This is an automated email from the ASF dual-hosted git repository.
lide pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/incubator-doris-website.git
The following commit(s) were added to refs/heads/master by this push:
new 7f2be23 Add release process
7f2be23 is described below
commit 7f2be2311a404de40a0f484e183ecf0bb0c77e42
Author: lide <l...@baidu.com>
AuthorDate: Tue Mar 12 10:51:19 2019 +0800
Add release process
---
pages/policy/release_process.md | 564 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 564 insertions(+)
diff --git a/pages/policy/release_process.md b/pages/policy/release_process.md
new file mode 100644
index 0000000..5c15d2a
--- /dev/null
+++ b/pages/policy/release_process.md
@@ -0,0 +1,564 @@
+title=Apache Doris 发布流程
+date=2019-03-12
+type=policy
+status=published
+~~~~~~
+
+Apache 的发布必须至少是 IPMC 成员,拥有 apache 邮箱的commiter,这个角色叫做 release manager。
+
+发布的大致流程如下:
+
+1. 在社区发起 DISCUSS;
+2. 准备分支和打 tag;
+3. 将 tag 打包签名;
+4. 上传签名的软件包到 Apache SVN 的 DEV 目录
+3. 发社区投票邮件
+4. 投票通过后,发 Result 邮件
+5. 发邮件到 gene...@incubator.apache.org 进行投票
+6. 发 Result 邮件到 gene...@incubator.apache.org
+7. 上传签名的软件包到 Apache SVN 的 release 目录,并生成相关链接
+8. 准备 release note 并发 Announce 邮件到 gene...@incubator.apache.org
+9. 在 Doris 官网和 github 发布下载链接
+
+Release manager 在发布前需要先生成自己的签名公钥,并上传到公钥服务器,之后就可以用这个公钥对准备发布的软件包进行签名。
+
+## 1. 准备发布
+
+### 1.1 在社区发起 DISCUSS
+
+如果觉得已经修复了很多bug,开发了比较重要的 feature,任何 IPMC 成员都可以发起 DISCUSS 讨论发布新版本。
+可以发起一个标题为 [DISCUSS] x.y.z release 的邮件,在社区内部进行讨论,说明已经修复了哪些bug,开发了哪些 features。
+如果 DISCUSS 邮件得到大家支持就可以进行下一步。
+
+### 1.2 准备分支和打 tag
+
+发布前需要先新建一个分支,然后在新建分支上打 tag。
+
+例如:
+
+```
+$ git checkout -b branch-0.9
+$ git tag -a 0.9.0-rc01 -m "0.9.0 release candidate 01"
+
+$ git push origin --tags
+Counting objects: 1, done.
+Writing objects: 100% (1/1), 165 bytes | 0 bytes/s, done.
+Total 1 (delta 0), reused 0 (delta 0)
+To g...@github.com:apache/incubator-doris.git
+ * [new tag] 0.9.0-rc01 -> 0.9.0-rc01
+
+$ git tag
+```
+
+
+## 2. 签名软件 GnuPG 的安装配置
+### 2.1 GnuPG
+
+1991年,程序员Phil
Zimmermann为了避开政府监视,开发了加密软件PGP。这个软件非常好用,迅速流传开来,成了许多程序员的必备工具。但是,它是商业软件,不能自由使用。所以,自由软件基金会决定,开发一个PGP的替代品,取名为GnuPG。这就是GPG的由来。
+
+### 2.2 安装配置
+
+CentOS 安装命令:
+
+```
+yum install gnupg
+```
+安装完成后,默认配置文件 gpg.conf 会放在 home 目录下。
+
+编辑gpg.conf, 修改或者增加 keyserver 配置:
+
+```
+keyserver hkp://keys.gnupg.net
+```
+
+Apache 签名推荐 SHA512, 可以通过配置 gpg 完成。
+编辑gpg.conf, 增加下面的三行:
+
+```
+personal-digest-preferences SHA512
+cert-digest-algo SHA512
+default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5
ZLIB BZIP2 ZIP Uncompressed
+```
+
+## 3. 生成新的签名
+
+### 3.1 准备签名
+
+推荐的生成新签名的设置:
+
+这里必须通过 SecureCRT 等终端直接登录用户账户,不能通过 su - user 或者 ssh 转,否则密码输入 box 会显示不出来而报错。
+
+先看下 gpg 的 version 以及是否支持 SHA512.
