Stage the Distribution Binaries

/!\ TODO: Fix paths

The distribution binaries should be copied from <PATH> to /www/ After copying the builds, make sure you can view them in the staging distribution site

Signing the distribution binaries

Prerequisite: If you have never signed distribution binaries before, generate and add your key to the KEYS file (instructions are at the top of the file). I have found GnuPG to be easy to use.

/!\ TODO: the location of the assemblies need to be updated to the correct location

1. cd into the <PATH> directory. Here's what it looks like:

esm@clue:~pluto-1.1.5/target/assembly/out$ ls
pluto-1.1.5-bin.tar.gz     pluto-1.1.5-container-bin.tar.bz2        pluto-1.1.5-container-bin.tar.gz

2. Sign the files using gpg. I use this simple one liner:

$ for file in * ; do gpg -a -b $file ; done

3. If you do this correctly you should have a *.asc file for each distribution file. The *.asc file contains the digital signature.

esm@clue:~/pluto-1.1.5/target/assembly/out$ ls
pluto-1.1.5-bin.tar.gz          pluto-1.1.5-container-bin.tar.bz2
pluto-1.1.5-bin.tar.gz.asc      pluto-1.1.5-container-bin.tar.bz2.asc             pluto-1.1.5-container-bin.tar.gz         pluto-1.1.5-container-bin.tar.gz.asc

4. We seem to also be adding md5 sums as well as digital signatures. You can use md5sum <filename> or openssl md5 <filename> to do this. has gpg and openssl:

for file in *[!.asc] ; do echo `openssl md5 $file` > $file.md5 ; done

Now for each distribution file we have a digital signature (in *.asc) and a MD5 checksum (in *.md5).

5. (!) Mind your UNIX permissions! This cannot be stressed enough. Whenever you are uploading content to people, you must be sure to double-check the permissions of the files you have created/moved/updated. They need to be 664 or 775: other committers (which are members of your unix group) need to be able to update, remove, or overwrite those files in the future, especially the staging builds, maven 2 metadata, and the website. NOTHING kills a release like finding out the permissions are incorrect.