You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@uima.apache.org by Richard Eckart de Castilho <re...@apache.org> on 2017/07/24 00:11:17 UTC
How to make releases and released reviewing less tediuos?
Hi all,
is there any way we can improve the release process?
E.g. could we automatize it more?
To make a start, I am sharing here some commands that I find useful.
Maybe we could set up a place in the SVN to collect/build scripts.
=== Comparing SVN (ruta-2.6.1) vs. ZIP (ruta-2.6.1-svn)
diff -r -b -x DEPENDENCIES -x .svn -x issuesFixed -x '.project' -x 'MANIFEST.MF' -x 'META-INF' -x 'feature.xml' ruta-2.6.1 ruta-2.6.1-svn
=== Checking if versions have changed since a previous release
See attached script: mvn-diff-dependencies
=== Verify signature (because I always have to look it up)
gpg --verify --armor <ASC file>
=== Download all staged artifacts for a signature bulk-check
$ lftp <stage URL>
> mirror .
> exit
$ find . -name "*.asc" | xargs -n1 gpg --verify --armor
What is kind of annoying here is that the output needs to be checked
by eye. gpg --verify does not produce a proper exit code if the
signature verification fails :(
Cheers,
-- Richard
Re: How to make releases and released reviewing less tediuos?
Posted by Jaroslaw Cwiklik <cw...@apache.org>.
Thanks for sharing. Before cutting an RC I use maven to find missing Apache
headers using this:
mvn -e apache-rat:check
Jerry
On Mon, Jul 24, 2017 at 9:08 AM, Marshall Schor <ms...@schor.com> wrote:
> good to share our tricks :-)
>
> My diff: diff -rqZ folder-with-svn folder-from-zip r=recursive, q=small
> output Z=ignore trailing spaces
>
> (the Z is because I typically run on windows, and the sources-release has
> different line endings)
> I get the svn version to compare with using svn -export the-tag-version.
> -export omits those .svn files.
> I don't bother to exclude anything; and just quickly eyeball the results.
> But if
> you have a script, the -x option looks useful!
>
> the dependencies diff looks useful. (no attached script due to our email
> system...)
>
> Instead of using the lftp command (not on my windows machine :-) ), I use
> svn
> export, which works fine now because our staging spot is typically an svn
> spot
> in dist.apache.org/ ... / dev
>
> nice little one-liner for checking asc sigs!
>
> One other thing I do is comparing sources (including license files, etc.)
> between a new version and a previous version. I have a project in Eclipse
> called "t" (for testing), where I have folders where I use the "advanced"
> option
> to link to the unzipped source-release directories for the current and past
> release. Then I select each folder, and tell Eclipse to compare to each
> other.
> This gives an easily navigable view of all the different files, which I
> find
> useful sometimes.
>
> -Marshall
>
> On 7/23/2017 8:11 PM, Richard Eckart de Castilho wrote:
> > Hi all,
> >
> > is there any way we can improve the release process?
> > E.g. could we automatize it more?
> >
> > To make a start, I am sharing here some commands that I find useful.
> > Maybe we could set up a place in the SVN to collect/build scripts.
> >
> > === Comparing SVN (ruta-2.6.1) vs. ZIP (ruta-2.6.1-svn)
> >
> > diff -r -b -x DEPENDENCIES -x .svn -x issuesFixed -x '.project' -x
> 'MANIFEST.MF' -x 'META-INF' -x 'feature.xml' ruta-2.6.1 ruta-2.6.1-svn
> >
> > === Checking if versions have changed since a previous release
> >
> > See attached script: mvn-diff-dependencies
> >
> > === Verify signature (because I always have to look it up)
> >
> > gpg --verify --armor <ASC file>
> >
> > === Download all staged artifacts for a signature bulk-check
> >
> > $ lftp <stage URL>
> >> mirror .
> >> exit
> > $ find . -name "*.asc" | xargs -n1 gpg --verify --armor
> >
> > What is kind of annoying here is that the output needs to be checked
> > by eye. gpg --verify does not produce a proper exit code if the
> > signature verification fails :(
> >
> > Cheers,
> >
> > -- Richard
> >
>
>
Re: How to make releases and released reviewing less tediuos?
Posted by Marshall Schor <ms...@schor.com>.
good to share our tricks :-)
My diff: diff -rqZ folder-with-svn folder-from-zip r=recursive, q=small
output Z=ignore trailing spaces
(the Z is because I typically run on windows, and the sources-release has
different line endings)
I get the svn version to compare with using svn -export the-tag-version.
-export omits those .svn files.
I don't bother to exclude anything; and just quickly eyeball the results. But if
you have a script, the -x option looks useful!
the dependencies diff looks useful. (no attached script due to our email system...)
Instead of using the lftp command (not on my windows machine :-) ), I use svn
export, which works fine now because our staging spot is typically an svn spot
in dist.apache.org/ ... / dev
nice little one-liner for checking asc sigs!
One other thing I do is comparing sources (including license files, etc.)
between a new version and a previous version. I have a project in Eclipse
called "t" (for testing), where I have folders where I use the "advanced" option
to link to the unzipped source-release directories for the current and past
release. Then I select each folder, and tell Eclipse to compare to each other.
This gives an easily navigable view of all the different files, which I find
useful sometimes.
-Marshall
On 7/23/2017 8:11 PM, Richard Eckart de Castilho wrote:
> Hi all,
>
> is there any way we can improve the release process?
> E.g. could we automatize it more?
>
> To make a start, I am sharing here some commands that I find useful.
> Maybe we could set up a place in the SVN to collect/build scripts.
>
> === Comparing SVN (ruta-2.6.1) vs. ZIP (ruta-2.6.1-svn)
>
> diff -r -b -x DEPENDENCIES -x .svn -x issuesFixed -x '.project' -x 'MANIFEST.MF' -x 'META-INF' -x 'feature.xml' ruta-2.6.1 ruta-2.6.1-svn
>
> === Checking if versions have changed since a previous release
>
> See attached script: mvn-diff-dependencies
>
> === Verify signature (because I always have to look it up)
>
> gpg --verify --armor <ASC file>
>
> === Download all staged artifacts for a signature bulk-check
>
> $ lftp <stage URL>
>> mirror .
>> exit
> $ find . -name "*.asc" | xargs -n1 gpg --verify --armor
>
> What is kind of annoying here is that the output needs to be checked
> by eye. gpg --verify does not produce a proper exit code if the
> signature verification fails :(
>
> Cheers,
>
> -- Richard
>