HowTo Release Apache Any23

This short guide is for volunteers that intend to cover the role of Release Manager

Prerequisites

  • Install/Configure GPG - The artifacts that are deployed to the ASF central repository need to be signed. To do this you will need to have a public and private keypair. There is a very good guide that will walk you though this.
  • Install Apache Maven 2.2.1 or higher. 2.2.0 has a bug that will produce invalid checksums; we strongly encourage our committers to install Apache Maven 3.0.4.

Configuration

Apache Maven

As of Maven 2.1.0 you can now encrypt your servers passwords. We highly recommend that you follow this guide to set your master password and use it to encrypt your ASF password in the next section.

ASF settings

Using the instructions from the previous step encrypt your Sonatype password and add the following servers to your ~/.m2/settings.xml file. You may already have other servers in this file. If not just create the file.

<?xml version="1.0" encoding="UTF-8"?>
<settings>
  ...
  <servers>
    <server>
      <id>apache.snapshots.https</id>
      <username>simonetripodi</username>
      <password>{put your encrypted password here}</password>
    </server>
    <server>
      <id>apache.releases.https</id>
      <username>simonetripodi</username>
      <password>{put your encrypted password here}</password>
    </server>
  </servers>
  ...
  <profiles>
    <profile>
      <id>apache</id>
      <activation>
        <activeByDefault>false</activeByDefault>
      </activation>
      <properties>
        <mavenExecutorId>forked-path</mavenExecutorId>
        <gpg.keyname>19FEA27D</gpg.keyname>\
        <!-- optional -->
        <gpg.passphrase>your-gpg-passphrase</gpg.passphrase>
      </properties>
    </profile>
  </profiles>
  ...
</settings>

You can find a settings.xml template in our SVN committers space

Release steps

Prepare the source for release

  1. Clean up JIRA so the Fix Version in issues resolved since the last release includes this release version correctly. Also, transition any Resolved issues to the Closed state.
  2. Update the text files in a working copy of the project root:
    1. Update the CHANGES based on the Text release reports from JIRA.
    2. Review and update README if needed.
    3. Commit any changes back to Git:
      git add -A && git commit -m "updating files for release"
      .
  3. Perform a full build and deploy the SNAPSHOT artifacts:
    mvn clean deploy

Get source tree

  1. Only for new major releases (like 1.0.0 to 1.1.0):
    Create a sub-branch from which to make the release.
    Releasing from a branch will allow any cosmetic changes that need to be made for the release to be approved to be done without preventing other more disruptive advances in the trunk from potentially causing problems with the release. It also provides a future maintenance branch (like 1.0.x.)
    A branch can be made by running:
    mvn release:branch -DbranchName=1.0.x
  2. Checkout a clean copy of the trunk/branch to release using command line Git:
    git clone https://git-wip-us.apache.org/repos/asf/any23.git

Prepare the release

  1. Do a dry run of the release:prepare step.
    mvn release:prepare -DdryRun=true
    The dry run will not commit any changes back to SVN and gives you the opportunity to verify that the release process will complete as expected.

    If you cancel a release:prepare before it updates the pom.xml versions, then use the release:clean goal to just remove the extra files that were created.

  2. Verify that the release process completed as expected:
    1. The release plugin will create pom.xml.tag files which contain the changes that would have been committed to SVN. The only differences between pom.xml.tag and its corresponding pom.xml file should be the version number.
    2. If other formatting changes have been made you should review the changes and then commit them:
      git add -A && git commit -m "fixing formatting for release"
    3. Assuming the .tag files look OK you may proceed and do any other validation you feel necessary. The following list may be helpful:
      1. Check release.properties and make sure that the scm properties have the right version. Sometimes the scm location can be the previous version not the next version.
      2. Verify signatures: On Un*x platforms the following command can be executed:
        for file in `find . -type f -iname '*.asc'`
        do
          gpg --verify ${file}
        done
        You'll need to look at the output to ensure it contains only good signatures:
        gpg: Good signature from ...
        gpg: Signature made ...
    4. Once any failures or required updates have been committed to git, rollback the release prepare files:
      mvn release:rollback
  3. Run the release:prepare step for real this time. You'll be prompted for the same version information and optionally your GPG passphrase again.
    mvn release:prepare

Perform the release

  1. From the directory where you have launched release:prepare execute (this step will create a maven staging repository):
    mvn release:perform [-Duser.name=<your_apache_uid>]

    If your local OS userid doesn't match your Apache userid, then you'll have to also override the value provided by the OS to Maven for the site-deploy step to work. This is known to work for Linux, but not for Mac and unknown for Windows.

    1. Verify the staged artifacts in the Nexus repository:
      1. https://repository.apache.org/
      2. Enterprise --> Staging
      3. Staging tab --> Name column --> org.apache.any23
      4. Navigate through the artifact tree and make sure that all binary, javadoc, sources, and tests jars, as well as poms, ... have .asc (GPG signature) and checksum files (see Repository FAQ and Detached Signatures). The any23-sources-dist-X.Y.tar.gz and any23-sources-dist-X.Y.zip files shall likewise have signature and checksum files.
    2. Close the Nexus staging repo:
      1. https://repository.apache.org/
      2. Enterprise --> Staging
      3. Staging tab --> Name column --> org.apache.any23
      4. Right click on the open org.apache.any23-XXX staging repo and select Close.
    3. Add the distribution artifacts to the dev staging area at https://dist.apache.org/repos/dist/dev/any23/ ensuring that you provide SHA512 and ASC signatures all relevant artifacts.

