You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@drill.apache.org by GitBox <gi...@apache.org> on 2019/12/19 14:42:47 UTC
[GitHub] [drill] vvysotskyi opened a new pull request #1937: DRILL-7230: Add
README.md with instructions for release and release scripts
vvysotskyi opened a new pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937
Jira - [DRILL-7230](https://issues.apache.org/jira/browse/DRILL-7230).
Release instruction and scripts are based on the https://github.com/parthchandra/drill/wiki/Drill-Release-Process, https://github.com/parthchandra/stuff/blob/master/scripts/drill-release.sh, and https://github.com/parthchandra/stuff/blob/master/scripts/checksum.sh.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363257698
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
Review comment:
```suggestion
Instruction on how to create the key signature is embedded at the beginning of the `KEYS` file.
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r359999029
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+
+ Body example:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify final cut-off date.
+ 4. Before starting the release send a reminder to dev list that merge in Apache Drill master is forbidden during
+ release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+
+2. ## Setup environment:
+ 1. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`)
+ 8. Add your key signature to the `KEYS` file in the Drill sources repo.
Review comment:
Good point, I have added additional info.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r360362371
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+
+ Body example:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify final cut-off date.
+ 4. Before starting the release send a reminder to dev list that merge in Apache Drill master is forbidden during
+ release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+
+2. ## Setup environment:
+ 1. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`)
+ 8. Add your key signature to the `KEYS` file in the Drill sources repo.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature to the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ - `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`
+ - Update `KEYS` file with required changes
+ - Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`
+ 2. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the apache server by running the following: `sftp <username>@home.apache.org`
+
+ 3. ### SVN
Review comment:
Moved this section above `GPG key` section. Added instruction on how to install the `svn` client. Regarding writable access to `dist.apache.org`, there are no additional things to do for PMC.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r360404569
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+
+ Body example:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify final cut-off date.
+ 4. Before starting the release send a reminder to dev list that merge in Apache Drill master is forbidden during
+ release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+
+2. ## Setup environment:
+ 1. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`)
+ 8. Add your key signature to the `KEYS` file in the Drill sources repo.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature to the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ - `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`
+ - Update `KEYS` file with required changes
+ - Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`
+ 2. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the apache server by running the following: `sftp <username>@home.apache.org`
+
+ 3. ### SVN
+ You also need access to Apache SVN. (You need to be a PMC member for this).
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8 (not 9 or 13).
+3. ## Manual Release process
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new drill repository
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeed along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. Push the new tag to your personal github repository
+ You should see 2 new commits on top of the branch and a new `drill-1.17.0` tag
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits to personal repo
+ (Since Apache doesn't allow rollbacks on master if mistakes are made)
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
+ Run the following script:
+ ```
+ tools/release-scripts/release.sh
+ ```
+ The release script will push the maven artifacts to the maven staging repo.
+5. ## Publish release candidate and vote
+ 1. Go to the [Apache Maven staging repo](https://repository.apache.org/) and close the new jar release
+
+ This step is done in the Maven GUI.
+ 2. Start vote (vote should last at least 72 hours).
+
+ Email should be sent to Drill user and dev mailing lists.
+
+ Example:
+
+ Subject:
+ ```
+ [VOTE] Release Apache Drill 1.12.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ I'd like to propose the first release candidate (RC0) of Apache Drill, version 1.12.0.
+
+ The release candidate covers a total of 100500 resolved JIRAs [1]. Thanks to everyone who contributed to this release.
+
+ The tarball artifacts are hosted at [2] and the maven artifacts are hosted at [3].
+
+ This release candidate is based on commit 54d3d201882ef5bc2e0f754fd10edfead9947b60 located at [4].
+
+ Please download and try out the release.
+
+ The vote ends at 5 PM UTC (9 AM PDT, 7 PM EET, 10:30 PM IST), January 1, 1970.
+
+ [ ] +1
+ [ ] +0
+ [ ] -1
+
+ Here's my vote: +1
+
+
+ [1] https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313820&version=12341087
+ [2] http://home.apache.org/~arina/drill/releases/1.12.0/rc0/
+ [3] https://repository.apache.org/content/repositories/orgapachedrill-1043/
+ [4] https://github.com/arina-ielchiieva/drill/commits/drill-1.12.0
+ ```
+ 3. If the vote fails, cancel RC and prepare new RC:
+ 1. Send email with announcing about cancelling the vote:
+
+ Subject:
+ ```
+ [CANCEL] [VOTE] Release Apache Drill 1.17.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ The vote for Apache Drill 1.17.0 - RC0 was cancelled due to
+ [list issues]
+
+ Thanks to all who voted. A new release will be tagged as 1.17.0 - RC1 and
+ will be available for voting soon.
