You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shardingsphere.apache.org by du...@apache.org on 2022/10/26 10:16:29 UTC
[shardingsphere] branch master updated: feat(release): release doc (#21770)

This is an automated email from the ASF dual-hosted git repository.

duanzhengqiang pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/shardingsphere.git


The following commit(s) were added to refs/heads/master by this push:
     new d33836333e1 feat(release): release doc (#21770)
d33836333e1 is described below

commit d33836333e15bcbd613b4129b417dbf2074444e7
Author: Ghoul_Lee <wi...@gmail.com>
AuthorDate: Wed Oct 26 18:16:19 2022 +0800

    feat(release): release doc (#21770)
---
 .../involved/release/shardingsphere-on-cloud.cn.md | 217 ++------------------
 .../involved/release/shardingsphere-on-cloud.en.md | 219 ++-------------------
 2 files changed, 30 insertions(+), 406 deletions(-)

diff --git a/docs/community/content/involved/release/shardingsphere-on-cloud.cn.md b/docs/community/content/involved/release/shardingsphere-on-cloud.cn.md
index 2f879003f93..3fe67f67cc2 100644
--- a/docs/community/content/involved/release/shardingsphere-on-cloud.cn.md
+++ b/docs/community/content/involved/release/shardingsphere-on-cloud.cn.md
@@ -43,107 +43,6 @@ Release Note 需提供中文/英文两种版本，确认中英文描述是否明
 1. 确认 `${RELEASE.VERSION}` 的 Milestone 完成状态为 100%；
 1. 点击 `Close` 关闭 Milestone。
 
-## GPG 设置
-
-### 1. 安装 GPG
-
-在 [GnuPG 官网](https://www.gnupg.org/download/index.html)下载安装包。
-GnuPG 的 1.x 版本和 2.x 版本的命令有细微差别，下列说明以 `GnuPG-2.1.23` 版本为例。
-
-安装完成后，执行以下命令查看版本号。
-
-```shell
-gpg --version
-```
-
-### 2. 创建 key
-
-安装完成后，执行以下命令创建 key。
-
-`GnuPG-2.x` 可使用：
-
-```shell
-gpg --full-gen-key
-```
-
-`GnuPG-1.x` 可使用：
-
-```shell
-gpg --gen-key
-```
-
-根据提示完成 key：
-
-> 注意：请使用 Apache mail 生成 GPG 的 Key。
-
-```shell
-gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.
-This is free software: you are free to change and redistribute it.
-There is NO WARRANTY, to the extent permitted by law.
-
-Please select what kind of key you want:
-  (1) RSA and RSA (default)
-  (2) DSA and Elgamal
-  (3) DSA (sign only)
-  (4) RSA (sign only)
-Your selection? 1
-RSA keys may be between 1024 and 4096 bits long.
-What keysize do you want? (2048) 4096
-Requested keysize is 4096 bits
-Please specify how long the key should be valid.
-        0 = key does not expire
-     <n>  = key expires in n days
-     <n>w = key expires in n weeks
-     <n>m = key expires in n months
-     <n>y = key expires in n years
-Key is valid for? (0) 
-Key does not expire at all
-Is this correct? (y/N) y
-
-GnuPG needs to construct a user ID to identify your key.
-
-Real name: ${输入用户名}
-Email address: ${输入邮件地址}
-Comment: ${输入注释}
-You selected this USER-ID:
-   "${输入的用户名} (${输入的注释}) <${输入的邮件地址}>"
-
-Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
-You need a Passphrase to protect your secret key. # 输入密码
-```
-
-### 3. 查看生成的 key
-
-```shell
-gpg --list-keys
-```
-
-执行结果：
-
-```shell
-pub   4096R/700E6065 2019-03-20
-uid                  ${用户名} (${注释}) <{邮件地址}>
-sub   4096R/0B7EF5B2 2019-03-20
-```
-
-其中 700E6065 为公钥 ID。
-
-### 4. 导出 v1 版本密钥
-
-``` shell
-gpg --export >~/.gnupg/pubring.gpg
-gpg --export-secret-keys >~/.gnupg/secring.gpg
-```
-
-### 5. 将公钥同步到服务器
-
-命令如下：
-
-```shell
-gpg --keyserver hkp://keyserver.ubuntu.com --send-key 700E6065
-```
-
-`keyserver.ubuntu.com` 为随意挑选的公钥服务器，每个服务器之间是自动同步的，选任意一个即可。
 