+
+```
+$ gpg --version
+gpg (GnuPG) 2.0.22
+libgcrypt 1.5.3
+Copyright (C) 2013 Free Software Foundation, Inc.
+License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
+This is free software: you are free to change and redistribute it.
+There is NO WARRANTY, to the extent permitted by law.
+
+Home: ~/.gnupg
+Supported algorithms:
+Pubkey: RSA, ?, ?, ELG, DSA
+Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
+ CAMELLIA128, CAMELLIA192, CAMELLIA256
+Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
+Compression: Uncompressed, ZIP, ZLIB, BZIP2
+```
+
+### 3.2 生成新的签名
+
+```
+$ gpg --gen-key
+gpg (GnuPG) 2.0.22; Copyright (C) 2013 Free Software Foundation, Inc.
+This is free software: you are free to change and redistribute it.
+There is NO WARRANTY, to the extent permitted by law.
+
+Please select what kind of key you want:
+ (1) RSA and RSA (default)
+ (2) DSA and Elgamal
+ (3) DSA (sign only)
+ (4) RSA (sign only)
+Your selection? 1
+RSA keys may be between 1024 and 4096 bits long.
+What keysize do you want? (2048) 4096
+Requested keysize is 4096 bits
+Please specify how long the key should be valid.
+ 0 = key does not expire
+ <n> = key expires in n days
+ <n>w = key expires in n weeks
+ <n>m = key expires in n months
+ <n>y = key expires in n years
+Key is valid for? (0)
+Key does not expire at all
+Is this correct? (y/N) y
+
+GnuPG needs to construct a user ID to identify your key.
+
+Real name: xxx
+Name must be at least 5 characters long
+Real name: xxx-yyy
+Email address: x...@apache.org
+Comment: reed's key
+You selected this USER-ID:
+ "xxx-yyy (xxx's key) <x...@apache.org>"
+
+Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
+```
+
+### 3.3 查看和输出
+
+第一行显示公钥文件名(pubring.gpg),第二行显示公钥特征(4096位,Hash字符串和生成时间),第三行显示"用户ID",第四行显示私钥特征。
+
+```
+$ gpg --list-keys
+/home/lide/.gnupg/pubring.gpg
+-----------------------------
+pub 4096R/33DBF2E0 2018-12-06
+uid xxx-yyy (xxx's key) <x...@apache.org>
+sub 4096R/0E8182E6 2018-12-06
+```
+
+其中 xxx-yyy 就是用户ID。
+
+gpg --armor --output public-key.txt --export [用户ID]
+
+```
+$ gpg --armor --output public-key.txt --export xxx-yyy
+$ cat public-key.txt
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v2.0.22 (GNU/Linux)
+
+mQINBFwJEQ0BEACwqLluHfjBqD/RWZ4uoYxNYHlIzZvbvxAlwS2mn53BirLIU/G3
+9opMWNplvmK+3+gNlRlFpiZ7EvHsF/YJOAP59HmI2Z...
+```
+
+## 4. 上传签名公钥
+公钥服务器是网络上专门储存用户公钥的服务器。send-keys 参数可以将公钥上传到服务器。
+
+gpg --send-keys [用户ID]
+
+也可以通过下面的网址上传上述 public-key.txt 的内容:
+
+```
+http://keys.gnupg.net
+```
+
+上传成功之后,可以通过查询这个网站,输入 0x33DBF2E0 查询:
+
+http://keys.gnupg.net/pks/lookup?search=0x33DBF2E0&fingerprint=on&op=index
+
+也可以通过下面的命令上传:
+```
+$ gpg --send-keys xxx-yyy
+gpg: sending key 0x33DBF2E0 to hkp server keys.gnupg.net
+```
+
+## 5. 生成 fingerprint 并上传到 apache 用户信息中
+由于公钥服务器没有检查机制,任何人都可以用你的名义上传公钥,所以没有办法保证服务器上的公钥的可靠性。通常,你可以在网站上公布一个公钥指纹,让其他人核对下载到的公钥是否为真。
+
+fingerprint参数生成公钥指纹:
+
+```
+gpg --fingerprint [用户ID]
+```
+
+```
+$ gpg --fingerprint xxx-yyy
+pub 4096R/33DBF2E0 2018-12-06
+ Key fingerprint = 07AA E690 B01D 1A4B 469B 0BEF 5E29 CE39 33DB F2E0
+uid xxx-yyy (xxx's key) <x...@apache.org>
+sub 4096R/0E8182E6 2018-12-06
+```
+
+将上面的 fingerprint 粘贴到自己的用户信息中:
+
+https://id.apache.org
+OpenPGP Public Key Primary Fingerprint:
+
+## 6. 生成 keys
+
+新建一个名为 KEYS 的文件,写入如下内容:
+
+```
+This file contains the PGP keys of various developers.