+ ```
+ 2. Go to the [Apache Maven staging repo](https://repository.apache.org/) and drop the jar release.
+ 3. Delete the release tag locally and remotely:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 4. If the vote passes, finish the release:
+ 1. Count votes (email to the dev mailing list):
+
+ Subject:
+ ```
+ [RESULT] [VOTE] Release Apache Drill 1.12.0 RC1
+ ```
+ Body:
+ ```
+ The vote passes. Thanks to everyone who has tested the release candidate and given their comments and votes. Final tally:
+
+ 3x +1 (binding): Arina, Aman, Parth
+
+ 5x +1 (non-binding): Vitalii, Holger, Prasad, Vova, Charles
+
+ No 0s or -1s.
+
+ I'll start process for pushing the release artifacts and send an announcement once propagated.
+
+ Kind regards
+ ```
+ 2. Add the release to [dist.apache.org](https://dist.apache.org/repos/dist/release/drill/) and delete the old version, keeping two most recent.
+ This can only done by a PMC member:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ cd ~/src/release/drill-dist
+ cp -r ~/release/1.17.0-rc0 1.17.0
+ svn add 1.XX.0
+ svn commit --message "Upload Apache Drill 1.17.0 release."
+ svn delete 1.15-1.0
+ ```
+ 3. Go to [Apache Maven staging repo](https://repository.apache.org/) and promote release to production.
+ 4. Create branch and tag for this release and update drill version in master (if used automated scripts, tag will be like this `drill-1.11.0`. Branch should be named as `1.11.0`).
+ 5. Wait 24 hours, check download mirrors.
+ 6. Post release
+ 1. "What's New" for the new release
+ 2. Update Apache JIRA and add release date for this release. Add new release tag if not already there.
+ 3. Update Drill Web site:
Review comment:
Great point! Thanks, added.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] asfgit closed pull request #1937: DRILL-7230: Add README.md
with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
asfgit closed pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on issue #1937: DRILL-7230: Add
README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on issue #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#issuecomment-571598120
Looks really good, thanks for creating such detailed instruction.
+1
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on issue #1937: DRILL-7230: Add
README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on issue #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#issuecomment-568910375
Please include info about Docker.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363431205
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
+ Run the following script:
+ ```
+ tools/release-scripts/release.sh
+ ```
+ The release script will push the maven artifacts to the Maven staging repo.
+5. ## Publish release candidate and vote
+ 1. Go to the [Apache Maven staging repo](https://repository.apache.org/) and close the new jar release.
+ This step is done in the Maven GUI.
+ 2. Start vote (vote should last at least 72 hours).
+
+ Email should be sent to the Drill user and dev mailing lists.
+
+ Example:
+
+ Subject:
+ ```
+ [VOTE] Release Apache Drill 1.12.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ I'd like to propose the first release candidate (RC0) of Apache Drill, version 1.12.0.
+
+ The release candidate covers a total of 100500 resolved JIRAs [1]. Thanks to everyone who contributed to this release.
+
+ The tarball artifacts are hosted at [2] and the maven artifacts are hosted at [3].
+
+ This release candidate is based on commit 54d3d201882ef5bc2e0f754fd10edfead9947b60 located at [4].
+
+ Please download and try out the release.
+
+ The vote ends at 5 PM UTC (9 AM PDT, 7 PM EET, 10:30 PM IST), January 1, 1970.
+
+ [ ] +1
+ [ ] +0
+ [ ] -1
+
+ Here's my vote: +1
+
+
+ [1] https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313820&version=12341087
+ [2] http://home.apache.org/~arina/drill/releases/1.12.0/rc0/
+ [3] https://repository.apache.org/content/repositories/orgapachedrill-1043/
+ [4] https://github.com/arina-ielchiieva/drill/commits/drill-1.12.0
+ ```
+ 3. If the vote fails, cancel RC and prepare new RC:
+ 1. Send an email with announcing about canceling the vote.
+
+ Example:
+
+ Subject:
+ ```
+ [CANCEL] [VOTE] Release Apache Drill 1.17.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ The vote for Apache Drill 1.17.0 - RC0 was canceled due to
+ [list issues]
+
+ Thanks to all who voted. A new release will be tagged as 1.17.0 - RC1 and
+ will be available for voting soon.
