You are viewing an old version of this page. View the current version.
Compare with Current
View Page History
« Previous
Version 5
Next »
Preparation
- Make sure you have a PGP key of at least 4096 bits in the RSA format added to the KEYS file in addition to a public PGP key server such as https://sks-keyservers.net/.
- Configure your
git config
user.signingkey
, user.name
, and user.email
values to match that key. - Add your GPG and LDAP info to your
~/.m2/settings.xml
- If you haven't set a master password for Maven, run
mvn --encrypt-master-password
and choose a password. - Save this in
~/.m2/settings-security.xml
as (make sure to preserve the curly braces to indicate the password is encrypted):
<settingsSecurity>
<master>{encryptedPasswordHere}</master>
</settingsSecurity>
- Next, encrypt your LDAP and GPG passwords using
mvn --encrypt-password
and store those inside ~/.m2/settings.xml
like so (make sure to use the long form of your key id given by the gpg -K
command):
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>svn.apache.org</id>
<username>myLdapId</username>
<password>{myLdapPass}</password>
</server>
<server>
<id>apache.releases.https</id>
<username>myLdapId</username>
<password>{myLdapPass}</password>
</server>
<server>
<id>apache.snapshots.https</id>
<username>myLdapId</username>
<password>{myLdapPass}</password>
</server>
</servers>
<!-- note that this enables the release profile by default which will gpg sign all apache artifacts during builds -->
<!-- when not releasing, comment this element out or use -P!apache-release to disable the profile from the command line -->
<activeProfiles>
<activeProfile>apache-release</activeProfile>
</activeProfiles>
<profiles>
<profile>
<id>apache-release</id>
<properties>
<gpg.keyname>myGpgKeyId</gpg.keyname>
<gpg.passphrase>{myGpgKeyPassphrase}</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>
Release Process
- Note that since a parent pom can be easily ignored by downstream users, this release process works via lazy approval rather than the usual voting process.
- Run
mvn -Papache-release release:prepare release:perform -DreleaseVersion=n -DdevelopmentVersion=N-SNAPSHOT -Dtag=logging-parent-n
to begin the release process. - Login to https://repository.apache.org/ and find the newly created staging repository. Close it to publish said release to staging.
- Send a lazy vote email for this version to dev@logging.apache.org.
- If there are problems with this release, a new version can be released without issue.
- After the voting period, release the artifacts from Nexus.
- Create a signed tag of the passed release candidate via
git tag -s rel/n 'logging-parent-n^{}' -m 'Release n of Logging Parent POM' && git push --tags
- Send announcement email to dev@logging.apache.org.