+
+Users: pgp < KEYS
+or
+ gpg --import KEYS
+
+Developers:
+ pgp -kxa <your name> and append it to this file.
+or
+ (pgpk -ll <your name> && pgpk -xa <your name>) >> this file.
+or
+ (gpg --list-sigs <your name>
+ && gpg --armor --export <your name>) >> this file.
+```
+
+然后生成将 签名信息追加写入:
+
+```
+gpg --list-sigs xxx-yyy >> KEYS
+```
+
+最后,将 public key 追加导入:
+
+```
+gpg --armor --export xxx-yyy >> KEYS
+```
+
+通过 svn,用自己的 apache 用户密码,将 KEYS 上传到下面目录:
+
+https://dist.apache.org/repos/dist/dev/incubator/doris/
+
+```
+$ svn add KEYS
+A KEYS
+
+$ svn commit -m "Add KEYS"
+Adding KEYS
+Transmitting file data .
+Committed revision 31425.
+```
+
+## 7. 打包签名
+
+```
+$ git tag -a 0.9.0-rc01 -m "0.9.0 release candidate 01"
+
+$ git push origin --tags
+Counting objects: 1, done.
+Writing objects: 100% (1/1), 165 bytes | 0 bytes/s, done.
+Total 1 (delta 0), reused 0 (delta 0)
+To g...@github.com:apache/incubator-doris.git
+ * [new tag] 0.9.0-rc01 -> 0.9.0-rc01
+
+$ git tag
+
+$ git archive --format=tar 0.9.0 --prefix=apache-doris-0.9.0-incubating-src/ |
gzip > apache-doris-0.9.0-incubating-src.tar.gz
+
+$ gpg -u x...@apache.org --armor --output
apache-doris-0.9.0-incubating-src.tar.gz.asc --detach-sign
apache-doris-0.9.0-incubating-src.tar.gz
+
+$ gpg --verify apache-doris-0.9.0-incubating-src.tar.gz.asc
apache-doris-0.9.0-incubating-src.tar.gz
+
+$ sha512sum apache-doris-0.9.0-incubating-src.tar.gz >
apache-doris-0.9.0-incubating-src.tar.gz.sha512
+
+$ sha512sum --check apache-doris-0.9.0-incubating-src.tar.gz.sha512
+```
+
+## 8. 上传签名的软件包到 DEV
+
+
+```
+svn add 0.9.0-incubating/
+svn commit -m "Add doris folder"
+
+```
+
+https://dist.apache.org/repos/dist/dev/incubator/doris/
+
+```
+$ svn commit -m "Release Apache Doris (incubating) 0.9.0"
+Adding 0.9.0-incubating
+Adding (bin) 0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz
+Adding (bin) 0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz.asc
+Adding 0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz.sha512
+Adding KEYS
+Transmitting file data ....
+Committed revision 32506.
+```
+
+## 9. 发社区投票邮件
+
+[VOTE] Release Apache Doris 0.9.0-incubating-rc02
+
+
+```
+Hi all,
+
+Please review and vote on Apache Doris 0.9.0-incubating-rc02 release.
+
+The release candidate has been tagged in GitHub as 0.9.0-rc02, available
+here:
+https://github.com/apache/incubator-doris/releases/tag/0.9.0-rc02
+
+There is no CHANGE LOG file because this is the first release of Apache
+Doris.