+ ```
+ 2. Go to the [Apache Maven staging repo](https://repository.apache.org/) and drop the jar release.
+ 3. Delete the release tag locally and remotely:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 4. If the vote passes, finish the release:
+ 1. Count votes (email to the dev mailing list).
+
+ Example:
+
+ Subject:
+ ```
+ [RESULT] [VOTE] Release Apache Drill 1.12.0 RC1
+ ```
+ Body:
+ ```
+ The vote passes. Thanks to everyone who has tested the release candidate and given their comments and votes. Final tally:
+
+ 3x +1 (binding): Arina, Aman, Parth
+
+ 5x +1 (non-binding): Vitalii, Holger, Prasad, Vova, Charles
+
+ No 0s or -1s.
+
+ I'll start process for pushing the release artifacts and send an announcement once propagated.
+
+ Kind regards
+ ```
+ 2. Add the release to the [dist.apache.org](https://dist.apache.org/repos/dist/release/drill/) and delete the old version, keeping two most recent.
+ This can only done by a PMC member:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ cd ~/src/release/drill-dist
+ mkdir drill-1.17.0
+ cp -r ~/release/1.17.0-rc0 drill-1.17.0
+ svn add drill-1.17.0
+ svn commit --message "Upload Apache Drill 1.17.0 release."
+ svn delete 1.15.0
+ svn commit --message "Deleting drill-1.15.0 to keep only last two versions"
+ ```
+ 3. Go to the [Apache Maven staging repo](https://repository.apache.org/) and promote the release to the production.
+ 4. Create branch and tag for this release and update Drill version in master (if used automated scripts, tag will be like this `drill-1.11.0`. Branch should be named as `1.11.0`).
+ Add release description in GitHub [Drill releases page](https://github.com/apache/drill/releases):
+ open release tag, press `Edit tag` and add Release title like `Apache Drill 1.17.0` and specify release description.
+ 5. After new tag is pushed, check that DockerHub triggered job to build and publish new image for the release to https://hub.docker.com/repository/docker/apache/drill.
+ 5. Wait 24 hours, check download mirrors.
+ 6. Post release:
+ 1. "What's New" for the new release.
+ 2. Update Apache JIRA and add release date for this release. Add a new release tag if not already there.
+ 3. Update Drill Web site:
+ 1. Generate release notes for Drill: https://confluence.atlassian.com/jira/creating-release-notes-185729647.html
+ and create a MarkDown file for the release notes - post to the site the day of the release.
+ 2. Write the blog post and push it out to the Apache Drill website so it can be referenced in the announcement.
Review comment:
Updated points 2 and 4 and removed point 3 since it is obsolete. For now, the Download page uses the version from `_data/version.json` and forms references using that version.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363258029
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
Review comment:
```suggestion
4. Enter your Apache password and submit the changes.
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r359998793
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
Review comment:
Thanks, done.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r360368151
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+
+ Body example:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify final cut-off date.
+ 4. Before starting the release send a reminder to dev list that merge in Apache Drill master is forbidden during
+ release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+
+2. ## Setup environment:
+ 1. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`)
+ 8. Add your key signature to the `KEYS` file in the Drill sources repo.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature to the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ - `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`
+ - Update `KEYS` file with required changes
+ - Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`
+ 2. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the apache server by running the following: `sftp <username>@home.apache.org`
+
+ 3. ### SVN
+ You also need access to Apache SVN. (You need to be a PMC member for this).
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8 (not 9 or 13).
+3. ## Manual Release process
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new drill repository
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeed along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. Push the new tag to your personal github repository
+ You should see 2 new commits on top of the branch and a new `drill-1.17.0` tag
Review comment:
Done.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363416872
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
Review comment:
Thanks, updated.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363257977
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
Review comment:
```suggestion
3. Note that you can add more than one SSH key corresponding to multiple machines.
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363267914
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
+ Run the following script:
+ ```
+ tools/release-scripts/release.sh
+ ```
+ The release script will push the maven artifacts to the Maven staging repo.
+5. ## Publish release candidate and vote
+ 1. Go to the [Apache Maven staging repo](https://repository.apache.org/) and close the new jar release.
+ This step is done in the Maven GUI.
+ 2. Start vote (vote should last at least 72 hours).
+
+ Email should be sent to the Drill user and dev mailing lists.
+
+ Example:
+
+ Subject:
+ ```
+ [VOTE] Release Apache Drill 1.12.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ I'd like to propose the first release candidate (RC0) of Apache Drill, version 1.12.0.
