incubator-tashi-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From strou...@apache.org
Subject svn commit: r1241755 - /incubator/tashi/branches/stroucki-accounting/doc/RELEASES
Date Wed, 08 Feb 2012 03:01:54 GMT
Author: stroucki
Date: Wed Feb  8 03:01:53 2012
New Revision: 1241755

URL: http://svn.apache.org/viewvc?rev=1241755&view=rev
Log:
RELEASES: Finish release policy document based on draft sample

Modified:
    incubator/tashi/branches/stroucki-accounting/doc/RELEASES

Modified: incubator/tashi/branches/stroucki-accounting/doc/RELEASES
URL: http://svn.apache.org/viewvc/incubator/tashi/branches/stroucki-accounting/doc/RELEASES?rev=1241755&r1=1241754&r2=1241755&view=diff
==============================================================================
--- incubator/tashi/branches/stroucki-accounting/doc/RELEASES (original)
+++ incubator/tashi/branches/stroucki-accounting/doc/RELEASES Wed Feb  8 03:01:53 2012
@@ -1,5 +1,140 @@
+---+ Apache Tashi release policy
+
 This document is based on the draft incubator release management 
 document available at 
 http://incubator.apache.org/guides/releasemanagement.html
 
-XXX
+---++ Apache RAT testing
+
+You could use Apache RAT to examine for any problems like required files 
+which are missing, or which ones don't include an Apache header.
+
+To run RAT, obtain the binary release of Apache RAT, untar it and run 
+java -jar apache-rat-0.8/apache-rat-0.8.jar <top directory>
+
+---++ Uploading artifacts
+
+---+++ Distribution
+
+The destination for an artifact is www.apache.org/dist/incubator/tashi . 
+This location is accessible at /www/www.apache.org/dist/incubator/tashi 
+on people.apache.org.
+
+---+++ Mirroring
+
+Releases must be mirrored. Checksums, KEYS, signatures are mirrored too. 
+Per the release signing guide, the mirrored copies of these files are 
+non-authoritative. In-site links must point to the originals on 
+www.apache.org.
+
+---+++ Archiving
+
+All releases must be archived for future reference. Archives are stored 
+under http://archive.apache.org/dist/incubator/tashi. This archiving 
+happens automatially for all artifacts in 
+www.apache.org/dist/incubator/tashi.
+
+Old releases should be removed from www.apache.org/dist/incubator/tashi. 
+The release will then only remain on the archive server.
+
+---+++ Permissions
+
+All files should be owned by the "incubator" group. Permissions should 
+be <user>:incubator 664, or <user>:incubator 775 respectively for 
+directories.
+
+---+++ Checksums and signatures
+
+The KEYS file should contain the public keys for code signers. The 
+private key needs to be kept safe. Code-signing keys should be linked to 
+the Apache web of trust.
+
+---+++ Modifications
+
+Uploaded artifacts must never be modified. Excluded from this policy are 
+README's, NOTES, KEYS and the like.
+
+---++ Distribution checklist
+
+   * Destination: www.apache.org/dist/incubator/tashi
+   * umask 022
+   * group owner is "incubator"
+   * Checksums and signatures match to artifact
+   * Old release archived
+   * Links to KEYS, signatures and checksums point to www.apache.org
+   * Package into .tar.gz
+
+---++ Dealing with defects
+
+Uploaded artifacts must never be modified (repeat). A new numbered 
+release should be generated. (Assume this will require a vote)
+
+Serious defects may call for a release withdrawal by archiving, 
+announcement on the mailing lists and adding a notice to the download 
+page.
+
+---++ Release checklist
+
+   * Packages:
+      * Artifacts unpack correctly?
+      * Documentation is readable?
+      * For distributed libraries:
+         * Licenses are included, along with NOTICEs?
+         * Licenses comply with incubator policy?
+         * LICENSE and NOTICE contain required sections?
+         * Crypto code satisfies export regulations?
+      * Copyright notices:
+         * Source files include license boilerplate?
+         * Source files with licenses not in LICENSE?
+         * Check policy on header file compliance?
+      * Incubator requirements:
+         * DISCLAIMER included?
+         * Check legal STATUS document?
+      * Source package:
+         * Build instructions exist and work?
+         * License headers applied correctly?
+         * Version control cruft cleaned?
+      * Keys:
+         * KEYS file contains proper signing keys?
+         * Signing key is available on public keyservers?
+      * Version control:
+         * Release was built from specific tag?
+         * Tag named "APACHE_TASHI_<version>"?
+      * Miscellaneous:
+         * Deprecations, incompatibilities documented in RELEASE_NOTES?
+
+---++ Naming
+
+The release should be named apache-tashi-<version>-incubating. <version> 
+should be a six-digit year-and-month, optionally followed by a period 
+and number in case of bug fixes applied to the base version.
+
+---++ Guidelines
+
+In case of need for additional guidance, the following mailing lists are 
+helpful:
+
+   * legal-discuss: for licensing issues
+   * infrastructure-issues: for issues pertaining to release infrastructure
+
+---++ Announcements
+
+Announce releases via apache.org address. Announcements should be plain
+text signed.
+
+---++ Release procedure
+
+Releases must be approved by Incubator PMC.
+
+A release should first be proposed to the PPMC. The proposal should include:-
+   * Link to release candidate artifact (in apache home directory)
+   * Link to tag from which the release was built
+
+Should the PPMC vote pass, call for a vote on incubator.apache.org. 
+Additionally to the above provide a link to the PPMC voting thread.
+
+Remove release candidate artifacts on conclusion of voting.
+
+---++ Invocation
+
+Oh god...



Mime
View raw message