+Thanks to everyone who has contributed to this release, and there is a
+simple release notes can be found here:
+https://github.com/apache/incubator-doris/issues/406
+
+The artifacts (source, signature and checksum) corresponding to this release
+candidate can be found here:
+https://dist.apache.org/repos/dist/dev/incubator/doris/0.9.0-incubating-rc02
+/
+
+This has been signed with PGP key 33DBF2E0, corresponding to
+l...@apache.org.
+KEYS file is available here:
+https://dist.apache.org/repos/dist/dev/incubator/doris/KEYS
+It is also listed here:
+https://people.apache.org/keys/committer/lide.asc
+
+To verify and build, you can refer to following wiki:
+https://github.com/apache/incubator-doris/wiki/How-to-verify-Apache-Release
+https://wiki.apache.org/incubator/IncubatorReleaseChecklist
+
+The vote will be open for at least 72 hours.
+[ ] +1 Approve the release
+[ ] +0 No opinion
+[ ] -1 Do not release this package because ...
+
+Best Regards,
+Reed
+```
+
+## 10. 投票通过后,发 Result 邮件
+
+[Result][VOTE] Release Apache Doris 0.9.0-incubating-rc02
+
+```
+Thanks to everyone, and this vote is now closed.
+
+It has passed with 4 +1 (binding) votes and no 0 or -1 votes.
+
+Binding:
++1 Zhao Chun
++1 Reed
++1 Li Chaoyong
++1 Mingyu Chen
+
+Best Regards,
+Reed
+
+```
+
+## 11. 发邮件到 gene...@incubator.apache.org 进行投票
+
+[VOTE] Release Apache Doris 0.9.0-incubating-rc02
+
+```
+Hi all,
+
+Please review and vote on Apache Doris 0.9.0-incubating-rc02 release.
+
+Apache Doris is an MPP-based interactive SQL data warehousing for reporting
and analysis.
+
+The Apache Doris community has voted on and approved this release:
+https://lists.apache.org/thread.html/d70f7c8a8ae448bf6680a15914646005c6483564464cfa15f4ddc2fc@%3Cdev.doris.apache.org%3E
+
+The vote result email thread:
+https://lists.apache.org/thread.html/64d229f0ba15d66adc83306bc8d7b7ccd5910ecb7e842718ce6a61da@%3Cdev.doris.apache.org%3E
+
+The release candidate has been tagged in GitHub as 0.9.0-rc02, available here:
+https://github.com/apache/incubator-doris/releases/tag/0.9.0-rc02
+
+There is no CHANGE LOG file because this is the first release of Apache Doris.
+Thanks to everyone who has contributed to this release, and there is a simple
release notes can be found here:
+https://github.com/apache/incubator-doris/issues/406
+
+The artifacts (source, signature and checksum) corresponding to this release
candidate can be found here:
+https://dist.apache.org/repos/dist/dev/incubator/doris/0.9.0-incubating-rc02/
+
+This has been signed with PGP key 33DBF2E0, corresponding to l...@apache.org.
+KEYS file is available here:
+https://dist.apache.org/repos/dist/dev/incubator/doris/KEYS
+It is also listed here:
+https://people.apache.org/keys/committer/lide.asc
+
+The vote will be open for at least 72 hours.
+[ ] +1 Approve the release
+[ ] +0 No opinion
+[ ] -1 Do not release this package because ...
+
+To verify and build, you can refer to following instruction:
+
+Firstly, you must be install and start docker service, and then you could
build Doris as following steps:
+
+Step1: Pull the docker image with Doris building environment
+$ docker pull apachedoris/doris-dev:build-env
+You can check it by listing images, its size is about 3.28GB.
+
+Step2: Run the Docker image
+You can run image directyly:
+$ docker run -it apachedoris/doris-dev:build-env
+
+Step3: Download Doris source
+Now you should in docker environment, and you can download Doris source
package.
+(If you have downloaded source and it is not in image, you can map its path to
image in Step2.)
+$ wget
https://dist.apache.org/repos/dist/dev/incubator/doris/0.9.0-incubating-rc02/apache-doris-0.9.0.rc02-incubating-src.tar.gz
+
+Step4: Build Doris
+Now you can decompress and enter Doris source path and build Doris.
