Testing Release Candidates

[Enrico Olivelli <eo...@gmail.com>]

Hi,
I would like to test Maven Plugins Release Candidates.

I know there is a brief guide
https://maven.apache.org/guides/development/guide-testing-releases.html
But I think this is not very complete and/or it is outdated.

The summary of the guide is to run
mvn verify
For instance this is not true for Surefire.

Can someone explain better how is it expected to run a check on an RC ?

In other Apache projects that I know/work on usual checks are:
- try to build and run tests on the propostes source artifacts.
- apache-rat/licensing issues
- check signatures/shasums..
- check proposed maven artifacts

Usually voters when the give their '+1' add an explanation about the
tests the performed on the RC, I see this is not very common practice
in Maven VOTE threads.

Second question, in Maven what is really 'released' ?
Are you releasing the SOURCE ZIP ? or something else ?
As far as I know in Apache we are 'releasing' the source code and we
are providing binaries for
convenience to users. I understand that Maven is somehow a very special case.

My questions are just to understand better in order to give a more
significant contribution to the project, I am pointing out problems.

Thank you all for carrying on Maven Project !

Cheers
Enrico

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org

Re: Testing Release Candidates

[Enrico Olivelli <eo...@gmail.com>]

Karl, some answers inline, thank you for answers

Il ven 12 ott 2018, 16:28 Karl Heinz Marbaise <kh...@gmx.de> ha
scritto:

> Hi Enrico,
>
>
> On 12/10/18 10:36, Enrico Olivelli wrote:
> > Hi,
> > I would like to test Maven Plugins Release Candidates.
>
> Great that you like to help...
>

Maven is at the core of most of every java project in the world, for me it
is vital.
 I wonder why there is not so much help from the comunity.
Just doing my best to help. Time is limited unfortunately. :)


> >
> > I know there is a brief guide
> > https://maven.apache.org/guides/development/guide-testing-releases.html
> > But I think this is not very complete and/or it is outdated.
>
> It might be if so we need to update/enhance it as needed...
>
> >
> > The summary of the guide is to run
> > mvn verify
> > For instance this is not true for Surefire.
>
> Yes there are some of the release which need different approach usually
> documented in README.md (I'm not sure if all have a README.md...or need
> one)...for Maven Core this not enough (mvn clean install) and test the
> resulting core with different project of your own choice...
>
>
> >
> > Can someone explain better how is it expected to run a check on an RC ?
>
> First we don't do RC's ...what we sometimes do is to release Milestones
> (for example with maven-install, maven-deploy-plugin)..
> But in the end we release usual release something like "3.0.0" or
> "3.2.0"....
>
> If it happens that a release has issues we remove the tags and drop the
> staging repository and spin a new release with the same version...
>
>
> For Maven core we do not use the same version we continue with the next
> one...
>
> >
> > In other Apache projects that I know/work on usual checks are:
> > - try to build and run tests on the propostes source artifacts.
>
> Usually you should at least run the build on the source artifacts which
> includes IT's ...something like:
>
> mvn -Prun-its clean verify for plugins and
> for components:
>
> mvn clean verify
>
>
> > - apache-rat/licensing issues
>
> Is already checked by the builds (see above)..
>

This may be wrong, if the build for some human error does not run rat
anymore you won't see it, IMHO a human should review manually the voted
artifacts.



> > - check signatures/shasums..
> Usually compare the checksums in email with them which can be downloaded
> from the staging repositories...
>
>
> > - check proposed maven artifacts
>
> ?? In which way?
>

Try them, this seems simple to me, if the release manager sets up the
staging repository on repository.apache.org, I think this is already in the
guide


> >
> > Usually voters when the give their '+1' add an explanation about the
> > tests the performed on the RC, I see this is not very common practice
> > in Maven VOTE threads.
>
> Sometimes yes sometimes not...usually we don't do it if nothing has been
> found...but if we find something than we do to find the itch..
>
> >
> > Second question, in Maven what is really 'released' ?
> > Are you releasing the SOURCE ZIP ? or something else ?
>
> > As far as I know in Apache we are 'releasing' the source code and we
> > are providing binaries for
> > convenience to users. I understand that Maven is somehow a very special
> case.
>
> Not really. The real releases are the source artifacts (*.zip)...
> The binaries which are transfered to Central is as already mentioned
> convenience...
>
>
> Much to explain..that looks like we need to enhance the release
> procedure description...
>
>
> >
> > My questions are just to understand better in order to give a more
> > significant contribution to the project, I am pointing out problems.
>
> Yeah really great...
>
> Kind regards
> Karl Heinz Marbaise
> >
> > Thank you all for carrying on Maven Project !
> >
> > Cheers
> > Enrico
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> > For additional commands, e-mail: dev-help@maven.apache.org
> >
> >
>
-- 


-- Enrico Olivelli

Re: Testing Release Candidates

[Karl Heinz Marbaise <kh...@gmx.de>]

Hi Enrico,


On 12/10/18 10:36, Enrico Olivelli wrote:
> Hi,
> I would like to test Maven Plugins Release Candidates.

Great that you like to help...

> 
> I know there is a brief guide
> https://maven.apache.org/guides/development/guide-testing-releases.html
> But I think this is not very complete and/or it is outdated.

It might be if so we need to update/enhance it as needed...

> 
> The summary of the guide is to run
> mvn verify
> For instance this is not true for Surefire.

Yes there are some of the release which need different approach usually 
documented in README.md (I'm not sure if all have a README.md...or need 
one)...for Maven Core this not enough (mvn clean install) and test the 
resulting core with different project of your own choice...


> 
> Can someone explain better how is it expected to run a check on an RC ?

First we don't do RC's ...what we sometimes do is to release Milestones 
(for example with maven-install, maven-deploy-plugin)..
But in the end we release usual release something like "3.0.0" or 
"3.2.0"....

If it happens that a release has issues we remove the tags and drop the 
staging repository and spin a new release with the same version...


For Maven core we do not use the same version we continue with the next 
one...

> 
> In other Apache projects that I know/work on usual checks are:
> - try to build and run tests on the propostes source artifacts.

Usually you should at least run the build on the source artifacts which 
includes IT's ...something like:

mvn -Prun-its clean verify for plugins and
for components:

mvn clean verify


> - apache-rat/licensing issues

Is already checked by the builds (see above)..

> - check signatures/shasums..
Usually compare the checksums in email with them which can be downloaded 
from the staging repositories...


> - check proposed maven artifacts

?? In which way?

> 
> Usually voters when the give their '+1' add an explanation about the
> tests the performed on the RC, I see this is not very common practice
> in Maven VOTE threads.

Sometimes yes sometimes not...usually we don't do it if nothing has been 
found...but if we find something than we do to find the itch..

> 
> Second question, in Maven what is really 'released' ?
> Are you releasing the SOURCE ZIP ? or something else ?

> As far as I know in Apache we are 'releasing' the source code and we
> are providing binaries for
> convenience to users. I understand that Maven is somehow a very special case.

Not really. The real releases are the source artifacts (*.zip)...
The binaries which are transfered to Central is as already mentioned 
convenience...


Much to explain..that looks like we need to enhance the release 
procedure description...


> 
> My questions are just to understand better in order to give a more
> significant contribution to the project, I am pointing out problems.

Yeah really great...

Kind regards
Karl Heinz Marbaise
> 
> Thank you all for carrying on Maven Project !
> 
> Cheers
> Enrico
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
> For additional commands, e-mail: dev-help@maven.apache.org
> 
> 

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
For additional commands, e-mail: dev-help@maven.apache.org