This is written primarily for Apache Tomcat release managers although it may also be of interest to anyone looking to validate and/or replicate the release process. This page uses Tomcat 9 as an example but the same process applies to later versions as well.
The above can be accomplished on a Windows 10 Virtual Machine from Microsoft's Edge Development resources. Download + unpack the archive for your VM software and launch the VM. Login, open a PowerShell.exe window as Administrator, and installed Chocolatey:
PS C:\Users\IEUser> Set-ExecutionPolicy Bypass -Scope Process -Force; [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.ServicePointManager]::SecurityProtocol -bor 3072; iex ((New-Object System.Net.WebClient).DownloadString('https://chocolatey.org/install.ps1'))
Once Chocolatey is installed, you can install all the above prerequisites at once:
PS C:\Users\ISUser> choco install git svn adoptopenjdk11 ant gnupg sed xsltproc
This command will run for a while, and ask you repeatedly if it's okay to run "chocolateyInstall.ps1", which you will have to do to proceed. Once the above command has completed, you have all the software prerequisites installed and on your PATH. Well, once you quit PowerShell and launch a new CMD.EXE or PowerShell window, of course
brew install --no-quarantine wine-stable
(ref)/usr/sbin/softwareupdate --install-rosetta --agree-to-license
(ref) to be able to run the NSIS installer-generator.Install homebrew if you haven't already.
Install wine-crossover from https://github.com/Gcenx/homebrew-wine
Configure a 32-bit wine environment using:
WINEARCH=win32 WINEPREFIX=~/.wine32 winecfg
Then before you start the release ensure the following environment variables are set:
export WINEARCH=win32
export WINEPREFIX=~/.wine32
KEYS
file differs from
https://dist.apache.org/repos/dist/release/tomcat/tomcat-9/KEYS
one. The latter one will be replaced after you do a release. Check that the KEYS
file contains your public key.execute.validate=true execute.test.bio=true execute.test.nio=true execute.test.apr=true test.haltonfailure=true gpg.exec=C:/Program Files (x86)/GNU/GnuPG/gpg2.exe #gpg.exec=/usr/bin/gpg base.path=C:/temp/libs #base.path=~/tomcat-libs # Enable the following if the DigiCert ONE magic is all set up, including ~/.digicertone/pkcs11properties.cfg codesigning.storepass=apikey|keystorepath|keystorepassword do.codesigning=true |
The aim is to create a copy of the current trunk but without the "-dev" appended to the end of the version number. All artifacts required for repeatable builds will be included as well.
git clone https://github.com/apache/tomcat /c/releases/asf-tomcat
or git clone -b 9.0.x git clone https://github.com/apache/tomcat /c/releases/asf-tomcat
cd /c/releases/asf-tomcat
git checkout 9.0.x
git pull
ant pre-release
may save you the following step, plus steps 2-3 in the Maven release process.)Edit "build.properties.default" and change the lines after "# ----- Reproducible builds -----" to a new value. (NOTE: this is done by 'ant pre-release')
ant.tstamp.now
property is in seconds (unlike the value returned by System.currentTimeMillis()
method which is milliseconds, see bug 65527 for how this happened for Tomcat 8.5.70).date +%s
date -u '+%s %Y-%m-%d %H:%M:%S %Z'
Edit "build.properties.default" and change the line version.dev=-dev to version.dev= (NOTE: this is done by 'ant pre-release')
sed -i.bak "s/^version.dev=.*/version.dev=/" build.properties.default
ant release
git add --all (to pick-up the repeatable build artifacts in addition to the content-changes from above)
git commit --all --message "Tag 9.0.94"
git tag 9.0.94
git push origin 9.0.94
Notes:
c:/temp/libs
was empty so that the build had to download all the dependenciesdo.codesigning=true
in build.properties).codesigning.storepass
property) set properly.Upload the contents of TOMCAT_9_0_XX/output/release
to https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/
svn checkout https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9
See https://github.com/apache/tomcat/blob/9.0.x/res/maven/README.txt steps 1 to 3 for the release (not step 4 until the vote passes !)
git reset HEAD~ && git checkout build.properties.default && git checkout webapps/docs/changelog.xml && rm -f build.properties.release res/maven/mvn.properties.release res/install-win/Uninstall.exe.sig res/install-win/tomcat-installer.exe.sig)
I found it simplest to keep this clone for tagging to ensure no other edits found their way into the tag.
To get a clean copy of the release (e.g. for testing):
I'm using Git Bash for the above. Adjust as necessary for you choice of tools.
svn mv https://dist.apache.org/repos/dist/dev/tomcat/tomcat-9/v9.0.XX https://dist.apache.org/repos/dist/release/tomcat/tomcat-9/v9.0.XX |
svn checkout --depth immediates https://dist.apache.org/repos/dist/release/tomcat/tomcat-9/ |
and update the KEYS
file there to be the same as the one used for release. (The download page has links pointing to this file).
xdocs
/ files, then use ant docs
to generate the HTML.Update the javadocs (see https://svn.apache.org/repos/asf/tomcat/site/trunk/README.txt)