0.1 release candidate 2

[Karl Wettin <ka...@gmail.com>]

I just created the second release candidate for 0.1, here:

http://people.apache.org/~kalle/staging-area/mahout0.1rc2

Please download and report back on any issues you encounter.

There is virtually no difference between the tar/zip balls in rc1 and  
rc2, just the name change and some additions to the Ant and Maven  
build files. No code or docs changes.

It now contains Maven artifacts. I'm pretty sure there are problems  
with these artifacts as the POM files contains some rather whacky ad  
hoc stuff to handle dependencies that's not distributed via Maven,  
notably Hadoop and several of its dependencies. There is also the fact  
that we use multiple modules with a parent POM, I'm not sure if that  
is set up as it should. I'll have to ask around a bit in Maven fora  
and see what people there think of it and how they ususally go about  
that stuff.

So there will probably be an rc3 too.


       karl

Re: 0.1 release candidate 2

[Karl Wettin <ka...@gmail.com>]

22 sep 2008 kl. 14.50 skrev Grant Ingersoll:

> publish your code signing key

Done. Can you please try again?

> -Maven artifacts need to be signed.

We now use mvn gpg-plugin to sign all files. I can however not manage  
to get it working in any other way than passing down the passphrase as  
a -Dparameter at command line, which means that the passphrase is  
visible in bash history, in the process description, et c. Not good.  
"mvn deploy" asks for the passphrase if I run it from my terminal but  
when executed via Ant it seems to skip reading system in and fails  
with an exception.

I will put an rc3 in the staging area but I will not check in the Ant  
script. I don't have time to look closer at this right now but if  
anyone feels like solving this then this is the way the target looks  
like on my computer:

   <!-- make a distribution -->
   <target name="package"
           description="Packages the Mahout distribution files and  
documentation."
           depends="clean, dist, javadoc">

     <property name="fullname" value="apache-${ant.project.name}"/>
     <property name="fullnamever" value="apache-${ant.project.name}-$ 
{version}"/>

     <property name="dist" value="dist" />

     <property name="gpg.passphrase" value="set this value using - 
Dgpg.passphrase=secret at commandline"/>

     <mkdir dir="${dist}"/>

     <!-- create maven artifacts -->
     <mkdir dir="${dist}/maven"/>

     <exec command="mvn -Dtest=false deploy -Dgpg.passphrase=$ 
{gpg.passphrase}"/>

     <copy todir="${dist}/maven">
       <fileset dir="core/dist/maven"/>
     </copy>

     <!-- create tarball -->

     <tar destfile="${dist}/${fullnamever}.tgz" compression="gzip">
       <tarfileset dir="."
         prefix="${fullnamever}"
         includes="KEYS LICENSE.txt NOTICE.txt README.txt build.xml  
pom.xml lib/"
         excludes=""/>
       <tarfileset dir="./core"
         prefix="${fullnamever}/core"
         includes="build.properties build.xml taste-build.xml pom.xml  
src/ lib/"
         excludes=""/>
       <tarfileset dir="./examples"
         prefix="${fullnamever}/examples"
         includes="build.properties build.xml pom.xml src/ lib/"
         excludes=""/>
       <tarfileset dir="./core/build/docs/api"
         prefix="${fullnamever}/docs/api" />
       <tarfileset dir="./core/dist/"
         prefix="${fullnamever}"
         includes="*.jar"/>
     </tar>

     <!-- unpack tarball and create zipball -->

     <property name="dest" value="build"/>
     <mkdir dir="${dest}"/>

     <gunzip src="${dist}/${fullnamever}.tgz" dest="${dest}/$ 
{fullnamever}.tar"/>
     <untar src="${dest}/${fullnamever}.tar" dest="${dest}"/>

     <zip destfile="${dist}/${fullnamever}.zip">
       <zipfileset dir="${dest}/${fullnamever}"
         prefix="${fullnamever}"/>
     </zip>

     <delete dir="${dest}" />

     <!-- pgp arm tgz and zip -->
     <exec command="gpg --armor --output ${dist}/$ 
{fullnamever}.tgz.asc --detach-sig ${dist}/${fullnamever}.tgz"/>
     <exec command="gpg --armor --output ${dist}/$ 
{fullnamever}.zip.asc --detach-sig ${dist}/${fullnamever}.zip"/>

     <!-- create md5 sum for tgz and zip -->
     <exec command="openssl dgst -md5 -out ${dist}/$ 
{fullnamever}.tgz.md5 ${dist}/${fullnamever}.tgz"/>
     <exec command="openssl dgst -md5 -out ${dist}/$ 
{fullnamever}.zip.md5 ${dist}/${fullnamever}.zip"/>


   </target>

Re: 0.1 release candidate 2

[Grant Ingersoll <gs...@apache.org>]

Thoughts:

-The Mahout parent POM should probably be called mahout-parent or  
something like that, it's kind of confusing in the Maven structure at http://people.apache.org/~kalle/staging-area/mahout0.1rc2/maven/org/apache/lucene/mahout/

-Maven artifacts need to be signed.  See https://issues.apache.org/jira/browse/SOLR-776 
  for an ANT task to do this.  Of course, Maven may take care of this  
for you.  We might consider using Maven for building release  
artifacts.  Of course, maybe we should just bite the bullet and use  
Maven.  If we need anything sophisticated, we could always punt out to  
Ant via the Ant goal in Maven.  Separate conversation, I suppose.  How  
hard would it be in Maven to build the release artifacts?

- Karl, you need to publish your code signing key: http://www.apache.org/dev/release-signing.html 
   Currently, verification of the signatures fails.

-The NOTICE.txt is not up to date with what is checked in on  
branch-0.1.  Nor is the README.

- I checked in some updates that put in proper ASL headers on files.

I'll keep checking

-Grant

On Sep 21, 2008, at 1:33 PM, Karl Wettin wrote:

> I just created the second release candidate for 0.1, here:
>
> http://people.apache.org/~kalle/staging-area/mahout0.1rc2
>
> Please download and report back on any issues you encounter.
>
> There is virtually no difference between the tar/zip balls in rc1  
> and rc2, just the name change and some additions to the Ant and  
> Maven build files. No code or docs changes.
>
> It now contains Maven artifacts. I'm pretty sure there are problems  
> with these artifacts as the POM files contains some rather whacky ad  
> hoc stuff to handle dependencies that's not distributed via Maven,  
> notably Hadoop and several of its dependencies. There is also the  
> fact that we use multiple modules with a parent POM, I'm not sure if  
> that is set up as it should. I'll have to ask around a bit in Maven  
> fora and see what people there think of it and how they ususally go  
> about that stuff.
>
> So there will probably be an rc3 too.
>
>
>      karl