openjpa-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From conflue...@apache.org
Subject [CONF] OpenJPA > Release Setup
Date Sat, 04 Feb 2012 03:35:00 GMT
<html>
<head>
    <base href="https://cwiki.apache.org/confluence">
            <link rel="stylesheet" href="/confluence/s/2042/9/5/_/styles/combined.css?spaceKey=openjpa&amp;forWysiwyg=true"
type="text/css">
    </head>
<body style="background: white;" bgcolor="white" class="email-body">
<div id="pageContent">
<div id="notificationFormat">
<div class="wiki-content">
<div class="email">
    <h2><a href="https://cwiki.apache.org/confluence/display/openjpa/Release+Setup">Release
Setup</a></h2>
    <h4>Page <b>edited</b> by             <a href="https://cwiki.apache.org/confluence/display/~allee8285@gmail.com">Albert
Lee</a>
    </h4>
        <br/>
                         <h4>Changes (2)</h4>
                                 
    
<div id="page-diffs">
                    <table class="diff" cellpadding="0" cellspacing="0">
    
            <tr><td class="diff-snipped" >...<br></td></tr>
            <tr><td class="diff-unchanged" >{info} <br># Backup your cygwin
home directory to another media || <br></td></tr>
            <tr><td class="diff-changed-lines" ># <span class="diff-deleted-words"style="color:#999;background-color:#fdd;text-decoration:line-through;">Add</span>
<span class="diff-added-words"style="background-color: #dfd;">Append</span> your
public key to {{[https://svn.apache.org/repos/asf/openjpa/KEYS]}} and {{http://www.apache.org/dist/openjpa/KEYS}}.
See the commands describe at the beginning of this KEYS file to perform this task. The gpg
key-pair is used to sign the published artifacts for the releases. <br></td></tr>
            <tr><td class="diff-unchanged" >{code:none} <br></td></tr>
            <tr><td class="diff-changed-lines" >$ <span class="diff-added-words"style="background-color:
#dfd;">(</span> gpg --list-sigs &lt;Real Name&gt; &amp;&amp; gpg
--armor <span class="diff-changed-words">--<span class="diff-deleted-chars"style="color:#999;background-color:#fdd;text-decoration:line-through;">
</span>export</span> &lt;Real Name&gt; <span class="diff-added-words"style="background-color:
#dfd;">) &gt;&gt; KEYS</span> <br></td></tr>
            <tr><td class="diff-unchanged" >{code} <br>{info}The {{[https://svn.apache.org/repos/asf/openjpa/KEYS]}}
file is updated via normal svn commit procedures.  The one under w.a.o/dist/ has to be manually
updated from svn. <br></td></tr>
            <tr><td class="diff-snipped" >...<br></td></tr>
    
            </table>
    </div>                            <h4>Full Content</h4>
                    <div class="notificationGreySide">
        <p>These setup steps only need to be performed on a particular machine once.</p>
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td>Developers using Linux
workstations can skip over the references to Cygwin.  If using Windows, install cygwin, including
<b>Utils/gnupg</b> and <b>Net/openssh</b> packages.</td></tr></table></div>

<h3><a name="ReleaseSetup-CreateandinstallaSSHkey"></a>Create and install
a SSH key</h3>

