[doc] update versioning and release guide #3962
Conversation
|
Kudos, SonarCloud Quality Gate passed!
|
adamretter
left a comment
adamretter
left a comment
There was a problem hiding this comment.
Good start! Needs some expansion and reordering of tasks
|
|
||
| ## Release Process | ||
|
|
||
| This section details concrete steps for creating and publishing product releases. Each section here assumes you are starting with a clean Git checkout of the `develop` branch from [https://github.com/eXist-db/exist.git](https://github.com/eXist-db/exist.git). |
There was a problem hiding this comment.
As discussed in the calls, I believe it is important to always start a release from a clean git checkout of the develop branch. So I think this section should not be removed
There was a problem hiding this comment.
Yes, this is why we decided to make this a dedicated step. That way there is less chance to miss it.
There was a problem hiding this comment.
Thanks, I see that below now, but I do think it is better at the beginning or at least also a note at the beginning.
|
|
||
| ``` | ||
| gpg --list-secret-keys --keyid-format SHORT | ||
| /Users/username/.gnupg/pubring.kbx |
There was a problem hiding this comment.
I think we need to be more generic here. On none of my machines are the files for GPG named like the ones here!
There was a problem hiding this comment.
The above is sample output. That is also the more recent format as is layed out in a previous section.
| sec rsa4096/12345678 2013-04-26 [SC] | ||
| ``` | ||
|
|
||
| This gives you the keystore you are using (here: `/Users/username/.gnupg/pubring.kbx`) and your key-id (here: `12345678` the part after rsa4096/). |
There was a problem hiding this comment.
I think keystore is the wrong terminology here. keystore is used in the Java world. For GPG I believe the correct terminology is "public key ring"
There was a problem hiding this comment.
agreed, my mistake, will fix it
| This gives you the keystore you are using (here: `/Users/username/.gnupg/pubring.kbx`) and your key-id (here: `12345678` the part after rsa4096/). | ||
|
|
||
| **Important Note** | ||
| GnuPG is using an [optimized keystore since version 2.1](https://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration.html) which contains public and secret keys. Former GnuPG version had seperated keystore for public (~/.gnupg/pubring.gpg) and private keys (~/.gnupg/secring.gpg). |
There was a problem hiding this comment.
This should be moved before the commands (see comment above).
There was a problem hiding this comment.
Agreed, once its above the sample I think the discussion which keyring we show in the sample is not so important anymore, or is it? Point is since GnuPG 2.1 is .kbx thats why I would vote for the .kbx sample but I don't have strong feeling about it.. @adamretter what is printed if you run the command, only the pubring.gpg or secring.gpg and pubring.gpg ?
| To test gpg simply create a file `test.txt` and run`gpg -ab test.txt`to sign it. you should see a new file `test.txt.asc` which means GnuPG signing worked fine. | ||
|
|
||
| ##### Java KeyStore | ||
| * To create an eXist-db release a Java KeyStore with key is needed to sign the IzPack Installer. In case you don't have a Java KeyStore you can create one with: |
There was a problem hiding this comment.
you can create one with - we should add some text, that it is important that the user realises this should be an exceptional circumstance and not the normal, because if they use a self-generated key, then there is no authenticity. Ideally the user should use a real key purchased from a code-signing vendor.
There was a problem hiding this comment.
Yes, I agree that this should be added in greater detail.
| -Pinstaller \ | ||
| -Pconcurrency-stress-tests \ | ||
| -Pmicro-benchmarks \ | ||
| -Darguments="-Djarsigner.skip=false -Dmac-signing=true -Dmac.codesign.identity=\"your codesign ID\"" \ |
There was a problem hiding this comment.
The -P args should likely be repeated in the -Dargument
There was a problem hiding this comment.
Not needed. I spent Saturday night running this back and forth.
| ``` | ||
| $ git push origin eXist-5.3.0:master | ||
| #### Notarizing macOSX installer (work in progress) |
There was a problem hiding this comment.
This seems to be in the wrong place. Also see my comments above about Notarization and where it needs to happen...
| The notarized installer containing the notarized app must then be uploaded to the github releases page. | ||
| 2. Update the stable branch (`master`) of eXist-db to reflect the latest release: |
There was a problem hiding this comment.