+
+ The release candidate covers a total of 100500 resolved JIRAs [1]. Thanks to everyone who contributed to this release.
+
+ The tarball artifacts are hosted at [2] and the maven artifacts are hosted at [3].
+
+ This release candidate is based on commit 54d3d201882ef5bc2e0f754fd10edfead9947b60 located at [4].
+
+ Please download and try out the release.
+
+ The vote ends at 5 PM UTC (9 AM PDT, 7 PM EET, 10:30 PM IST), January 1, 1970.
+
+ [ ] +1
+ [ ] +0
+ [ ] -1
+
+ Here's my vote: +1
+
+
+ [1] https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313820&version=12341087
+ [2] http://home.apache.org/~arina/drill/releases/1.12.0/rc0/
+ [3] https://repository.apache.org/content/repositories/orgapachedrill-1043/
+ [4] https://github.com/arina-ielchiieva/drill/commits/drill-1.12.0
+ ```
+ 3. If the vote fails, cancel RC and prepare new RC:
+ 1. Send an email with announcing about canceling the vote.
+
+ Example:
+
+ Subject:
+ ```
+ [CANCEL] [VOTE] Release Apache Drill 1.17.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ The vote for Apache Drill 1.17.0 - RC0 was canceled due to
+ [list issues]
+
+ Thanks to all who voted. A new release will be tagged as 1.17.0 - RC1 and
+ will be available for voting soon.
+ ```
+ 2. Go to the [Apache Maven staging repo](https://repository.apache.org/) and drop the jar release.
+ 3. Delete the release tag locally and remotely:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 4. If the vote passes, finish the release:
+ 1. Count votes (email to the dev mailing list).
+
+ Example:
+
+ Subject:
+ ```
+ [RESULT] [VOTE] Release Apache Drill 1.12.0 RC1
+ ```
+ Body:
+ ```
+ The vote passes. Thanks to everyone who has tested the release candidate and given their comments and votes. Final tally:
+
+ 3x +1 (binding): Arina, Aman, Parth
+
+ 5x +1 (non-binding): Vitalii, Holger, Prasad, Vova, Charles
+
+ No 0s or -1s.
+
+ I'll start process for pushing the release artifacts and send an announcement once propagated.
+
+ Kind regards
+ ```
+ 2. Add the release to the [dist.apache.org](https://dist.apache.org/repos/dist/release/drill/) and delete the old version, keeping two most recent.
+ This can only done by a PMC member:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ cd ~/src/release/drill-dist
+ mkdir drill-1.17.0
+ cp -r ~/release/1.17.0-rc0 drill-1.17.0
+ svn add drill-1.17.0
+ svn commit --message "Upload Apache Drill 1.17.0 release."
+ svn delete 1.15.0
+ svn commit --message "Deleting drill-1.15.0 to keep only last two versions"
+ ```
+ 3. Go to the [Apache Maven staging repo](https://repository.apache.org/) and promote the release to the production.
+ 4. Create branch and tag for this release and update Drill version in master (if used automated scripts, tag will be like this `drill-1.11.0`. Branch should be named as `1.11.0`).
+ Add release description in GitHub [Drill releases page](https://github.com/apache/drill/releases):
+ open release tag, press `Edit tag` and add Release title like `Apache Drill 1.17.0` and specify release description.
+ 5. After new tag is pushed, check that DockerHub triggered job to build and publish new image for the release to https://hub.docker.com/repository/docker/apache/drill.
+ 5. Wait 24 hours, check download mirrors.
+ 6. Post release:
+ 1. "What's New" for the new release.
+ 2. Update Apache JIRA and add release date for this release. Add a new release tag if not already there.
+ 3. Update Drill Web site:
+ 1. Generate release notes for Drill: https://confluence.atlassian.com/jira/creating-release-notes-185729647.html
+ and create a MarkDown file for the release notes - post to the site the day of the release.
+ 2. Write the blog post and push it out to the Apache Drill website so it can be referenced in the announcement.
+ 3. Update the Download page to state the current release, like 1.6 and change the download link for the
+ Apache mirror site and direct file downloads.
