Log4PHP Releaseplan

A. Infrastructure Setup (one time)

A.1 Get Familiar with Maven

Reading the Maven documentation is a good start - Releasing A Maven Project.

A.2 Signature Keys

You need to sign the released artifact using your PGP key which implies

See also:

B. Create the tag

Note: it's not good to provide a password directly but at the moment I didn't found another way. Any comments to improve this, please let us know on the mailinglist.

C. Create the binaries

D. Create checksums

You need to sign your binaries. On a Mac, you can do this with:

On Linux you can use md5sum:

E. Sign your binaries

Sign your binaries. You can do this with gpg, which is available for both systems, mac and linux. The key for signing needs to be placed in: https://svn.apache.org/repos/asf/incubator/log4php/meta/KEYS

F. Upload to staging server

Upload the following to the appropriate directories on people.apache.org. Make sure, the folder has the correct release candidate number. If a vote fails and the package needs to be recreated, the RC number increases

The files should be accessible like:

Please follow these steps:

More information:

G. Vote

H. Releasing

Locations (according to: http://incubator.apache.org/guides/releasemanagement.html )

Send announcement to user, dev and incubator list and to the blog. Party on! :-)

Verify releases

See also: http://commons.apache.org/releases/release.html


Use another user to verify the signatures. (The user must have your code-signing public key loaded into their key ring.) Here's an example using GnuPG:

% gpg --verify log4php-2.0.0-incubating.tar.gz.asc log4php-2.0.0-incubating.tar.gz gpg: Signature made 03/01/03 19:34:31 GMT using DSA key ID B1313DE2 gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) <rdonkin@apache.org>"

Check Sums

Verify md5 check sums. If you can, use another application to double check the sums. Here verifications are performed using openssl.

% openssl md5 < log4php-2.0.0-incubating.tar.gz a76169177e7a9b58118bcd993aff4a5e % cat log4php-2.0.0-incubating.tar.gz.md5 a76169177e7a9b58118bcd993aff4a5e

Checklist for binaries

Log4PHP/Log4PHPReleasePlan (last edited 2009-11-23 05:36:05 by p549BED81)