How to Build a Release of OpenMeetings
Required tools
To build a binary release of OpenMeetings you need:
- JDK17
- Apache Maven 3.8.7
- Git Command line client
- A text editor
- You need to be online! The build process actively downloads needed libraries and dependencies.
- Valid certficate to be able to enter https://securesigning.pki.digicert.com/csportal Please ask INFRA in case you need one.
Prepare your Apache ID
- Every release package must be signed with a PGP/GPG key.
So if you want to release a package your Apache Id must be connected with a PGP key!
You might follow:
http://www.apache.org/dev/new-committers-guide.html#security-and-pgp
In short:- Create PGP key pairs (private + public) (and I recommend creating a Revoke Cert)
- Upload the public key (either bei using the PGP Tool that you use to create the key) or by using the web form to: http://pgp.mit.edu/
- Add the fingerprint string (something like "BF13 CF11 F9C9 0CBE 4413 09AB 0055 16BF 93A3 0395") to your profile at https://id.apache.org/
- Wait for 6-8 hours, the server will search for a public key based on your fingerprint, if success it will create a file with your name at:
https://people.apache.org/keys/committer/ - If that is "success" then add your key to:
https://github.com/apache/openmeetings/blob/master/KEYS
and follow the instructions in the file.
- Maven
- Ensure you able to login to https://repository.apache.org
- Set up development environment as described here: Setup development environment
Don't forget to secure passwords as described here: Password Encryption
Step1 - Prepare files
- Check that all files:
LICENSE, NOTICE.md, CHANGELOG.md, README.md
are up to date and refer to the right version. - Check site is green here https://whimsy.apache.org/site/project/openmeetings
- Ensure All contributed translations are imported to our codebase
(More info and examples are here)) - Update following files in OM documentation:
openmeetings-server/src/site/xdoc/index.xml
openmeetings-server/src/site/xdoc/NewsArchive.xml
openmeetings-server/src/site/xdoc/downloads.xml
Download links in NewsArchive.xml and README.md should be updated - Switch to the necessary branch:
git checkout master
- Create temporary local branch
git checkout -b release-5.0.1
- Update versions of all modules
mvn versions:set -DgenerateBackupPoms=false -DnewVersion=5.0.1
- Update final SCM URL located at pom.xml and openmeetings-server/pom.xml
<scm> <url>https://github.com/apache/openmeetings.git</url> SET https://github.com/apache/openmeetings/tree/5.0.1 - Add timestamp to parent pom (properties section)
YEAR-MONTH-DAY_OF_MONTHT00:00:00Z
- Create a TAG and commit it to the Git
git commit -a -m "5.0.1 Release Candidate 1" git tag -s 5.0.1-RC1 -m "5.0.1 Release Candidate 1 tag" git push origin 5.0.1-RC1
Deploy release artifacts to Maven
mvn clean && mvn deploy -Pdeploy,rc
Run the command:
mvn clean && mvn install -PallModules,rc
Test building the source on windows and OSx or Linux
Test running the binary's
Commit artifacts you have created with KEYS file to the https://dist.apache.org/repos/dist/dev/openmeetings/ Proposed file structure for "Release Candidate 1" of 5.0.1 will be:
5.0.1 5.0.1/rc1 5.0.1/rc1/src 5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip 5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz 5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip.sha 5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip.asc 5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz.sha 5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz.asc 5.0.1/rc1/bin 5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip 5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz 5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip.sha 5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip.asc 5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz.sha 5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz.asc 5.0.1/rc1/CHANGELOG
NOTE KEYS file is located at https://www.apache.org/dist/openmeetings/KEYS and should be just updated
Step2 - VOTE and RESULT emails
Send a "VOTE" to the developer mailing list including links to release artifacts.