+ 4. Update the data in `_data/version.json` - making sure to either match your release notes url to the one
+ below (`docs/apache-drill-1-6-0-release-notes`) or update it with the different URL:
+ ```
+ {
+ "display_version": "1.6",
+ "full_version": "1.6.0",
+ "release_date": "February 16, 2016",
+ "blog_post":"/blog/2016/02/16/drill-1.6-released",
+ "release_notes": "https://drill.apache.org/docs/apache-drill-1-6-0-release-notes/"
+ }
+ ```
+ 5. Build and publish JavaDocs to site:
Review comment:
```suggestion
5. Build and publish JavaDocs to the Drill site:
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363416553
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
Review comment:
Done
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363266847
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
Review comment:
```suggestion
4. ## Automated release process
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on issue #1937: DRILL-7230: Add
README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on issue #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#issuecomment-571978751
I have squashed the commits.
@arina-ielchiieva, thanks a lot for the review, it definitely became good only after addressing your comments.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363416297
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
Review comment:
Thanks, fixed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363416441
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
Review comment:
Thanks, replaced.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363267838
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
+ Run the following script:
+ ```
+ tools/release-scripts/release.sh
+ ```
+ The release script will push the maven artifacts to the Maven staging repo.
+5. ## Publish release candidate and vote
+ 1. Go to the [Apache Maven staging repo](https://repository.apache.org/) and close the new jar release.
+ This step is done in the Maven GUI.
+ 2. Start vote (vote should last at least 72 hours).
+
+ Email should be sent to the Drill user and dev mailing lists.
+
+ Example:
+
+ Subject:
+ ```
+ [VOTE] Release Apache Drill 1.12.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ I'd like to propose the first release candidate (RC0) of Apache Drill, version 1.12.0.
+
+ The release candidate covers a total of 100500 resolved JIRAs [1]. Thanks to everyone who contributed to this release.
+
+ The tarball artifacts are hosted at [2] and the maven artifacts are hosted at [3].
+
+ This release candidate is based on commit 54d3d201882ef5bc2e0f754fd10edfead9947b60 located at [4].
+
+ Please download and try out the release.
+
+ The vote ends at 5 PM UTC (9 AM PDT, 7 PM EET, 10:30 PM IST), January 1, 1970.
+
+ [ ] +1
+ [ ] +0
+ [ ] -1
+
+ Here's my vote: +1
+
+
+ [1] https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12313820&version=12341087
+ [2] http://home.apache.org/~arina/drill/releases/1.12.0/rc0/
+ [3] https://repository.apache.org/content/repositories/orgapachedrill-1043/
+ [4] https://github.com/arina-ielchiieva/drill/commits/drill-1.12.0
+ ```
+ 3. If the vote fails, cancel RC and prepare new RC:
+ 1. Send an email with announcing about canceling the vote.
+
+ Example:
+
+ Subject:
+ ```
+ [CANCEL] [VOTE] Release Apache Drill 1.17.0 - RC0
+ ```
+ Body:
+ ```
+ Hi all,
+
+ The vote for Apache Drill 1.17.0 - RC0 was canceled due to
+ [list issues]
+
+ Thanks to all who voted. A new release will be tagged as 1.17.0 - RC1 and
+ will be available for voting soon.
+ ```
+ 2. Go to the [Apache Maven staging repo](https://repository.apache.org/) and drop the jar release.
+ 3. Delete the release tag locally and remotely:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 4. If the vote passes, finish the release:
+ 1. Count votes (email to the dev mailing list).
+
+ Example:
+
+ Subject:
+ ```
+ [RESULT] [VOTE] Release Apache Drill 1.12.0 RC1
+ ```
+ Body:
+ ```
+ The vote passes. Thanks to everyone who has tested the release candidate and given their comments and votes. Final tally:
+
+ 3x +1 (binding): Arina, Aman, Parth
+
+ 5x +1 (non-binding): Vitalii, Holger, Prasad, Vova, Charles
+
+ No 0s or -1s.
+
+ I'll start process for pushing the release artifacts and send an announcement once propagated.
+
+ Kind regards
+ ```
+ 2. Add the release to the [dist.apache.org](https://dist.apache.org/repos/dist/release/drill/) and delete the old version, keeping two most recent.
+ This can only done by a PMC member:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ cd ~/src/release/drill-dist
+ mkdir drill-1.17.0
+ cp -r ~/release/1.17.0-rc0 drill-1.17.0
+ svn add drill-1.17.0
+ svn commit --message "Upload Apache Drill 1.17.0 release."
+ svn delete 1.15.0
+ svn commit --message "Deleting drill-1.15.0 to keep only last two versions"
+ ```
+ 3. Go to the [Apache Maven staging repo](https://repository.apache.org/) and promote the release to the production.
+ 4. Create branch and tag for this release and update Drill version in master (if used automated scripts, tag will be like this `drill-1.11.0`. Branch should be named as `1.11.0`).
