Skip to content

Releasing

Jump to bottom
Ladislav Gazo edited this page Aug 29, 2015 · 2 revisions

Prepare maven

As of AcrIS 1.0.1 version deployment of artifacts consists of two repositories:

  • Sonatype OSS free repository (Maven release)
  • Googlecode's SVN based one (Manual release)

Because we don't want to polute SVN history too much and because SVN is not the right maven repository management we migrated artifacts to Sonatype's. As of version 1.0.1 all AcrIS related artifacts (AcrIS, SeSAM, CorpIS) will reside in Sonatype's. Other artifacts we built for our purposes (external libraries) will remain in Googlecode's as their release is not made that often. In the future all artifacts will be at Sonatype and synced to Maven Central.

Step 0

There are two ways:

  • use prepared keystore with Sonatype & Sourceforge certificates -> in this case go to step 3
  • install key(s) manually -> maybe this is the case if you already have keystore for maven

Step 1

Download Sonatype into your PC. For every downloaded certificate execute following guide below. Name the certificate file e.g. sonatype.pem.

https://github.com/seges/acris/wiki/images/certificateExportGuide.png

Step 2

Following command will import the certificate and asks for a password used to authorize the access to the keystore (and for our example we will use: keystorePassword):

  • keytool -v -alias sonatype -import -file sonatype.pem -keystore trust.jceks -storetype jceks

This will create trust.jceks on your filesystem. Place it whereever you can find it because it will be needed by Maven!

Delete the certificate file because it will not be needed anymore. The authorization process will be executed against your keystore.

We will follow with 3rd step - setting MAVEN_OPTS up. There are several ways how to do it but these three parameters of Java VM needs to be in place:

  • -Djavax.net.ssl.trustStore=/path/to/keystore/trust.jceks
  • -Djavax.net.ssl.trustStorePassword=keystorePassword
  • -Djavax.net.ssl.trustStoreType=jceks

Step 3

How to setup MAVEN_OPTS:

  • in case of using prepared keystore use path to acris-os-parent/acris.jceks file

  • for the environment of the operating system (the preferred way):

    • in Windows: Start -> Control panel -> System -> Environment variables, put new key MAVEN_OPTS following values -Djavax.net.ssl.trustStore=c:\path\to\keystore\acris.jceks -Djavax.net.ssl.trustStorePassword=password -Djavax.net.ssl.trustStoreType=jceks
    • in Linux: in your home directory create file .mavenrc and put htere following value MAVEN_OPTS="-Djavax.net.ssl.trustStore=/path/to/keystore/acris.jceks -Djavax.net.ssl.trustStorePassword=keystorePassword -Djavax.net.ssl.trustStoreType=jceks

  • or you can set environment variable for specific case/terminal/environment:

    • in Windows console set MAVEN_OPTS=-Djavax.net.ssl.trustStore=c:\path\to\keystore\acris.jceks -Djavax.net.ssl.trustStorePassword=keystorePassword -Djavax.net.ssl.trustStoreType=jceks
    • almost the same in Linux using export MAVEN_OPTS="-Djavax.net.ssl.trustStore=/path/to/keystore/acris.jceks -Djavax.net.ssl.trustStorePassword=keystorePassword -Djavax.net.ssl.trustStoreType=jceks"
    • or using direct maven command with variable in Linux: MAVEN_OPTS="-Djavax.net.ssl.trustStore=/path/to/keystore/acris.jceks -Djavax.net.ssl.trustStorePassword=keystorePassword -Djavax.net.ssl.trustStoreType=jceks" mvn compile

Step 4

Final step is to setup authentification information for SVN access. Open your settings.xml in ".m2" directory and enter following information to the servers section:

<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">

	<servers>
		<server>
			<id>sonatype-nexus-snapshots</id>
			<username>sonatypes-jira-user</username>
			<password>sonatypes-jira-pass</password>
		</server>
		<server>
			<id>sonatype-nexus-staging</id>
			<username>sonatypes-jira-user</username>
			<password>sonatypes-jira-pass</password>
		</server>

		<server>
			<id>acris-snapshots-repo</id>
			<username>darth</username>
			<password>tater</password>
		</server>
		<server>
			<id>acris-releases-repo</id>
			<username>darth</username>
			<password>tater</password>
		</server>
	</servers>

</settings>

The password for Googlecode repository is generated by google and you can find it in "Source" tab and clicking the "google password" link.

You can obtain a password for Sonatype repository by registering at: https://issues.sonatype.org

Snapshots deployment

Execute mvn deploy optionally with -Dmaven.test.skip in project you want to deploy to snapshots repository. Execute it on parent project if you want to deploy all projects.

Release

To deploy to Sonatype (and later to be compliant with Maven central) artifacts need to be signed. Follow the guide on how to create a PGP key and use it with Maven GPG plugin - http://www.sonatype.com/people/2010/01/how-to-generate-pgp-signatures-with-maven/

The process of deployment follows the guide at http://axelfontaine.com/blog/final-nail.html

Steps

  • git clone or git pull
  • check the pom whether there are comments to follow - e.g. changing a version
  • go through all dependency versions and resolve all SNAPSHOT versions
  • mvn versions:set
  • mvn -DperformRelease -DskipTests -Dgpg.passphrase=SecretGPG clean javadoc:jar deploy
  • close the release (see chapter below)
    • verify the release is closed
  • mvn versions:commit
  • git commit -a
  • git push
  • mvn scm:tag
  • increase the development version number
    • mvn versions:set
    • mvn versions:commit
    • git commit -a
    • git push

Go through the base projects first and then release from parent projects (sesam-os, corpis-os, acris-os). Build projects (in the root) should not be used for releasing.

Close the release

When you forget to include a module into the release

  • e.g. it is not in parent pom
  • go to the tagged source tree, e.g. target/checkout directly to the module you want to release again, or download a tag
  • mvn source:jar javadoc:jar gpg:sign repository:bundle-create
  • use Sonatype console - Staging Upload - where you upload the bundle

Post release/deploy steps

  • export artifacts as a ZIP bundle to download section with a script in sesam-helper-scripts - ExportMavenDeps.py (there is README as well)
  • prepare release notes
  • move old release notes to OldReleaseNotes
  • adjust release dates table
  • close issues and mark them correctly

Information regarding Sonatype repository

https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide https://issues.sonatype.org/browse/OSSRH-713 https://oss.sonatype.org/index.html#welcome

Clone this wiki locally