commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pste...@apache.org
Subject svn commit: r358917 - /jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml
Date Sat, 24 Dec 2005 04:43:37 GMT
Author: psteitz
Date: Fri Dec 23 20:43:35 2005
New Revision: 358917

URL: http://svn.apache.org/viewcvs?rev=358917&view=rev
Log:
Some small updates:
* Added -b to md5sum example
* Changed link from Jakarta ReleaseSigning wiki page to apache FAQ
* Added more info on deploying release jar
* Noted that Jakarta site build requires JDK 1.5
* Eliminated reference to obsolete README in jakarta site directory.
* Eliminated reference to asfrepository wiki page
* Reduced indent on some example text (prevent horizontal scroll)

 

Modified:
    jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml

Modified: jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml
URL: http://svn.apache.org/viewcvs/jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml?rev=358917&r1=358916&r2=358917&view=diff
==============================================================================
--- jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml (original)
+++ jakarta/commons/proper/commons-build/trunk/xdocs/releases/release.xml Fri Dec 23 20:43:35
2005
@@ -110,7 +110,7 @@
     <p>
     For example md5sum (on Linux):
     <pre>
-    $ md5sum commons-foo-1.2-src.tar.gz > commons-foo-1.2-src.tar.gz.md5
+    $ md5sum -b commons-foo-1.2-src.tar.gz > commons-foo-1.2-src.tar.gz.md5
     </pre>
     </p>
     <p>
@@ -140,26 +140,26 @@
     <a href='http://www.gnupg.org'>Gnu Privacy Guard</a> on linux:
     </p>
     <p>
-    General instructions about signing releases can be found 
-    <a href="http://wiki.apache.org/jakarta-commons/SigningReleases">here</a>.
+    See the <a href="http://www.apache.org/dev/release-signing.html#faq">Apache Release
Signing FAQ</a>
+    for more information on release signing.
     </p>
     <p>
     Example:
     <pre>
-    $ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig commons-foo-1.2-src.tar.gz
   
-    You need a passphrase to unlock the secret key for
-    user: "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
-    1024-bit DSA key, ID B1313DE2, created 2003-01-15
+$ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig commons-foo-1.2-src.tar.gz
   
+You need a passphrase to unlock the secret key for
+user: "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
+1024-bit DSA key, ID B1313DE2, created 2003-01-15
     </pre>
     </p>
     <p>
     Signatures for all varieties of release need to be create. The signature files should
be 
     named after the original with <code>.asc</code> suffixed.
     <pre>
-    $ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig commons-foo-1.2-src.tar.gz

-    $ gpg --armor --output commons-foo-1.2-src.zip.asc --detach-sig commons-foo-1.2-src.zip
-    $ gpg --armor --output commons-foo-1.2.zip.asc --detach-sig commons-foo-1.2.zip
-    $ gpg --armor --output commons-foo-1.2.tar.gz.asc --detach-sig commons-foo-1.2.tar.gz
+$ gpg --armor --output commons-foo-1.2-src.tar.gz.asc --detach-sig commons-foo-1.2-src.tar.gz