<ol>
	<li>Open a shell window.  If using Windows, open a cygwin window.</li>
	<li>Use ssh-keygen to create an SSH key.
<div class='panelMacro'><table class='noteMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/warning.gif" width="16" height="16"
align="absmiddle" alt="" border="0"></td><td><ul>
	<li>Follow the latest steps and guides on the ASF website at <a href="http://www.apache.org/dev/openpgp.html#generate-key"
class="external-link" rel="nofollow">http://www.apache.org/dev/openpgp.html#generate-key</a>
as you need to disable using SHA1 and new keys should be 4096 bits.</li>
	<li>ssh-keygen dsa key type only accept 1024 bits; use rsa / 4096 bits instead and
adjust all the id_dsa* reference to id_rsa*.</li>
</ul>
</td></tr></table></div>
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ ssh-keygen -t dsa -b 4096
</pre>
</div></div></li>
</ol>
<ul>
	<li>Program defaults should be fine.  No passphrase is required for the ssh key generation.
 The keys will be saved in ~/.ssh/id_dsa (private) and ~/.ssh/id_dsa.pub (public).
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td>See <a href="http://www.networknewz.com/networknewz-10-20030707AuthenticatingbyPublicKeyOpenSSH.html"
class="external-link" rel="nofollow">Authenticating By Public Key (OpenSSH)</a> for
a good description on why and how to perform this task.</td></tr></table></div></li>
</ul>
<ol>
	<li><tt>scp</tt> your SSH public key ~/.ssh/id_dsa.pub created in last
step to ~/id_dsa.pub on people.apache.org.
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none"> 
$ cd ~/.ssh
$ scp id_dsa.pub &lt;your userid&gt;@people.apache.org:id_dsa.pub 
$ You will be prompted for your password.
</pre>
</div></div></li>
	<li>Use ssh to login to people.apache.org
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ cd ~
$ ssh &lt;your userid&gt;@people.apache.org
</pre>
</div></div></li>
</ol>
<ul>
	<li>At this point, you will still be prompted for your password.</li>
</ul>
<ol>
	<li>Create a ~/.ssh folder in your home directory on people.apache.org and change its
file mode to 700.
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ mkdir ~/.ssh
$ chmod 700 ~/.ssh
</pre>
</div></div></li>
	<li>Move or append ~/id_dsa.pub to ~/.ssh/authorized_keys and change its file mode
to 600.
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ mv ~/id_dsa.pub ~/.ssh/authorized_keys
$ chmod 600 ~/.ssh/authorized_keys
</pre>
</div></div>
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td><ul>
	<li>Each public key in the <tt>authorized_keys</tt> spans only one line.
	<ul>
		<li>For example: "<tt>ssh-dss AAAAB3NzaC1kc3MAAA ..... agBmmfZ9uAbSqA== dsa-key-20071107</tt>"</li>
	</ul>
	</li>
	<li>'#' in the first column is a comment line.</li>
</ul>
</td></tr></table></div></li>
	<li>Exit out of this ssh session.</li>
	<li>Start a new ssh session.  No login should be required this time due to the private
ssh key on your local box matching up with the public ssh key in your home directory (~/.ssh).
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ ssh &lt;your userid&gt;@people.apache.org
</pre>
</div></div> 
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td>If you are still prompted
for a password, then you have not set up the ssh keys properly.  Review the steps above and
ensure that all of the steps were followed properly.  Or, maybe the instructions are still
not quite right and they still need some adjusting.  In that case, please update the instructions
accordingly.  <img class="emoticon" src="/confluence/images/icons/emoticons/smile.gif"
height="20" width="20" align="absmiddle" alt="" border="0"/></td></tr></table></div></li>
</ol>



<h3><a name="ReleaseSetup-CreateaGPGkey"></a>Create a GPG key</h3>

<ol>
	<li>Open a shell window.  If using Windows, open a cygwin window.</li>
	<li>Generate a key-pair with gpg, using default key kind ("DSA and Elgamal") and ELG-E
keys size (2048).
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ gpg --gen-key
</pre>
</div></div></li>
</ol>
<ul>
	<li>The program's default values should be fine.  For the "Real Name" enter your full
name (ie. Stan Programmer).  For the "e-mail address" enter your apache address (ie. sprogrammer@apache.org).
 You will also be required to enter a "passphrase" for the GPG key generation.  Keep track
of this as you will need this for the Release processing.
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td><ul>
	<li>The generated keys are stored in $HOME/.gnupg (*nix), %HOME%\Application Data\gnupg
subdirectory (Windows XP) or C:\ProgramData\GNU\etc\gnupg (Windows 7).</li>
	<li>"gpg --version" shows the GnuPG's home location.</li>
	<li>Save the content in this subdirectory to a safe media. This contains your private
key used to sign all the release materials.</li>
</ul>
</td></tr></table></div></li>
</ul>
<ol>
	<li>Backup your cygwin home directory to another media ||</li>
	<li>Append your public key to <tt><a href="https://svn.apache.org/repos/asf/openjpa/KEYS"
class="external-link" rel="nofollow">https://svn.apache.org/repos/asf/openjpa/KEYS</a></tt>
and <tt><a href="http://www.apache.org/dist/openjpa/KEYS" class="external-link" rel="nofollow">http://www.apache.org/dist/openjpa/KEYS</a></tt>.
See the commands describe at the beginning of this KEYS file to perform this task. The gpg
key-pair is used to sign the published artifacts for the releases.
<div class="code panel" style="border-width: 1px;"><div class="codeContent panelContent">
<pre class="code-none">
$ ( gpg --list-sigs &lt;Real Name&gt; &amp;&amp; gpg --armor --export &lt;Real
Name&gt; ) &gt;&gt; KEYS
</pre>
</div></div>
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td>The <tt><a
href="https://svn.apache.org/repos/asf/openjpa/KEYS" class="external-link" rel="nofollow">https://svn.apache.org/repos/asf/openjpa/KEYS</a></tt>
file is updated via normal svn commit procedures.  The one under w.a.o/dist/ has to be manually
updated from svn.</td></tr></table></div></li>
	<li>Submit your public key to a key server. E.g. <a href="http://pgp.surfnet.nl:11371/"
class="external-link" rel="nofollow">http://pgp.surfnet.nl:11371/</a> or <a href="http://pgp.mit.edu/"
class="external-link" rel="nofollow">http://pgp.mit.edu/</a>||</li>
	<li>Following the instructions in <a href="http://people.apache.org/~henkp/trust/"
class="external-link" rel="nofollow">http://people.apache.org/~henkp/trust/</a> and
ask multiple (at least 3) current Apache committers to sign your public key.</li>
</ol>


