    Geronimo 2.1.7 Release Process
    Page edited by             Rex Wang

                         Changes (8)

            ...

            h3. 2. Use Maven 2.2.1 

            edit its settings.xml to setup apache release and snapshot repo passphass 

            * Enable Apache Servers (refer: [http://maven.apache.org/developers/committer-settings.html]) 

            {code:xml} 
<settings> 
... 
  <servers> 
    <!-- To publish a snapshot of some part of Maven --> 
    <server> 
      <id>apache.snapshots.https</id> 
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username> 
      <password> <!-- YOUR APACHE LDAP PASSWORD --> </password> 
    </server> 
    <!-- To publish a website of some part of Maven --> 
    <server> 
      <id>apache.website</id> 
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username> 
      <filePermissions>664</filePermissions> 
      <directoryPermissions>775</directoryPermissions> 
    </server> 
    <!-- To stage a release of some part of Maven --> 
    <server> 
      <id>apache.releases.https</id> 
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username> 
      <password> <!-- YOUR APACHE LDAP PASSWORD --> </password> 
    </server> 
    <!-- To stage a website of some part of Maven --> 
    <server> 
      <id>stagingSite</id> <!-- must match hard-coded repository identifier in site:stage-deploy --> 
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username> 
      <filePermissions>664</filePermissions> 
      <directoryPermissions>775</directoryPermissions> 
    </server> 
    ... 
  </servers> 
</settings> 
{code} 

            reference: 
It is highly recommended to use Maven's password encryption capabilities for your passwords. 
http://maven.apache.org/guides/mini/guide-encryption.html 

            h3. 3. Setup PGP Keys (for the ones who be the release manager the first time) 

            * Download gnupg2 
* Generate your PGP Key (refer: [http://www.apache.org/dev/openpgp.html]) so that maven-release-plugin can sign your built artifacts when do release:perform 
** How To Avoid SHA-1 
** How To Generate a Strong Key 
* Update Maven's settings.xml with following: 
{code:xml} 
<settings> 
  ... 
  <profiles> 
    <profile> 
      <id>apache-release</id> 
      <properties> 
        <gpg.passphrase> <!-- YOUR KEY PASSPHRASE --> </gpg.passphrase> 
      </properties> 
    </profile> 
  </profiles> 
  ... 
</settings> 
{code} 
reference: 
[http://maven.apache.org/developers/release/apache-release.html] 
[http://maven.apache.org/developers/release/pmc-gpg-keys.html] 

            generate the keys so that release-plugin can sign your built artifacts when do release:perform 

            * Meanwhile, append your public key to https://svn.apache.org/repos/asf/geronimo/KEYS and people.apache.org:/www/www.apache.org/dist/geronimo/KEYS so that user can verify the artifacts you released. 

            meanwhile, append your key to \[https://svn.apache.org/repos/asf/geronimo/KEYS\] and people.apache.org:/www/www.apache.org/dist/geronimo/KEYS 

                            Full Content

        Prerequisite

ref Geronimo 2.1.5 Release Tips

1. Use Genesis 2.0 as a parent pom

<parent>
  <groupId>org.apache.geronimo.genesis</groupId>
  <artifactId>genesis-java5-flava</artifactId>
  <version>2.0</version>
</parent>

	genesis-java5-flava-2.0.pom

		genesis-default-flava-2.0.pom

			genesis-2.0.pom

				apache-6.pom

2. Use Maven 2.2.1

	Enable Apache Servers (refer: http://maven.apache.org/developers/committer-settings.html)

<settings>
...
  <servers>
    <!-- To publish a snapshot of some part of Maven -->
    <server>
      <id>apache.snapshots.https</id>
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username>
      <password> <!-- YOUR APACHE LDAP PASSWORD --> </password>
    </server>
    <!-- To publish a website of some part of Maven -->
    <server>
      <id>apache.website</id>
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username>
      <filePermissions>664</filePermissions>
      <directoryPermissions>775</directoryPermissions>
    </server>
    <!-- To stage a release of some part of Maven -->
    <server>
      <id>apache.releases.https</id>
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username>
      <password> <!-- YOUR APACHE LDAP PASSWORD --> </password>
    </server>
    <!-- To stage a website of some part of Maven -->
    <server>
      <id>stagingSite</id> <!-- must match hard-coded repository identifier in site:stage-deploy -->
      <username> <!-- YOUR APACHE LDAP USERNAME --> </username>
      <filePermissions>664</filePermissions>
      <directoryPermissions>775</directoryPermissions>
    </server>
    ...
  </servers>
</settings>

reference:

It is highly recommended to use Maven's password encryption capabilities for your passwords.
http://maven.apache.org/guides/mini/guide-encryption.html

3. Setup PGP Keys (for the ones who be the release manager the first time)

	Download gnupg2
	Generate your PGP Key (refer: http://www.apache.org/dev/openpgp.html) so that maven-release-plugin can sign your built artifacts when do release:perform

		How To Avoid SHA-1
		How To Generate a Strong Key

	Update Maven's settings.xml with following:

<settings>
  ...
  <profiles>
    <profile>
      <id>apache-release</id>
      <properties>
        <gpg.passphrase> <!-- YOUR KEY PASSPHRASE --> </gpg.passphrase>
      </properties>
    </profile>
  </profiles>
  ...
</settings>

reference:

http://maven.apache.org/developers/release/apache-release.html

http://maven.apache.org/developers/release/pmc-gpg-keys.html

	Meanwhile, append your public key to https://svn.apache.org/repos/asf/geronimo/KEYS and people.apache.org:/www/www.apache.org/dist/geronimo/KEYS so that user can verify the artifacts you released.

            Change Notification Preferences

        View Online
        |
        View Changes
                |
        Add Comment