+$ gpg --armor --output commons-foo-1.2-src.zip.asc --detach-sig commons-foo-1.2-src.zip
+$ gpg --armor --output commons-foo-1.2.zip.asc --detach-sig commons-foo-1.2.zip
+$ gpg --armor --output commons-foo-1.2.tar.gz.asc --detach-sig commons-foo-1.2.tar.gz
     </pre>
     </p>
     <p>
@@ -176,22 +176,22 @@
   <subsection name='4 Verify the Releases'>
     <ul>
     <li>
-      <strong>Verify signatures</strong><br/>.
+      <strong>Verify signatures</strong><br/>
       Use another user to verify the signatures. (The user must have your code-signing 
       public key loaded into their key ring.) Here's an example using GnuPG:
       <pre>
-      % gpg --verify commons-foo-1.2.tar.gz.asc commons-foo-1.2.tar.gz
-      gpg: Signature made 03/01/03 19:34:31 GMT using DSA key ID B1313DE2
-      gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
-      % gpg --verify commons-foo-1.2.zip.asc commons-foo-1.2.zip
-      gpg: Signature made 03/01/03 19:34:05 GMT using DSA key ID B1313DE2
-      gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
-      % gpg --verify commons-foo-1.2-src.zip.asc commons-foo-1.2-src.zip
-      gpg: Signature made 03/01/03 19:33:42 GMT using DSA key ID B1313DE2
-      gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
-      % gpg --verify commons-foo-1.2-src.tar.gz.asc commons-foo-1.2-src.tar.gz
-      gpg: Signature made 03/01/03 19:32:56 GMT using DSA key ID B1313DE2
-      gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
+% gpg --verify commons-foo-1.2.tar.gz.asc commons-foo-1.2.tar.gz
+gpg: Signature made 03/01/03 19:34:31 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
+% gpg --verify commons-foo-1.2.zip.asc commons-foo-1.2.zip
+gpg: Signature made 03/01/03 19:34:05 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
+% gpg --verify commons-foo-1.2-src.zip.asc commons-foo-1.2-src.zip
+gpg: Signature made 03/01/03 19:33:42 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
+% gpg --verify commons-foo-1.2-src.tar.gz.asc commons-foo-1.2-src.tar.gz
+gpg: Signature made 03/01/03 19:32:56 GMT using DSA key ID B1313DE2
+gpg: Good signature from "Robert Burrell Donkin (CODE SIGNING KEY) &lt;rdonkin@apache.org&gt;"
       </pre>
     </li>
     <li>
@@ -356,13 +356,7 @@
   <subsection name='8 Deploy jar, project.xml and license.html to Java-Repository'>
     <p>
     The ASF Java Respository is the home for distributions in jar format.
-    The details of this repository are evolving constantly so please check
-    the <a href='http://wiki.apache.org/asfrepository'>current repository documentation</a>
-    before uploading. If you discover that the instructions below are now outdated,
-    please patch them :) 
-    </p>
-    <p>
-    Your jar file(s) should also be placed in 
+    Your jar file(s) should be placed in 
     <code>/www/www.apache.org/dist/java-repository/commons-foo/jars</code> on
     people.apache.org. The jars placed here will be rsynched (after some delay)
     to the public distribution repository on www.apache.org, as well as to the
@@ -371,7 +365,7 @@
     as the file <code>commons-foo-1.2.pom</code>. 
     Ensure the version number matches the one inside the <code>project.xml</code>.
     </p>
-    <p><strong>N.B.</strong> Remember to sign files placed in the  ASF
Java
+    <p><strong>N.B.</strong> Remember to sign files placed in the ASF Java
        Respository.
     </p>
     <p>
@@ -394,7 +388,17 @@
     deployment using scp. A how-to showing how to get an apache ssh key set up
     can be found  
     <a href="http://forrest.apache.org/community/howto/cvs-ssh/howto-cvs-ssh.html">
-    here</a>
+    here.</a>  Given this setup, 
+    <pre>
+      maven -Dmaven.repo.list=apache.releases -Duser.name=your-apache-id jar:deploy
+    </pre>
+    will deploy the jar to the Apache Maven repository (with your user name
+    as the value of the Built-By attribute in the manifest). Note that the
+    maven jar plugin does not (yet) create or publish signatures, so if you use
+    maven to deploy the jar, you need to manually sign it and copy the signature
+    file separately to /www/www.apache.org/dist/java-repository/commons-foo/jars.
+    Make sure that the signature file has correct permissions and group
+    ownership (matching the jar) after you copy it. 
     </p>
   </subsection>
 
@@ -493,6 +497,7 @@
     <p>
     Check out the subversion directory http://svn.apache.org/repos/asf/jakarta/site/, make
     the changes described below, then in the site directory run "ant" to build HTML files.
+    In order for the site build to work correctly, you need to run Ant under a 1.5 JDK.
     Once you have checked the generated HTML files are correct, commit the changes to both

     the xml and HTML files, then log onto people.apache.org and in directory 
     /www/jakarta.apache.org run the command "svn update index.html site" to update the jakarta
@@ -500,13 +505,9 @@
     few hours until those changes are transferred to the actual webserver host machine.
     </p>
     <p>
-    Note that in order to commit changes to the site directory you must be in subversion
+    In order to commit changes to the site directory you must be in subversion
     group "jakarta-site". If you are not in this group, then just ask on
     the pmc@jakarta.apache.org mailing list - all Jakarta committers can get access on request.
-    </p>
-    <p>
-    See the README.txt file in the subversion site directory for more information on how
to
-    update and deploy the jakarta website.
     </p>
     <ul>
     <li>



---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message