This document provides steps involved in pre and post (Apache) release of Apache Ranger.
Pre Release Tasks
Ensure that there is no OPEN lira associated with the release
Notify dev list in advance of the release with details on the release such as purpose of release, who will be be release-manager, ….
Create a separate branch for the release (e.g.: ranger-0.6)
In the release branch:
Update all of the version number to release version number (from SNAPSHOT version number)
$ mvn versions:set -DnewVersion=<newReleaseVersion> -DgenerateBackupPoms=false
- Note: Can refer to the Jira link here for task breakup.
Release VOTE Tasks
Signing Releases
- Setup for first time release managers
Upload the Public RSA key
Login at http://id.apache.org
Add Public SSH Key to your profile from ~/.ssh/id_rsa.pub
SSH Key (authorized_keys line):
Submit changes- Generate OpenPPG Key
- gpg --gen-key
- Note: You can refer to this link for the latest criteria on key generation.
- gpg --list-keys <KEY_ID>
- gpg --keyserver hkp://keyserver.ubuntu.com --send-key <KEY_ID>
- gpg --gen-key
- Update the KEYS file to add that the signer key using SVN.
- https://dist.apache.org/repos/dist/release/ranger/KEYS
- Note: If the release manager is not a PMC member, then coordination with a PMC member is needed to update the KEYS, as only PMC members are allowed to update the SVN repository.
- https://dist.apache.org/repos/dist/release/ranger/KEYS
- Setup for first time release managers
Build release artifacts
Verify all of the source is ready for release
Able to validate maven install works fine.
Verify LICENSE and NOTICE files for the release is updated based on changes in the release
Update the release notes
Create a tag in the release branch (${release-version}-rc{release-candidate-number}
Create the release artifacts using $ant –f release-build.xml -Dranger–release-version=<new-version-number>)
This should create below 4 files in the
target/apache-ranger-<version-number>.tar.gz
- target/apache-ranger-<version-number>.tar.gz.asc
- target/apache-ranger-<version-number>.tar.gz.sha256
- target/apache-ranger-<version-number>.tar.gz.sha512
- Note: Delete the target/apache-ranger-<version-number>.tar.gz.sha256 and target/apache-ranger-<version-number>.tar.gz.sha512 and regenerate using below command from target directory. Command may vary based on the operating system.
- shasum -a 256 apache-ranger-<version-number>.tar.gz > apache-ranger-<version-number>.tar.gz.sha256
- shasum -a 512 apache-ranger-<version-number>.tar.gz > apache-ranger-<version-number>.tar.gz.sha512
- Note: Delete the target/apache-ranger-<version-number>.tar.gz.sha256 and target/apache-ranger-<version-number>.tar.gz.sha512 and regenerate using below command from target directory. Command may vary based on the operating system.
- verify the singed tarball and checksum file using below command
- gpg --verify apache-ranger-<version-number>.tar.gz.asc apache-ranger-<version-number>.tar.gz
- shasum -a 256 -c apache-ranger-<version-number>.tar.gz.sha256
- shasum -a 512 -c apache-ranger-<version-number>.tar.gz.sha512
Upload the release artifacts (4 files from target folder) to svn (https://dist.apache.org/repos/dist/dev/ranger/${new-version}-rc${release-candidate-number})
- Note: If the release manager is not a PMC member, then coordination with a PMC member is needed to update the KEYS, as only PMC members are allowed to update the SVN repository.
Dev Vote
- Send release voting request with the subject line "[VOTE] Apache Ranger <version-number> rc0" request to dev@ranger.apache.org and private@ranger.apache.org
If VOTE did not go through,
Fix the problem and Repeat the “Build release artifacts” steps again
Vote will be open for 72 hours.
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
Once the vote passes/fails, send out an email with subject like "[RESULT] [VOTE] Apache Ranger <version-number> rc0" to dev@ranger.apache.org , private@ranger.apache.org via email
IPMC VOTE (This is not required anymore, since Ranger has graduated to a top level project): Update: 30-JAN-2017
Send release VOTE to general@incubator.apache.orgIf VOTE did not go throughFix the problem and Repeat the “Build release artifacts” steps again
Send a vote results to general@incubator.apache.org , private@ranger.incubator.apache.org via email
Post Release Tasks
Copy the source release artifacts to svn - https://dist.apache.org/repos/dist/release/ranger
Create a final release tag in the release branch (${release-version})
Update the doc site with the release artifacts (use master branch to do this!) and push the changes in the master branch
Send out Announcement to dev@ranger.apache.org, user@ranger.apache.org and announce@apache.org
Subject: [ANNOUNCE] Apache Ranger <version-number>- Note: If the email is not delivered to announce@apache.org, then please coordinate with PMC members.
In Apache JIRA admin, mark the release as complete and create a next version for tracking the changes to the next (major|minor) version
Update version number in master to next snapshot version
Update the pom.xml version to next SNAPSHOT ($ mvn versions:set -DnewVersion=<nextVersion>-SNAPSHOT)
push the changes to the release branch (e.g. ranger-0.6 for all ranger-0.6.* releases)
Update release data in https://reporter.apache.org/?ranger
If the release resolved any CVE,
please update the "https://cwiki.apache.org/confluence/display/RANGER/Vulnerabilities+found+in+Ranger”
send notification to security@apache.org, oss-security@lists.openwall.com , dev@ranger.apache.org , user@ranger.apache.org ,private@ranger.apache.org
- Follow https://www.apache.org/security/committers.html for publishing the CVE