+ Add release description in GitHub [Drill releases page](https://github.com/apache/drill/releases):
+ open release tag, press `Edit tag` and add Release title like `Apache Drill 1.17.0` and specify release description.
+ 5. After new tag is pushed, check that DockerHub triggered job to build and publish new image for the release to https://hub.docker.com/repository/docker/apache/drill.
+ 5. Wait 24 hours, check download mirrors.
+ 6. Post release:
+ 1. "What's New" for the new release.
+ 2. Update Apache JIRA and add release date for this release. Add a new release tag if not already there.
+ 3. Update Drill Web site:
+ 1. Generate release notes for Drill: https://confluence.atlassian.com/jira/creating-release-notes-185729647.html
+ and create a MarkDown file for the release notes - post to the site the day of the release.
+ 2. Write the blog post and push it out to the Apache Drill website so it can be referenced in the announcement.
Review comment:
Maybe include commit examples for point 2 and 3
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363417007
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
Review comment:
Thanks, fixed.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363424260
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
+ Run the following script:
+ ```
+ tools/release-scripts/release.sh
+ ```
+ The release script will push the maven artifacts to the Maven staging repo.
+5. ## Publish release candidate and vote
+ 1. Go to the [Apache Maven staging repo](https://repository.apache.org/) and close the new jar release.
+ This step is done in the Maven GUI.
Review comment:
Thanks, added.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r360362502
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+
+ Body example:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify final cut-off date.
+ 4. Before starting the release send a reminder to dev list that merge in Apache Drill master is forbidden during
+ release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+
+2. ## Setup environment:
+ 1. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`)
+ 8. Add your key signature to the `KEYS` file in the Drill sources repo.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature to the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ - `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`
+ - Update `KEYS` file with required changes
+ - Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`
+ 2. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the apache server by running the following: `sftp <username>@home.apache.org`
+
+ 3. ### SVN
+ You also need access to Apache SVN. (You need to be a PMC member for this).
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8 (not 9 or 13).
Review comment:
Thanks, done.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363267275
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new Drill repository:
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeeded along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history:
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists:
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation:
+ ```
+ mvn -X release:prepare -Papache-release -DpushChanges=false -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -Dmaven.javadoc.skip=false" -DreleaseVersion=1.17.0 -DdevelopmentVersion=1.18.0-SNAPSHOT -Dtag=drill-1.17.0
+ ```
+ 10. Make sure to change Drill version to the proper one.
+ 11. Check that `target` folder contains the following files (with the correct version number):
+ ```
+ apache-drill-1.17.0-src.tar.gz
+ apache-drill-1.17.0-src.tar.gz.asc
+ apache-drill-1.17.0-src.tar.gz.sha512
+ apache-drill-1.17.0-src.zip
+ apache-drill-1.17.0-src.zip.asc
+ apache-drill-1.17.0-src.zip.sha512
+ ```
+ 12. Verify signature, ensure that GPG key for Apache was used (see details at
+ https://www.apache.org/info/verification.html#CheckingSignatures) and checksum
+ (see details at https://www.apache.org/info/verification.html#CheckingHashes):
+ ```
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh target/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh distribution/target/apache-drill-1.17.0.tar.gz
+ ```
+ 13. You should see 2 new commits on top of the branch, for example:
+ ```
+ [maven-release-plugin] prepare release drill-1.17.0
+ [maven-release-plugin] prepare for next development iteration
+ ```
+ Also, you should see a new `drill-1.17.0` tag.
+ Push the new tag to your personal github repository:
+ ```
+ git push origin drill-1.17.0
+ ```
+ 14. Perform the release but do the commits into personal repo
+ (since Apache doesn't allow rollbacks on master if mistakes are made):
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git"
+ ```
+ If you want to additionally check resulting archives and jars, add `-Dmaven.deploy.skip=true` flag to avoid deploying jars to the Nexus repository:
+ ```
+ mvn release:perform -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -DskipTests -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -DskipTests=true -DconnectionUrl=scm:git:git@github.com:vvysotskyi/drill.git -Dmaven.deploy.skip=true"
+ ```
+ After checks are performed, run this command without the flag.