 ## 准备发布分支
 
@@ -200,9 +99,9 @@ cd ~/shardingsphere-on-cloud/charts/shardingsphere-proxy
 helm dependency build
 
 cd ~/shardingsphere-on-cloud/charts
-helm package --sign --key '${GPG 用户名}' --keyring ~/.gnupg/secring.gpg shardingsphere-operator
-helm package --sign --key '${GPG 用户名}' --keyring ~/.gnupg/secring.gpg shardingsphere-operator-cluster
-helm package --sign --key '${GPG 用户名}' --keyring ~/.gnupg/secring.gpg shardingsphere-proxy
+helm package shardingsphere-operator
+helm package shardingsphere-operator-cluster
+helm package shardingsphere-proxy
 ```
 
 ### 5. 更新下载页面
@@ -211,107 +110,10 @@ helm package --sign --key '${GPG 用户名}' --keyring ~/.gnupg/secring.gpg shar
 * <https://shardingsphere.apache.org/document/current/en/downloads/>
 * <https://shardingsphere.apache.org/document/current/cn/downloads/>
 
-GPG 签名文件和哈希校验文件的下载连接应该使用这个前缀：`https://downloads.apache.org/shardingsphere/`。
-
-## 发布 Apache SVN 仓库
-
-### 1. 检出 ShardingSphere 发布目录
-
-如无本地工作目录，则先创建本地工作目录。
-
-```shell
-mkdir -p ~/ss_svn/dev/
-cd ~/ss_svn/dev/
-```
-
-创建完毕后，从 Apache SVN 检出 ShardingSphere 发布目录。
-
-```shell
-svn --username=${APACHE LDAP 用户名} co https://dist.apache.org/repos/dist/dev/shardingsphere
-cd ~/ss_svn/dev/shardingsphere
-```
-
-### 2. 添加 gpg 公钥
-
-仅第一次部署的账号需要添加，只要 `KEYS` 中包含已经部署过的账户的公钥即可。
-
-```shell
-gpg -a --export ${GPG用户名} >> KEYS
-```
-
-### 3. 将待发布的内容添加至 SVN 目录
-
-创建版本号目录。
-
-```shell
-mkdir -p ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-cd ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-```
-
-将 charts 包添加至 SVN 工作目录。
-
-```shell
-cp -f ~/shardingsphere-on-cloud/charts/*.tgz* ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-```
-
-生成 `index.yaml`。 
-
-```shell
-cd ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-helm repo index --url https://archive.apache.org/dist/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION} .
-```
-
-### 4. 提交 Apache SVN
-
-```shell
-svn add * --parents
-svn --username=${APACHE LDAP 用户名} commit -m "release ${RELEASE.VERSION}"
-```
 
 ## 检查发布结果
 
-### 1. 检查 gpg 签名
-
-首先导入发布人公钥。从 svn 仓库导入 KEYS 到本地环境。（发布版本的人不需要再导入，帮助做验证的人需要导入，用户名填发版人的即可）
-
-```shell
-curl https://dist.apache.org/repos/dist/dev/shardingsphere/KEYS >> KEYS
-gpg --import KEYS
-gpg --edit-key "${发布人的 gpg 用户名}"
-  > trust
-
-Please decide how far you trust this user to correctly verify other users' keys
-(by looking at passports, checking fingerprints from different sources, etc.)
-
-  1 = I don't know or won't say
-  2 = I do NOT trust
-  3 = I trust marginally
-  4 = I trust fully
-  5 = I trust ultimately
-  m = back to the main menu
-
-Your decision? 5
-
-  > save
-```
-
-然后进行 gpg 签名检查。
-
-Bash 可以使用以下命令检查签名：
-
-```shell
-for each in $(ls *.tgz); do helm verify $each; done
-```
-
-或逐个文件检查：
-
-```shell
-helm verify apache-shardingsphere-operator-${RELEASE.VERSION}.tgz
-helm verify apache-shardingsphere-operator-cluster-${RELEASE.VERSION}.tgz
-helm verify apache-shardingsphere-proxy-${RELEASE.VERSION}.tgz
-```
-
-### 2. 检查发布文件内容
+### 1. 检查发布文件内容
 
 解压缩
 - `apache-shardingsphere-proxy-charts-${RELEASE.VERSION}.tgz`
@@ -328,6 +130,17 @@ helm verify apache-shardingsphere-proxy-${RELEASE.VERSION}.tgz
   - 所有第三方依赖的许可证都在 `LICENSE` 文件中声明；
   - 依赖许可证的完整版全部在 `license` 目录；
   - 如果依赖的是 Apache 许可证并且存在 `NOTICE` 文件，那么这些 `NOTICE` 文件也需要加入到版本的 `NOTICE` 文件中。
+### 2. 检查仓库制品
+
+添加仓库
+```shell
+helm repo remove apache
+helm repo add apache  https://apache.github.io/shardingsphere-on-cloud
+helm search repo apache
+```
+
+可以查询到三个制品即为发布成功
+
 
 ## 发起投票
 
diff --git a/docs/community/content/involved/release/shardingsphere-on-cloud.en.md b/docs/community/content/involved/release/shardingsphere-on-cloud.en.md
