache.org and private@ranger.apache.org
If VOTE did not go through,
Fix the problem and Repeat the “Build release artifacts” steps again
Send vote results to dev@ranger.apache.org , private@ranger.apache.org via email
IPMC VOTE (This is not required anymore, since Ranger has graduated to a top level project): Update: 30-JAN-2017
Send release VOTE to general@incubator.apache.orgIf VOTE did not go throughFix the problem and Repeat the “Build release artifacts” steps again
Send a vote results to general@incubator.apache.org , private@ranger.incubator.apache.org via email
Post Release Tasks
Copy the source release artifacts to svn - https://dist.apache.org/repos/dist/release/ranger
Create a final release tag in the release branch (${release-version})
Update the doc site with the release artifacts (use master branch to do this!) and push the changes in the master branch
In Apache JIRA admin, mark the release as complete and create a next version for tracking the changes to the next (major|minor) version
Update version number in master to next snapshot version
Update the pom.xml version to next SNAPSHOT ($ mvn versions:set -DnewVersion=<nextVersion>-SNAPSHOT)
push the changes to the release branch (e.g. ranger-0.6 for all ranger-0.6.* releases)
Update release data in https://reporter.apache.org/?ranger
If the release resolved any CVE,
please update the "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger”
send notification to security@apache.org, oss-security@lists.openwall.com , dev@ranger.apache.org , user@ranger.apache.org ,private@ranger.apache.org
- Follow https://www.apache.org/security/committers.html for publishing the CVE