more cleanup of build.xml, improved release procedure, added a script to create .md5 and .asc

git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@883629 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Yegor Kozlov 2009-11-24 09:10:49 +00:00
parent dd95f20c17
commit d67f4e3f88
4 changed files with 63 additions and 82 deletions

View File

@ -844,6 +844,13 @@ under the License.
</replacetokens>
</filterchain>
</copy>
<copy file="maven/poi-examples.pom" tofile="${dist.dir}/poi-examples-${version.id}.pom">
<filterchain>
<replacetokens>
<token key="VERSION" value="${version.id}"/>
</replacetokens>
</filterchain>
</copy>
<copy file="maven/poi-ooxml-schemas.pom" tofile="${dist.dir}/poi-ooxml-schemas-${version.id}.pom">
<filterchain>
<replacetokens>
@ -1011,17 +1018,15 @@ under the License.
<patternset refid="src.dist.patterns"/>
</tarfileset>
</tar>
<!-- script to create signatures and hashes -->
<copy file="maven/multisign.sh" todir="${dist.dir}"/>
<echo>Creating Maven POMs</echo>
<antcall target="maven-poms"/>
<echo>Generating MD5 Checksums</echo>
<checksum fileext=".md5">
<fileset dir="${dist.dir}" includes="*.pom,*.gz,*.zip"/>
</checksum>
<echo>Distribution located in ${dist.dir}</echo>
<echo>Use ${dist.dir}/multisign.sh to create md5 checksums and GPG signatures</echo>
</target>
<target name="dist" depends="clean, compile-all, test-all, site, jar, assemble"

31
maven/multisign.sh Executable file
View File

@ -0,0 +1,31 @@
#! /bin/sh
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# create md5 checksums and gpg signatures
stty -echo
echo "enter your GPG passphrase"
read passphrase
stty echo
for i in *; do
echo Signing $i
echo $passphrase | gpg --passphrase-fd 0 --output $i.asc --detach-sig --armor $i
gpg --verify $i.asc $i
echo Hashing $i
openssl md5 < $i > $i.md5
done

View File

@ -43,39 +43,21 @@
M2_REPOSITORY=scp://people.apache.org/www/people.apache.org/repo/m2-ibiblio-rsync-repository
M2_SCP=people.apache.org:/www/people.apache.org/repo/m2-ibiblio-rsync-repository
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=poi-@VERSION@-@DSTAMP@.jar -DpomFile=poi-@VERSION@.pom
scp poi-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi/@VERSION@/
scp poi-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi/@VERSION@/
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=poi-scratchpad-@VERSION@-@DSTAMP@.jar -DpomFile=poi-scratchpad-@VERSION@.pom
scp poi-scratchpad-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-scratchpad/@VERSION@/
scp poi-scratchpad-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-scratchpad/@VERSION@/
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=poi-contrib-@VERSION@-@DSTAMP@.jar -DpomFile=poi-contrib-@VERSION@.pom
scp poi-contrib-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-contrib/@VERSION@/
scp poi-contrib-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-contrib/@VERSION@/
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=poi-ooxml-@VERSION@-@DSTAMP@.jar -DpomFile=poi-ooxml-@VERSION@.pom
scp poi-ooxml-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-ooxml/@VERSION@/
scp poi-ooxml-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-ooxml/@VERSION@/
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=poi-examples-@VERSION@-@DSTAMP@.jar -DpomFile=poi-examples-@VERSION@.pom
scp poi-examples-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-examples/@VERSION@/
scp poi-examples-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-examples/@VERSION@/
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=poi-ooxml-schemas-@VERSION@-@DSTAMP@.jar -DpomFile=poi-ooxml-schemas-@VERSION@.pom
scp poi-ooxml-schemas-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-ooxml-schemas/@VERSION@/
VERSION=@VERSION@
DSTAMP=@DSTAMP@
for artifactId in poi poi-scratchpad poi-contrib poi-ooxml poi-examples poi-ooxml-schemas
do
mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY \
-Dfile=$artifactId-$VERSION-$DSTAMP.jar -DpomFile=$artifactId-$VERSION.pom
#The maven sign-and-deploy-file command does NOT sign POM files, so we have to upload the POM's .asc manually
scp $artifactId-$VERSION.pom.asc $M2_SCP/org/apache/poi/$artifactId/$VERSION/
if [ -r $artifactId-$VERSION-sources.jar ]; then
mvn deploy:deploy-file -DrepositoryId=apache-releases -P apache-releases \
-Durl=$M2_REPOSITORY -DgeneratePom=false -Dpackaging=java-source \
-Dfile=$artifactId-$VERSION-sources.jar -DpomFile=$artifactId-$VERSION.pom
scp $artifactId-$VERSION-sources.jar.asc $M2_SCP/org/apache/poi/$artifactId/$VERSION/
fi
done

View File

@ -59,58 +59,21 @@ $ svn merge https://svn.apache.org/repos/asf/poi/tags/$TAG \
https://svn.apache.org/repos/asf/poi/trunk
{code}
5. Start a new section in sites.xml and status.xml.
5. Start a new section in status.xml.
6. Build as if the vote had passed. The build date must be +7 days from current.
{code}
ant build
{code}
After build you should have the following files in the build/dist:
{code}
poi-$TAG-$DATE.jar
poi-bin-$TAG-$DATE.tar.gz
poi-bin-$TAG-$DATE.zip
poi-contrib-$TAG-$DATE.jar
poi-scratchpad-$TAG-$DATE.jar
poi-src-$TAG-$DATE.tar.gz
poi-src-$TAG-$DATE.zip
{code}
where $TAG is the release tag specified in build.xml in the version.id property, $DATE is the release date (typically +7 days from the actual build date).
7. Signing the release artifacts:
{code}
cd build/dist
for i in *.zip ; do
gpg --armor --output $i.asc --detach-sig $i;
done
for i in *.gz ; do
gpg --armor --output $i.asc --detach-sig $i;
done
{code}
./multisign.sh
Verify the signatures:
{code}
gpg --multifile --verify *.asc
{code}
8. Create MD5 checksums for all artifacts to be published:
{code}
for i in *.zip ; do
openssl md5 < $i > $i.md5
done
for i in *.gz ; do
openssl md5 < $i > $i.md5
done
{code}
9. Upload to your area at people.apache.org.
There should be two directories:
main
maven
8. Upload to your area at people.apache.org, e.g. public_html/poi
Make sure that the all files have read permission.
@ -139,7 +102,7 @@ cp *-src-* /www/www.apache.org/dist/poi/release/src
cp *-bin-* /www/www.apache.org/dist/poi/release/bin
{code}
copy Maven artifacts
deploy Maven artifacts
{code}
cd build/dist
./mvn-deploy.sh