index b415466bd9f..6d6e2a83925 100644
--- a/docs/community/content/involved/release/shardingsphere-on-cloud.en.md
+++ b/docs/community/content/involved/release/shardingsphere-on-cloud.en.md
@@ -44,108 +44,6 @@ Open [GitHub milestone](https://github.com/apache/shardingsphere-on-cloud/milest
 1. Confirm that the milestone completion status of `${RELEASE.VERSION}` is 100%;
 1. Click `close` to close milestone.
 
-## GPG Settings
-
-### 1. Install GPG
-
-Download installation package on [official GnuPG website](https://www.gnupg.org/download/index.html).
-The command of GnuPG 1.x version can differ a little from that of 2.x version.
-The following instructions take `GnuPG-2.1.23` version for example.
-After the installation, execute the following command to check the version number.
-
-```shell
-gpg --version
-```
-
-### 2. Create Key
-
-After the installation, execute the following command to create key.
-
-This command indicates `GnuPG-2.x` can be used:
-
-```shell
-gpg --full-gen-key
-```
-
-This command indicates `GnuPG-1.x` can be used:
-
-```shell
-gpg --gen-key
-```
-
-Finish the key creation according to instructions:
-
-> To be noticed: Please use Apache mail for key creation.
-
-```shell
-gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc.
-This is free software: you are free to change and redistribute it.
-There is NO WARRANTY, to the extent permitted by law.
-
-Please select what kind of key you want:
-  (1) RSA and RSA (default)
-  (2) DSA and Elgamal
-  (3) DSA (sign only)
-  (4) RSA (sign only)
-Your selection? 1
-RSA keys may be between 1024 and 4096 bits long.
-What keysize do you want? (2048) 4096
-Requested keysize is 4096 bits
-Please specify how long the key should be valid.
-        0 = key does not expire
-     <n>  = key expires in n days
-     <n>w = key expires in n weeks
-     <n>m = key expires in n months
-     <n>y = key expires in n years
-Key is valid for? (0) 
-Key does not expire at all
-Is this correct? (y/N) y
-
-GnuPG needs to construct a user ID to identify your key.
-
-Real name: ${Input username}
-Email address: ${Input email}
-Comment: ${Input comment}
-You selected this USER-ID:
-   "${Inputed username} (${Inputed comment}) <${Inputed email}>"
-
-Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
-You need a Passphrase to protect your secret key. # Input passwords
-```
-
-### 3. Check Generated Key
-
-```shell
-gpg --list-keys
-```
-
-Execution Result:
-
-```shell
-pub   4096R/700E6065 2019-03-20
-uid                  ${Username} (${Comment}) <{Email}>
-sub   4096R/0B7EF5B2 2019-03-20
-```
-
-Among them, 700E6065 is public key ID.
-
-### 4. Export v1 version secret
-
-``` shell
-gpg --export >~/.gnupg/pubring.gpg
-gpg --export-secret-keys >~/.gnupg/secring.gpg
-```
-
-### 5. Upload the Public Key to Key Server
-
-The command is as follows:
-
-```shell
-gpg --keyserver hkp://keyserver.ubuntu.com --send-key 700E6065
-```
-
-`keyserver.ubuntu.com` is randomly chosen from public key server.
-Each server will automatically synchronize with one another, so it would be okay to choose any one.
 
 ## Prepare Branch for Release
 
@@ -201,9 +99,9 @@ cd ~/shardingsphere-on-cloud/charts/shardingsphere-proxy
 helm dependency build
 
 cd ~/shardingsphere-on-cloud/charts
-helm package --sign --key '${GPG username}' --keyring ~/.gnupg/secring.gpg shardingsphere-operator
-helm package --sign --key '${GPG username}' --keyring ~/.gnupg/secring.gpg shardingsphere-operator-cluster
-helm package --sign --key '${GPG username}' --keyring ~/.gnupg/secring.gpg shardingsphere-proxy
+helm package shardingsphere-operator
+helm package shardingsphere-operator-cluster
+helm package shardingsphere-proxy
 ```
 
