You need to be a Jackrabbit committer to prepare and perform a release, but anyone is welcome to help test the release candidates and comment on the release plans.
You should have a code signing key that is included in the Jackrabbit KEYS file. See Appendix A at the end of this page for more details.
You also need to tell Maven your Subversion credentials needed for deploying artifacts to the Nexus server at https://repository.apache.org/. See Appendix B for the required settings.
Make sure that an appropriate version for the release is entered in Jira and that all the related issues have been resolved.
Create or update a RELEASE-NOTES.md file in the root folder of the project to be released. When done, commit the file. See previous release notes for examples of what to include. The release note report in Jira is a useful source of required information.
Build and deploy the release artifacts with Maven (see below).
The release is built using the Maven release plugin. See the Releasing a Maven project guide for more details. Make sure you have added the pgp key information in you maven settings file, especially if you have more than one key installed locally. See Appendix B for the details.
Releasing the maven artifact works best when operating on the subversion checkout of the project. Using git svn does not work.
The non-Maven release artifacts are automatically copied to `/.../target/checkout/target/$version`
Close the staged repository on repository.apache.org.
Upload the artifacts to https://dist.apache.org/repos/dist/dev/jackrabbit/filevault via SVN
svn co https://dist.apache.org/repos/dist/dev/jackrabbit/filevault-package-maven-plugin dist-dev-filevault-plugin cd dist-dev-filevault-plugin cp -r /path/to/jackrabbit/filevault-package-maven-plugin/target/checkout/target/$version $version svn add $version svn commit -m "Apache Jackrabbit Filevault Package Maven Plugin $version release candidate" $version
Start the vote thread, wait 72 hours. See the vote.txt template generated by the Maven build.
If the vote fails (easy case first):
svn rm https://svn.apache.org/repos/asf/jackrabbit/commons/filevault/tags/jackrabbit-filevault-package-maven-plugin-$version
If the vote is successful, close the vote by publishing the results
copy the release candidate from dev/jackrabbit to release/jackrabbit in https://dist.apche.org/repos/dist/, and delete any older releases from the same branch (they’re automatically archived):
svn move -m "Apache Jackrabbit Filevault $version" \
https://dist.apache.org/repos/dist/dev/jackrabbit/filevault-package-maven-plugin/$version \
https://dist.apache.org/repos/dist/release/jackrabbit/filevault-package-maven-plugin/$version
release the staged repository for synchronization to Maven central.
mark the version as released in Jira: Jira Project Home -> Project Summary -> Administer Project.
Under Versions, you’ll see all the defined project versions. From the settings menu, choose Release on the version.
Close all the issues included in the release: Jira Project Home -> Change Log -> Choose the released version.
From the issue list you have the option to bulk update all of the included issues. Just Transition Issues from Resolved to Closed and you are done!
Update the Jackrabbit web site to point to the new release.
Send the release announcement once the web site and download mirrors have been synced.
Follow these instructions to generate your code signing key and to add it to the Jackrabbit KEYS file.
Generate a code signing key using your _@apache.org_ address as the email and CODE SIGNING KEY as the comment.
The Jackrabbit KEYS file is managed in https://svn.apache.org/repos/asf/jackrabbit/dist/KEYS. To modify the file, first checkout the dist directory:
svn checkout https://svn.apache.org/repos/asf/jackrabbit/dist
See the beginning of the KEYS file for instructions on how to append your key to the file.
Once you’ve committed the changes, update the KEYS file on people.apache.org:
umask 002; svn update /www/www.apache.org/dist/jackrabbit
You are DONE, but to see the changes on http://www.apache.org/dist/jackrabbit/KEYS you must wait 2 hours
You should get your key linked to the Apache web of trust. Once other people have signed your key, you can update the KEYS file with the signatures you’ve received.
<settings>
...
<servers>
<!-- To deploy a Jackrabbit snapshot -->
<server>
<id>apache.snapshots.https</id>
<username> <!-- YOUR APACHE SVN USERNAME --> </username>
<password> <!-- YOUR APACHE SVN PASSWORD --> </password>
</server>
<!-- To stage a Jackrabbit release -->
<server>
<id>apache.releases.https</id>
<username> <!-- YOUR APACHE SVN USERNAME --> </username>
<password> <!-- YOUR APACHE SVN PASSWORD --> </password>
</server>
<!-- used for gpg code signing key -->
<!-- see: https://maven.apache.org/plugins/maven-gpg-plugin/usage.html -->
<server>
<id> <!-- YOUR KEYNAME --> </id>
<passphrase> <!-- CLEAR OR ENCRYPTED TEXT --> </passphrase>
</server>
...
<profiles>
<profile>
<id>apache-release</id>
<properties>
<gpg.keyname> <!-- YOUR KEYNAME --> </gpg.keyname>
</properties>
</profile>
</profile>
...
</profiles>
</servers>
</settings>