<h3><a name="ReleaseSetup-UpdateMavensettingsforourservers"></a>Update Maven
settings for our servers</h3>

<ol>
	<li>Create a settings.xml under .m2
<div class='table-wrap'>
<table class='confluenceTable'><tbody>
<tr>
<td class='confluenceTd'>&nbsp;</td>
<td class='confluenceTd'> <div class="code panel" style="border-style: solid;border-width:
1px;"><div class="codeHeader panelHeader" style="border-bottom-width: 1px;border-bottom-style:
solid;"><b>settings.xml</b></div><div class="codeContent panelContent">
<pre class="code-xml">
&lt;settings xmlns=<span class="code-quote">"http://maven.apache.org/POM/4.0.0"</span>
          <span class="code-keyword">xmlns:xsi</span>=<span class="code-quote">"http://www.w3.org/2001/XMLSchema-instance"</span>
          xsi:schemaLocation=<span class="code-quote">"http://maven.apache.org/POM/4.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd"</span>&gt;
    <span class="code-tag">&lt;servers&gt;</span>
       <span class="code-tag"><span class="code-comment">&lt;!-- SCP settings
for people.apache.org --&gt;</span></span>
       <span class="code-tag">&lt;server&gt;</span>
          <span class="code-tag">&lt;id&gt;</span>people.apache.org<span
class="code-tag">&lt;/id&gt;</span>
          <span class="code-tag">&lt;username&gt;</span>$USERNAME<span
class="code-tag">&lt;/username&gt;</span>
          <span class="code-tag">&lt;privateKey&gt;</span>$PATH_TO_PRIVATE_KEY<span
class="code-tag">&lt;/privateKey&gt;</span>
          <span class="code-tag">&lt;passphrase&gt;</span>$SSH_PASSPHRASE<span
class="code-tag">&lt;/passphrase&gt;</span>
          <span class="code-tag">&lt;directoryPermissions&gt;</span>775<span
class="code-tag">&lt;/directoryPermissions&gt;</span>
          <span class="code-tag">&lt;filePermissions&gt;</span>644<span
class="code-tag">&lt;/filePermissions&gt;</span>
          &lt;!-- following is only for Windows only
          <span class="code-tag">&lt;configuration&gt;</span>
              <span class="code-tag">&lt;sshExecutable&gt;</span>plink<span
class="code-tag">&lt;/sshExecutable&gt;</span>
              <span class="code-tag">&lt;scpExecutable&gt;</span>pscp<span
class="code-tag">&lt;/scpExecutable&gt;</span>
              <span class="code-tag">&lt;scpArgs&gt;</span>-2Bp<span
class="code-tag">&lt;/scpArgs&gt;</span>
              <span class="code-tag">&lt;sshArgs&gt;</span>-2<span
class="code-tag">&lt;/sshArgs&gt;</span>
          <span class="code-tag">&lt;/configuration&gt;</span>
          --&gt;
       <span class="code-tag">&lt;/server&gt;</span>
       <span class="code-tag"><span class="code-comment">&lt;!-- ASF Nexus
settings --&gt;</span></span>
       <span class="code-tag">&lt;server&gt;</span>
           <span class="code-tag">&lt;id&gt;</span>apache.snapshots.https<span
class="code-tag">&lt;/id&gt;</span>
           <span class="code-tag">&lt;username&gt;</span>$USERNAME<span
class="code-tag">&lt;/username&gt;</span>
           <span class="code-tag">&lt;password&gt;</span>$APACHE_LDAP_PWD<span
class="code-tag">&lt;/password&gt;</span>
       <span class="code-tag">&lt;/server&gt;</span>
       <span class="code-tag">&lt;server&gt;</span>
           <span class="code-tag">&lt;id&gt;</span>apache.releases.https<span
class="code-tag">&lt;/id&gt;</span>