Before this... A visual checklist of things needs to be completed. Was the output of the release:perform step as expected. Do the new version numbers look correct locally? do they look correct on the exist-db GitHub? Does the tag look correct, did the tag get pushed to the exist-db GitHub? Has at least one other person also checked such things and also confirmed this to you?
Also before modifying master, I would suggest that the oss.sonatype.org artifacts have to be released successfully. Sonatype has its own suite of checks, and if the artifacts fail those for some reason, then you have to undo the release process, fix the issue, go all the way back to the start of the release process and start again. So it is important that Sonatatype artifacts are published OK before we change master. Changing master should really be the last thing that ever happens (apart from perhaps tweeting/emailing/etc)
There was a problem hiding this comment.
Interesting. This sounds like very important information that belongs in this guide.
| 2.1. Warning: there is a known issue in AtomicWiki where your release notes might suddenly disappear. In case this happens your data is not lost but stored in `/db/apps/wiki/data/blogs/eXist/.md`. You can rename it or move the content to a `eXistdb<VERSION>.md` file and create an according `eXistdb<VERSION>.atom` for it. Once these two files are available the blog entry will become visible on the eXist-db homepage and it will be visible in the eXist-db blog. | ||
| 7. Visit the GitHub releases page [https://github.com/eXist-db/exist/releases](https://github.com/eXist-db/exist/releases) and create a new release, enter the tag you previously created and link the release notes from the blog. | ||
| 3. Visit the GitHub releases page [https://github.com/eXist-db/exist/releases](https://github.com/eXist-db/exist/releases) and create a new release, enter the tag you previously created and link the release notes from the blog. |
There was a problem hiding this comment.
Does this still need to be done? doesn't the github-release-plugin now take care of some of this?
There was a problem hiding this comment.
Good catch. Will be removed
| 8. Update the Wikipedia page with the new version details - [https://en.wikipedia.org/wiki/EXist](https://en.wikipedia.org/wiki/EXist). | ||
| 13. Go to GitHub and move all issues and PRs which are still open for the release milestone to the next release milestone. Close the release milestone. | ||
| 9. Go to GitHub and move all issues and PRs which are still open for the release milestone to the next release milestone. Close the release milestone. |
There was a problem hiding this comment.
We need to expand on this as it caused confusion this time... if the release was a "patch" move the issues to the next logical "patch" milestone, likewise for "feature" and "minor" releases.
| ```bash | ||
| git checkout -b next-master eXist-5.3.0 | ||
| git push origin next-master:master |
There was a problem hiding this comment.
You don't need the intermediate branch, you can push the tag (either local or remote) directly to the remote master,
There was a problem hiding this comment.
I tried that and it did not work.
There was a problem hiding this comment.
It might work but as it it also might fail I would prefer the safer option.
There was a problem hiding this comment.
I tried that and it did not work.
Tried what? Unless you share the commands, and the error, I can't comment. All I can tell you is that is how it has been done for previous released...
There was a problem hiding this comment.
It might work but as it it also might fail I would prefer the safer option.
Git is atomic, it will either succeed or fail, and it will always do so in a safe-way
There was a problem hiding this comment.
git push origin eXist-5.3.0:master resulted in eXist-5.3.0 -> master(bad ref) on a fresh clone after building
| 3. Visit the GitHub releases page [https://github.com/eXist-db/exist/releases](https://github.com/eXist-db/exist/releases) and create a new release, enter the tag you previously created and link the release notes from the blog. | ||
| 8. Send an email to the `exist-open` mailing list announcing the release with a title similar to `[ANN] Release of eXist 5.3.0`, copy and paste the release notes from the blog into the email and reformat appropriately (see past emails). | ||
| 4. Send an email to the `exist-open` mailing list announcing the release with a title similar to `[ANN] Release of eXist 5.3.0`, copy and paste the release notes from the blog into the email and reformat appropriately (see [past emails](https://sourceforge.net/p/exist/mailman/search/?mail_list=exist-open)). |
There was a problem hiding this comment.
Could you add an item: "Send a note to the eXist-db.org Slack #community channel" with a link to the release notes? (Phew, that's a lot of outreach duties!)
Also, it would be nice if we could find some convenient way to email the rendered HTML of the release notes, rather than the raw markdown.
4 participants
closes #3845
closes #3914
Follow-up on the last release the guide how-to release a new version of exist-db was reworked.