+ 15. Deploy the release commit:
+ ```
+ git checkout drill-1.17.0
+ mvn deploy -Papache-release -DskipTests -Dgpg.passphrase=${GPG_PASSPHRASE}
+ ```
+ 16. Copy release files to a local release staging directory:
+ ```
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0-src.tar.gz* ~/release/1.17.0-rc0/ && \
+ cp ~/src/release/drill/target/target/checkout/apache-drill-1.17.0.zip* ~/release/1.17.0-rc0/ \
+ cp ~/src/release/drill/target/checkout/distribution/target/apache-drill-1.17.0.tar.gz* ~/release/1.17.0-rc0/ \
+ ```
+ 17. Check if the artifacts are signed properly:
+ ```
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.tar.gz
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0-src.zip
+ ./tools/release-scripts/checksum.sh ~/release/1.17.0-rc0/apache-drill-1.17.0.tar.gz
+ ```
+ 18. Copy release files to a directory on `home.apache.org` for voting:
+ ```
+ scp ~/release/1.17.0-rc0/* <username>@home.apache.org:~/public_html/drill/releases/1.17.0/rc0
+ ```
+
+4. ## Automated release
+ Run the following script:
+ ```
+ tools/release-scripts/release.sh
+ ```
+ The release script will push the maven artifacts to the Maven staging repo.
+5. ## Publish release candidate and vote
+ 1. Go to the [Apache Maven staging repo](https://repository.apache.org/) and close the new jar release.
+ This step is done in the Maven GUI.
Review comment:
Maybe add info link: https://central.sonatype.org/pages/releasing-the-deployment.html#locate-and-examine-your-staging-repository
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] arina-ielchiieva commented on a change in pull request
#1937: DRILL-7230: Add README.md with instructions for release and release
scripts
Posted by GitBox <gi...@apache.org>.
arina-ielchiieva commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r363266663
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,397 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+ 1. Start mail thread on Apache Drill dev list.
+
+ Example:
+
+ Subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+ Body:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather a list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify the final cut-off date.
+ 4. Before starting the release send a reminder to the dev list that merge into Apache Drill master is forbidden during release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+2. ## Setup environment:
+ 1. ### SVN
+ 1. Install subversion client (see instructions on http://subversion.apache.org/packages.html#osx for
+ installing svn on different systems).
+ 2. Check that svn works:
+ ```
+ svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist
+ ```
+ You also need writable access to Apache SVN. (You need to be a PMC member for this).
+ 2. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure the default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`).
+ 8. Add your key signature into the the `KEYS` file in the Drill sources repo in the project root directory.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature into the the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ 1. `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`.
+ 2. Update `KEYS` file with required changes.
+ 3. Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`.
+ 3. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the Apache server by running the following: `sftp <username>@home.apache.org`.
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying Maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and add an encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and add an encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8.
+3. ## Manual Release process (don't worry, after this section described an automated release process)
Review comment:
```suggestion
3. ## Manual Release process (this section is more for information how release process is
performed, release manager should use `automated release process` described later).
```
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services
[GitHub] [drill] vvysotskyi commented on a change in pull request #1937:
DRILL-7230: Add README.md with instructions for release and release scripts
Posted by GitBox <gi...@apache.org>.
vvysotskyi commented on a change in pull request #1937: DRILL-7230: Add README.md with instructions for release and release scripts
URL: https://github.com/apache/drill/pull/1937#discussion_r360366168
##########
File path: docs/dev/Release.md
##########
@@ -0,0 +1,365 @@
+# Drill Release Process
+
+1. ## Setup release final cut-off date
+
+ 1. Start mail thread on Apache dev list with the subject:
+ ```
+ [DISCUSS] Drill 1.17.0 release
+ ```
+
+ Body example:
+ ```
+ Hi Drillers,
+
+ It's been several months since the last release and it is time to do the next one. I am volunteering to be the release manager.
+
+ If there are any issues on which work is in progress, that you feel we *must* include in the release, please post in reply to this thread. Based on your input we'll define release cut off date.
+
+ Kind regards
+
+ Thanks
+ ```
+ 2. Gather list of Jiras that need to be included in the release, discuss possible blockers.
+ 3. Identify final cut-off date.
+ 4. Before starting the release send a reminder to dev list that merge in Apache Drill master is forbidden during
+ release.
+
+ Example:
+ ```
+ Note for the committers:
+ until the release is not over and Drill version is not changed to 1.17.0-SNAPSHOT, please do not push any
+ changes into Drill master.
+ ```
+
+2. ## Setup environment:
+ 1. ### GPG key:
+ You will need a GPG key set up. This key is needed for signing the release.
+ 1. Read [Apache docs for release signing](http://www.apache.org/dev/release-signing.html).
+ 2. Install the `gpg2` package on Ubuntu, or `gnupg` on MacOS.