+$ tar zxvf apache-doris-0.9.0.rc02-incubating-src.tar.gz
+$ cd apache-doris-0.9.0.rc02-incubating-src
+$ sh build.sh
+
+Best Regards,
+Reed
+```
+
+## 12. 发 Result 邮件到 gene...@incubator.apache.org
+
+[RESULT][VOTE] Release Apache Doris 0.9.0-incubating-rc02
+
+
+```
+Hi,
+
+Thanks to everyone, and the vote for releasing Apache Doris
0.9.0-incubating-rc02 is now closed.
+
+It has passed with 4 +1 (binding) votes and no 0 or -1 votes.
+
+Binding:
++1 Willem Jiang
++1 Justin Mclean
++1 ShaoFeng Shi
++1 Makoto Yui
+
+The vote thread:
+https://lists.apache.org/thread.html/da05fdd8d84e35de527f27200b5690d7811a1e97d419d1ea66562130@%3Cgeneral.incubator.apache.org%3E
+
+Best Regards,
+Reed
+```
+
+## 13. 上传 package 到 release
+
+当正式发布投票成功后,先发[Result]邮件,然后就准备 release package。
+将之前在dev下发布的对应rc文件夹下的源码包、签名文件和hash文件拷贝到另一个目录 0.9.0-incubating,注意文件名字中不要rcxx
(可以rename,但不要重新计算签名,hash可以重新计算,结果不会变)
+
+第一次发布的话 KEYS 文件也需要拷贝过来。然后add到svn release 下。
+
+```
+
+https://dist.apache.org/repos/dist/release/incubator/doris/0.9.0-incubating/
+
+最终能在 apache 官网看到:
+http://www.apache.org/dist/incubator/doris/0.9.0-incubating/
+
+```
+
+
+## 14. 发 Announce 邮件到 gene...@incubator.apache.org
+
+Title:
+
+```
+[ANNOUNCE] Apache Doris (incubating) 0.9.0 Release
+```
+
+发送邮件组:
+
+```
+gene...@incubator.apache.org <gene...@incubator.apache.org>
+d...@doris.apache.org <d...@doris.apache.org>
+```
+
+邮件正文:
+
+```
+Hi All,
+
+We are pleased to announce the release of Apache Doris 0.9.0-incubating.
+
+Apache Doris (incubating) is an MPP-based interactive SQL data warehousing for
reporting and analysis.
+
+The release is available at:
+http://doris.apache.org/downloads.html
+
+Thanks to everyone who has contributed to this release, and the release note
can be found here:
+https://github.com/apache/incubator-doris/releases
+
+Best Regards,
+
+On behalf of the Doris team,
+Reed
+```
+
+## 15. 在 Doris 官网和 github 发布链接
+
+### 15.1 创建下载链接
+
+下载链接:
+http://www.apache.org/dyn/closer.cgi?filename=incubator/doris/0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz&action=download
+
+wget --trust-server-names
"https://www.apache.org/dyn/mirrors/mirrors.cgi?action=download&filename=incubator/doris/0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz";
+
+原始位置:
+https://www.apache.org/dist/incubator/doris/0.9.0-incubating/
+
+http://www.apache.org/dyn/closer.cgi/incubator/doris/0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz
+
+源码包(source package):
+http://www.apache.org/dyn/closer.cgi/incubator/doris/0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz
+
+ASC:
+http://archive.apache.org/dist/incubator/doris/0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz.asc
+
+sha512:
+http://archive.apache.org/dist/incubator/doris/0.9.0-incubating/apache-doris-0.9.0-incubating-src.tar.gz.sha512
+
+KEYS:
+http://archive.apache.org/dist/incubator/doris/KEYS
+
+refer to: <http://www.apache.org/dev/release-download-pages#closer>
+
+### 15.2 准备 release note
+
+需要修改如下两个地方:
+
+1、Github 的 release 页面
+
+```
+https://github.com/apache/incubator-doris/releases/tag/0.9.0-rc02
+```
+
+2、Doris 官网下载页面
+
+```
+http://doris.apache.org/downloads.html
+```
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@doris.apache.org
For additional commands, e-mail: commits-h...@doris.apache.org