Vote the Release

  1. Create a VOTE email thread on dev@any23.apache.org and user@any23.apache.org to record votes as replies, e.g.:
    To: "Apache Any23 Developers List" <dev@any23.apache.org>, "Apache Any23 Users List" <user@any23.apache.org>
    Subject: [VOTE] Release Apache Any23 X.Y
    
    Hi,
    
    Please VOTE on the release candidate for Apache Any23 ${latestStableRelease}
    
    We solved N issues:
    http://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12312323&styleName=Html&version=X.Y
    
    Git source tag (r9999999):
    https://gitbox.apache.org/repos/asf/any23.git ...
    
    Staging repo:
    https://repository.apache.org/content/repositories/orgapacheany23-[YOUR REPOSITORY ID]/
    
    Staging binaries:
    https://dist.apache.org/repos/dist/dev/any23/${latestStableRelease}
    
    PGP release keys (signed using ABCDEFG):
    https://dist.apache.org/repos/dist/release/any23/KEYS
    
    Vote will be open for 72 hours.
    
    [ ] +1, let's get it ruuuumbleeeeee!!!
    [ ] +/-0, fine, but consider to fix few issues before...
    [ ] -1, nope, because... (and please explain why)
  2. Perform a review of the release and cast your vote. For more details on Apache releases see http://www.apache.org/legal/release-policy.html.
  3. A -1 vote does not necessarily mean that the vote must be redone, however it is usually a good idea to rollback the release if a -1 vote is received (see "Recovering from a vetoed release" below).
  4. After the vote has been open for at least 72 hours, has at least three +1 PMC votes and no -1 votes, then post the results to the vote thread, replying to the initial email prepending [RESULT] to the original subject and include a list of every binding +1, 0 and -1 vote.
    To: "Apache Any23 Developers List" <dev@any23.apache.org>
    CC: "Apache Any23 PMC List" <private@any23.apache.org>
    Subject: [RESULT] [VOTE] Release Apache Any23 X.Y
    
    Hi,
    The vote has passed with the following result :
    
    +1 (binding):
    
        Chris Mattmann
        Lewis John Mcgibbney
        Michele Mostarda
        Simone Tripodi
    
    +1 (non binding):
    
        Mario Rossi
        John Doe
    
    I will promote the artifacts to the central repo.

Finalize the Release

  1. Promote the staged nexus artifacts:
    1. https://repository.apache.org/
    2. Enterprise --> Staging
    3. Staging tab --> Name column --> org.apache.any23
    4. Right click on the closed org.apache.any23-XXX staging repo and select Release.
  2. Move the distribution artifacts from the dev staging area at https://dist.apache.org/repos/dist/dev/any23/ to the release area at https://dist.apache.org/repos/dist/release/any23/ ensuring that you provide SHA512 and ASC signatures all relevant artifacts.
  3. Update the JIRA versions page to mark the version as Released, and set the date to the date that the release was approved. You may also need to make a new release entry for the next release.

Announce the Release

Make an announcement about the release on the any23-user, any23-dev, Web Data Commons - Google Group, maybe some other relevant W3C and/or OGC groups, and announce@apache.org lists as per the Apache Announcement Mailing Lists page

From: YOUR_APACHE_USERNAME@apache.org
To: "ASF Announcements" <announce@apache.org>, "Apache Any23 Users List" <user@any23.apache.org>
CC: "Apache Any23 Developers List" <dev@any23.apache.org>
Subject: [ANNOUNCE] Apache Any23 X.Y

The Apache Any23 Team is pleased to announce the release of Apache Any23 ${latestStableRelease}.

Apache Anything To Triples (Any23) is a library, a web service and a command line tool that
extracts structured data in RDF format from a variety of Web documents.

Release Notes: https://github.com/apache/any23/blob/any23-${latestStableRelease}/RELEASE-NOTES.txt

Download: http://any23.apache.org/download.html

Maven Artifacts: https://s.apache.org/mwOE

DOAP: https://github.com/apache/any23-committers/blob/master/doap_Any23.rdf

Have Fun,
(Lewis), on behalf of the Apache Any23 PMC
N.B. The release artifacts can take a bit of time to reach the distribution servers, please be patient.

Recovering from a vetoed release

  1. Reply to the initial vote email prepending [CANCELED] to the original subject.
  2. Rollback the version upgrades in trunk by either:
    1. Restore the 0.1-rc1.tar.gz and run
      mvn release:rollback
      or manually revert the versions in trunk to the prior version and commit
  3. Delete the git tag created by the release:perform step (N.B. replace ${tag_name} with the actual tag name):
    git tag -d ${tag_name} && git push origin :refs/tags/${tag_name}
  4. Drop the Nexus staging repo:
    1. https://repository.apache.org/
    2. Enterprise --> Staging
    3. Staging tab --> Name column --> org.apache.any23
    4. Right click on the closed org.apache.any23-XXX staging repo and select Drop.
  5. Make the required updates that caused the vote to be canceled.
  6. Spin another release attempt!