           <span class="code-tag">&lt;username&gt;</span>$USERNAME<span
class="code-tag">&lt;/username&gt;</span>
           <span class="code-tag">&lt;password&gt;</span>$APACHE_LDAP_PWD<span
class="code-tag">&lt;/password&gt;</span>
       <span class="code-tag">&lt;/server&gt;</span>
    <span class="code-tag">&lt;/servers&gt;</span> 
    <span class="code-tag">&lt;profiles&gt;</span>
        <span class="code-tag">&lt;profile&gt;</span>
            <span class="code-tag">&lt;id&gt;</span>apache-release<span
class="code-tag">&lt;/id&gt;</span>
            <span class="code-tag">&lt;properties&gt;</span>
                <span class="code-tag">&lt;gpg.passphrase&gt;</span>$SSH_PASSPHRASE<span
class="code-tag">&lt;/gpg.passphrase&gt;</span>
            <span class="code-tag">&lt;/properties&gt;</span>
        <span class="code-tag">&lt;/profile&gt;</span>
        <span class="code-tag">&lt;profile&gt;</span>
            <span class="code-tag">&lt;id&gt;</span>gpg-passphrase<span
class="code-tag">&lt;/id&gt;</span>
            <span class="code-tag">&lt;properties&gt;</span>
                <span class="code-tag">&lt;gpg.passphrase&gt;</span>$SSH_PASSPHRASE<span
class="code-tag">&lt;/gpg.passphrase&gt;</span>
            <span class="code-tag">&lt;/properties&gt;</span>
        <span class="code-tag">&lt;/profile&gt;</span>
    <span class="code-tag">&lt;/profiles&gt;</span>
<span class="code-tag">&lt;/settings&gt;</span>
</pre>
</div></div>
<div class='panelMacro'><table class='infoMacro'><colgroup><col width='24'><col></colgroup><tr><td
valign='top'><img src="/confluence/images/icons/emoticons/information.gif" width="16"
height="16" align="absmiddle" alt="" border="0"></td><td><ul>
	<li><tt>$USERNAME</tt> is the remote username on people.apache.org, not
your local userid.</li>
	<li><tt>$PATH_TO_PRIVATE_KEY</tt> is the path to the private key generated
for ssh. E.g. /home/yourLocalUserId/.ssh/id_dsa.  For Windows' cygwin users, you will need
to enter the full cygwin path:  /cygdrive/c/cygwin/home/yourLocalUserId/.ssh/id_dsa.</li>
	<li><tt>$SSH_PASSPHRASE</tt> for the supplied <tt>$PATH_TO_PRIVATE_KEY</tt>.
 If you don't use this in your settings.xml file, then you will be prompted for it during
the Release processing.</li>
	<li><tt>$APACHE_LDAP_PWD</tt> is your Apache LDAP password, which is shared
between SVN and password login for  people.apache.org.</li>
</ul>
</td></tr></table></div></td>
</tr>
</tbody></table>
</div>
</li>
</ol>

    </div>
        <div id="commentsSection" class="wiki-content pageSection">
        <div style="float: right;">
            <a href="https://cwiki.apache.org/confluence/users/viewnotifications.action"
class="grey">Change Notification Preferences</a>
        </div>
        <a href="https://cwiki.apache.org/confluence/display/openjpa/Release+Setup">View
Online</a>
        |
        <a href="https://cwiki.apache.org/confluence/pages/diffpagesbyversion.action?pageId=23335376&revisedVersion=5&originalVersion=4">View
Changes</a>
                |
        <a href="https://cwiki.apache.org/confluence/display/openjpa/Release+Setup?showComments=true&amp;showCommentArea=true#addcomment">Add
Comment</a>
            </div>
</div>
</div>
</div>
</div>
</body>
</html>

Mime
View raw message