 ### 5. Update the download page
@@ -212,108 +110,10 @@ Update the following pages:
 * <https://shardingsphere.apache.org/document/current/en/downloads/>
 * <https://shardingsphere.apache.org/document/current/cn/downloads/>
 
-GPG signatures and hashes (SHA* etc) should be prefixed with: `https://downloads.apache.org/shardingsphere/`。
-
-### Apache SVN Repository Release
-
-**1. Checkout ShardingSphere Release Directory**
-
-If there is no local work directory, create one at first.
-
-```shell
-mkdir -p ~/ss_svn/dev/
-cd ~/ss_svn/dev/
-```
-
-After the creation, checkout ShardingSphere release directory from Apache SVN.
-
-```shell
-svn --username=${APACHE LDAP username} co https://dist.apache.org/repos/dist/dev/shardingsphere
-cd ~/ss_svn/dev/shardingsphere
-```
-
-**2. Add gpg Public Key**
-
-Only the account in its first deployment needs to add that.
-It is alright for `KEYS` to only include the public key of the deployed account.
-
-```shell
-gpg -a --export ${GPG username} >> KEYS
-```
-
-**3. Add the Release Content to SVN Directory**
-
-Create folder by version number.
-
-```shell
-mkdir -p ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-cd ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-```
-
-Add charts packages of ShardingSphere-On-Cloud to SVN working directory.
-
-```shell
-cp -f ~/shardingsphere-on-cloud/charts/*.tgz* ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-```
-
-Generate `index.yaml`.
-
-```shell
-cd ~/ss_svn/dev/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION}
-helm repo index --url https://archive.apache.org/dist/shardingsphere/shardingsphere-on-cloud-${RELEASE.VERSION} .
-```
-
-**4. Commit to Apache SVN**
-
-```shell
-svn add * --parents
-svn --username=${APACHE LDAP username} commit -m "release ${RELEASE.VERSION}"
-```
 
 ### Check Release
 
-**1. Check gpg Signature**
-
-First, import releaser's public key. Import KEYS from SVN repository to local. (The releaser does not need to import again; the checking assistant needs to import it, with the user name filled as the releaser's. )
-
-```shell
-curl https://dist.apache.org/repos/dist/dev/shardingsphere/KEYS >> KEYS
-gpg --import KEYS
-gpg --edit-key "${releaser gpg username}"
-  > trust
-
-Please decide how far you trust this user to correctly verify other users' keys
-(by looking at passports, checking fingerprints from different sources, etc.)
-
-  1 = I don't know or won't say
-  2 = I do NOT trust
-  3 = I trust marginally
-  4 = I trust fully
-  5 = I trust ultimately
-  m = back to the main menu
-
-Your decision? 5
-
-  > save
-```
-
-Then, check the gpg signature.
-
-Checking can be performed by the following command under Bash:
-
-```bash
-for each in $(ls *.tgz); do helm verify $each; done
-```
-
-Or checking each file manually:
-
-```shell
-helm verify apache-shardingsphere-operator-${RELEASE.VERSION}.tgz
-helm verify apache-shardingsphere-operator-cluster-${RELEASE.VERSION}.tgz
-helm verify apache-shardingsphere-proxy-${RELEASE.VERSION}.tgz
-```
-
-**2. Check Released Files**
+**1. Check Released Files**
 
 Decompress:
 
@@ -331,6 +131,17 @@ To check the following items:
   *   All software licenses mentioned in `LICENSE`
   *   All the third party dependency licenses are under `licenses` folder
   *   If it depends on Apache license and has a `NOTICE` file, that `NOTICE` file need to be added to `NOTICE` file of the release
+### 2. Check products
+
+add repo
+```shell
+helm repo remove apache
+helm repo add apache  https://apache.github.io/shardingsphere-on-cloud
+helm search repo apache
+```
+
+If you can find three products, the release is successful
+
 
 ## Call for a Vote