+ 3. Generate GPG key using the **Apache email address** if it wasn't done before:
+ 1. Run `gpg --gen-key` and follow the instructions.
+ 2. Remember your passphrase.
+ 3. Save your key pair:
+ ```
+ gpg --output mygpgkey_pub.gpg --armor --export MY_KEY_ID
+ gpg --output mygpgkey_sec.gpg --armor --export-secret-key MY_KEY_ID
+ ```
+ 4. Or import existing GPG key pair if required:
+ ```
+ gpg --import mygpgkey_pub.gpg
+ gpg --allow-secret-key-import --import mygpgkey_sec.gpg
+ ```
+ 5. Have another committer signed your key (add to the trust chain).
+ Apache advises to do it at
+ [key signing parties](https://www.apache.org/dev/release-signing.html#key-signing-party).
+ 6. Make sure default key is the key generated using the Apache email.
+ 7. Publish your public key to a public server (e.g. http://pgp.surfnet.nl or http://pgp.mit.edu)
+ using Web-UIs or CLI (for example using the following command:
+ `gpg --keyserver hkp://pool.sks-keyservers.net --trust-model always --send-keys`)
+ 8. Add your key signature to the `KEYS` file in the Drill sources repo.
+ Instruction on how to create the key signature is embedded at the beginning of the KEYS file.
+ 9. Add your key signature to the `KEYS` file in `https://dist.apache.org` (PMC permissions required for this):
+ - `svn co https://dist.apache.org/repos/dist/release/drill ~/src/release/drill-dist`
+ - Update `KEYS` file with required changes
+ - Commit changes: `svn ci -m "Add FirstName LastName's key to KEYS file"`
+ 2. ### Setting up LDAP credentials
+ 1. Go to http://id.apache.org and log in using your Apache login and password.
+ 2. Scroll to the bottom to the 'SSH Key' entry and add the SSH key from your `~/.ssh/id_rsa.pub` file.
+ If you don't have the SSH key, you should generate it by running `ssh-keygen`.
+ 3. Note that you can add more than 1 SSH key corresponding to multiple machines.
+ 4. Enter your Apache password and submit changes.
+ 5. Verify that you can do an sftp to the apache server by running the following: `sftp <username>@home.apache.org`
+
+ 3. ### SVN
+ You also need access to Apache SVN. (You need to be a PMC member for this).
+ 4. ### Setup Maven
+ 1. Apache's Maven repository access is documented here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 2. For deploying maven artifacts, you must add entries to your `~/.m2/settings.xml` file as described here:
+ http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env.
+ 3. In order to encrypt the LDAP password, see here:
+ http://maven.apache.org/guides/mini/guide-encryption.html.
+ The encrypted master password should be added to `~/.m2/security-settings.xml`.
+ 4. Add encrypted password to `settings.xml` and `security-settings.xml`:
+ 1. run `mvn --encrypt-master-password` and encrypted master password to `security-settings.xml` file;
+ 2. run `mvn --encrypt-password` and encrypted Apache LDAP password to `settings.xml` file.
+ 5. Check that `NOTICE` file in sources has the current copyright year.
+ 6. Make sure you are using JDK 8 (not 9 or 13).
+3. ## Manual Release process
+ 1. Setup GPG Password env variable:
+ ```
+ read -s GPG_PASSPHRASE
+ ```
+ 2. Tell GPG how to read a password from your terminal:
+ ```
+ export GPG_TTY=$(tty)
+ ```
+ 3. Clean up old release directory and clone a new drill repository
+ ```
+ cd ~/src/release && \
+ rm -rf drill/ && \
+ git clone git@github.com:apache/drill.git && \
+ cd drill
+ ```
+ 4. Checkout the current release:
+ ```
+ git checkout <git commit>
+ ```
+ 5. Make sure build with tests succeed along with license checks:
+ ```
+ mvn install -Drat.skip=false -Dlicense.skip=false
+ ```
+ 6. Enforce memory options:
+ ```
+ MAVEN_OPTS='-Xmx4g -XX:MaxPermSize=512m'
+ ```
+ 7. Clear any release history
+ ```
+ mvn release:clean -Papache-release -DpushChanges=false -DskipTests
+ ```
+ 8. Delete outgoing release tag if it exists
+ ```
+ git push --delete origin drill-1.17.0
+ git tag -d drill-1.17.0
+ ```
+ 9. Do the release preparation
Review comment:
Thanks for pointing this. Revised the doc and added semicolons where required.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services