A VOTE always contains two parts:
Send an email to the developer mailing list with the subject line:
[VOTE] Apache OpenMeetings x.xx release
An example for such an email: example Vote email example Vote email (Incubator)
After the vote is over, send a "RESULT" email to the list with the subject line:
[RESULT][VOTE] Apache OpenMeetings x.xx release
An example for such an email: example Result email
Votes on whether a package is ready to be released use majority approval -- i.e., at least three PMC members must vote affirmatively for release, and there must be more positive than negative votes. Releases may not be vetoed. Before voting +1 PMC members are required to download the signed source code package, compile it as provided, and test the resulting executable on their own platform, along with also verifying that the package meets the requirements of the ASF policy on releases.
Step3 - Sign web start application
If VOTEs positive: Sign screen sharing web application and re-pack the release
- Go to the folder you check out your $BRANCHORTAG
Run the command:
cd openmeetings-screenshare mvn clean install -Prc,release
- Go to https://securesigning.pki.digicert.com/csportal
- Select "Signing Sets"
- Select "Add signing set"
- Enter "Signing set name" (must include "Apache OpenMeetings" and version) for ex. "Apache OpenMeetings 5.0.1-RELEASE"
- Enter "Version" for ex. "5.0.1-RELEASE"
- Select "Java Signing Sha256" as "Signing service"
- Select "Upload files" and add all jar files from target/jnlp
- Select "Sign now"
- Select "Type of signing" -> "Production"
- Select "Sign"
- Select "Download set"
- Open binary artifacts of OM created on previous step (both tar.gz and zip)
- Replace jar files inside artifacts webapps/openmeetings/screenshare with the signed ones
- Re-create artifact signatures
Create sha512sum checksums
#On OSX you might use this command to make a SHA checksum and store it to a file shasum -a 512 -r apache-openmeetings-XXX-src.zip >apache-openmeetings-XXX-src.zip.sha512
#To create SHA hashes On Ubuntu: for f in `ls -1 *.tar.gz *.zip`; do sha512sum $f > $f.sha512; done #To check SHA hashes On Ubuntu: for f in `ls -1 *.tar.gz *.zip`; do sha512sum -c $f.sha512; done
Create signatures with the your KEY for every file, the KEY must be available at:
https://github.com/apache/openmeetings/blob/master/KEYS#To create signatures On Ubuntu: for f in `ls -1 *.tar.gz *.zip`; do gpg --armor --output $f.asc --detach-sig $f; done #To check signatures On Ubuntu: for f in `ls -1 *.tar.gz *.zip`; do gpg --verify $f.asc; done
NOTE: "Type of signing" can be selected as "Test" to check everything works as expected
Step4 - Create release tag
Release tag based on RCXX should finally be created
git checkout 5.0.0-M1-RC1 git tag 5.0.0-M1 git push origin 5.0.0-M1
Step5 - Distribute and announce
If VOTEs positive: Upload the release
- Upload Artifacts with signatures created on the previous steps to https://dist.apache.org/repos/dist/release/openmeetings/CURRENT_VERSION
- Close staging repo:
- Go to: Staging Repositories
- Select openmeetings staging repo and Close it with valid message:
for ex. "The VOTE about 3.1.2 release was successful" - Select openmeetings staging repo and Release it with valid message:
for ex. "The VOTE about 3.1.2 release was successful"
- Wait 24 hours (until all Apache mirrors have synced the packages) and send an announcement to the mailing list + blog and any other channel.
- Email announcements should have the subject line:
[ANNOUNCE] Apache OpenMeetings x.xx released - Update release section of DOAP file openmeetings-site/doap.rdf (https://github.com/apache/openmeetings-site/blob/asf-site/doap.rdf)
- Add a section to downloads website.
Make sure that the binary packages are linked using the mirror URL as base path ( not http://www.apache.org/dist):
Mirror URL: http://www.apache.org/dyn/closer.lua/openmeetings/ - Release candidates should be deleted from https://dist.apache.org/repos/dist/dev/openmeetings/
Old releases should be deleted from https://dist.apache.org/repos/dist/release/openmeetings/