Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
- Prerequisites
- Discuss
- Prepare
- Tag Branch Point and Branch
- Clone & Checkout Branch
- Update version numbers on master branch (from A.B.C-SNAPSHOT to D.E.F-SNAPSHOT) and push changes
- Update version numbers on release branch (from A.B.C-SNAPSHOT to A.B.C) and push changes
- Create a new Jenkins job to build the release. It should call these two commands. It is probably best to copy the previous releases job.
- Sanity Test
- Sign
- Verify Signatures
- Tag Release Candidate
- Stage
- Community reviews the RC
- Vote
- Iterate based on feedback until vote passes
- Once vote passes, tag the release:
- Promote
- Verify that the results are accessible.
- Wait 24 hours for release to propagate to mirrors.
- Update site
- Create version in JIRA for release X.Y.
- Send announcements to the user and developer lists.
- Update CHANGES with header for new changes
- Trademarks
- License
- Privacy Policy
Prerequisites
Before entering into this process you need to ensure you will be able to cryptographically sign the final result in such a way that others can validate the signature. This can be a confusing process. Here are links to several documents that should help.
- http://www.apache.org/dev/openpgp.html
- http://www.apache.org/dev/release-signing.html
- http://httpd.apache.org/dev/verification.html
Discuss
Send a [DISCUSS] email to the dev@knox list proposing a release.
Prepare
In preparation for each release there are a number of sub-steps required to ensure that that the project's repository is in a suitable state for branching.
Update CHANGES
Update CHANGES.txt with release date (Release X.Y - MM/dd/yyyy) and (if needed) add additional changelog entries.
The CHANGES file can be found in gateway-release/home
Update documentation
Build, Test and Push Changes
git pull git commit --all --message "Prepare for branch." ant verify git push
Tag Branch Point and Branch
git tag --annotate v{X.Y.Z}-branch --message "Branch point for v{X.Y.Z}" git push origin --tags git checkout -b v{X.Y.Z} git push --set-upstream origin v{X.Y.Z}
Clone & Checkout Branch
git clone https://git-wip-us.apache.org/repos/asf/incubator-knox.git knox-{X.Y.Z} cd knox-{X.Y.Z} git checkout -t origin/v{X.Y.Z}
Update version numbers on master branch (from A.B.C-SNAPSHOT to D.E.F-SNAPSHOT) and push changes
Update version numbers on release branch (from A.B.C-SNAPSHOT to A.B.C) and push changes
git pull git commit --all --message "Prepare for branch." ant verify git push
Create a new Jenkins job to build the release. It should call these two commands. It is probably best to copy the previous releases job.
mvn -Prelease clean install
ant post-build
Download the release candidate
ant download-candidate
Sanity Test
Do some basic manual testing to see if release looks ok. For example do and install and run through a few of the samples.
Sign
ant sign-candidate
Verify Signatures
Verify the hashes and signatures. First change into the distribution directory.
cd release
Verify the signatures for both the source and binary distribution. Note: This assumes that gpg is installed.
gpg --verify knox-{X.Y.Z}-src.zip.asc knox-{X.Y.Z}-src.zip gpg --verify knox-{X.Y.Z}.zip.asc knox-{X.Y.Z}.zip
Verify the SHA-1 hashes for both the source and binary distribution. Note: This assumes a Linux or MacOS environment with openssl installed.
cat knox-{X.Y.Z}-src.zip.sha && openssl sha1 knox-{X.Y.Z}-src.zip cat knox-{X.Y.Z}.zip.sha && openssl sha1 knox-{X.Y.Z}.zip
Verify the MD5 digest for both the source and binary distribution. Note: This assumes a Linux or MacOS environment with openssl installed.
cat knox-{X.Y.Z}-src.zip.md5 && openssl md5 knox-{X.Y.Z}-src.zip cat knox-{X.Y.Z}.zip.md5 && openssl md5 knox-{X.Y.Z}.zip
Tag Release Candidate
git tag --annotate vX.Y.Z-rcN --message "vX.Y.Z release candidate N" git push origin --tags
Stage
Follow the instructions output by the sign step above. Basically execute this command.
ant stage-candidate
Community reviews the RC
https://dist.apache.org/repos/dist/dev/incubator/knox/
Vote
Send a [VOTE] email to the dev@knox list. A template was output by the sign step above as target/vote.eml
.
From: {release-manager} To: dev@knox.incubator.apache.org Subject: [VOTE] Release Apache Knox (Incubator) {X.Y.Z} A candidate for the Apache Knox (Incubator) {X.Y.Z} release is available at: http://people.apache.org/~{release-manager}/knox/{X.Y.Z}/ The release candidate is a zip archive of the sources in: https://git-wip-us.apache.org/repos/asf/incubator-knox.git Branch {X.Y.Z} The SHA1 checksum of the archive is {checksum}. Please vote on releasing this package as Apache Knox (Incubator) {X.Y.Z}. The vote is open for the next 72 hours and passes if a majority of at least three +1 Apache Knox (Incubator) PMC votes are cast. [ ] +1 Release this package as Apache Knox (Incubator) {X.Y.Z} [ ] -1 Do not release this package because...
Iterate based on feedback until vote passes
Once vote passes, tag the release:
git tag --annotate v{X.Y.Z}-release --message "Release of v{X.Y.Z}" git push origin --tags
Promote
ant promote-release
Verify that the results are accessible.
https://dist.apache.org/repos/dist/release/incubator/knox/
Wait 24 hours for release to propagate to mirrors.
Update site
Update news in src/site/src/documentation/content/xdocs/index.xml and for main lucene.apache.org site stored at https://svn.apache.org/repos/asf/lucene/site/. The second change may require additional rights
Create version in JIRA for release X.Y.
Send announcements to the user and developer lists.
Update CHANGES with header for new changes
Trademarks
Apache Knox Gateway, Apache, the Apache feather logo and the Apache Knox Gateway project logos are trademarks of The Apache Software Foundation. All other marks mentioned may be trademarks or registered trademarks of their respective owners.
License
Apache Knox uses the standard Apache license.
Privacy Policy
Apache Knox uses the standard Apache privacy policy.