Skip to main content

ShenYu nginx 发布指南

更新发布公告

按照如下格式更新发布公告

## ${PUBLISH.VERSION}

### New Features

1. xxx
1. xxx
...

### API Changes

1. xxx
1. xxx
...

### Enhancement

1. xxx
1. xxx
...

### Refactor

1. xxx
1. xxx
...

### Bug Fix

1. xxx
1. xxx
...

创建 GPG KEY

每个发布经理只在第一次发布时创建 GPG KEY,以后发布可复用此 KEY。

1. 创建 KEY

安装 GnuPG

按照 OpenPGP KEY Management [1] 的说明创建 KEY:

gpg --full-gen-key

创建步骤(以下内容来自控制台输出):

gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Please select what kind of key you want:
  (1) RSA and RSA (default)
  (2) DSA and Elgamal
  (3) DSA (sign only)
  (4) RSA (sign only)
Your selection? 1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
        0 = key does not expire
     <n>  = key expires in n days
     <n>w = key expires in n weeks
     <n>m = key expires in n months
     <n>y = key expires in n years
Key is valid for? (0)
Key does not expire at all
Is this correct? (y/N) y

GnuPG needs to construct a user ID to identify your key.

Real name: (设置用户名)(使用apache id)
Email address: (设置邮件地址)(使用apache邮箱)
Comment: (填写注释)
You selected this USER-ID:
   "用户名 (注释) <邮件地址>"

Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O
You need a Passphrase to protect your secret key. (设置密码)

2. 检查 KEY

按照 Operational GPG Commands [2] 的说明检查 KEY:

gpg --list-keys

命令输出:

pub   rsa4096 2019-03-11 [SC]
      095E0D21BC28CFC7A8B8076DF7DF28D237A8048C
uid           用户名 (注释) <邮件地址>
sub   rsa4096 2019-03-11 [E]

公钥为 095E0D21BC28CFC7A8B8076DF7DF28D237A8048C。

3. 上传公钥

按照 Dirmngr Options [3] 的说明上传公钥:

gpg --send-key 095E0D21BC28CFC7A8B8076DF7DF28D237A8048C

发布前的准备工作

1. 发布一个新标签

下载并安装 Git.

创建并切换到 ${PUBLISH.VERSION} 标签.

git clone https://github.com/apache/shenyu-nginx.git ~/shenyu-nginx
cd ~/shenyu-nginx/
git checkout main
git tag -a ${PUBLISH.VERSION} -m "${PUBLISH.VERSION} release apache shenyu nginx"

提交更新版本号后的代码和新标签。

git push origin ${PUBLISH.VERSION}

发布到 SVN 预发仓库

下载并安装SVN

1. 更新 KEYS 文件

如果发布经理还没有将自己的公钥追加到 KEYS 文件中,请执行以下操作。否则,跳过此步骤。

根据 signing basics [5] 的说明更新 KEYS 文件。

mkdir -p ~/keys/release/
cd ~/keys/release/
svn --username=${LDAP ID} co https://dist.apache.org/repos/dist/release/shenyu
cd ~/keys/release/shenyu
gpg -a --export ${GPG 用户名} >> KEYS
svn --username=${LDAP ID} commit -m "append to KEYS"

2. 添加源码包和二进制文件包

根据 Uploading packages [6] 的说明添加源码包和二进制文件包。

# create release folder and check out svn dev repo
mkdir -p ~/svn_release/dev/
cd ~/svn_release/dev/
svn --username=${LDAP ID} co https://dist.apache.org/repos/dist/dev/shenyu
mkdir -p ~/svn_release/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION}

# generate source file
git archive --format=tar --prefix=shenyu-nginx-${PUBLISH.VERSION}/ ${PUBLISH.VERSION} | gzip > shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz

# generate sign file for each files
gpg -u <id>@apache.org --armor --output shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz.asc --detach-sign shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz

# copy source files and
cd ~/svn_release/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION}
cp -f ~/shenyu/shenyu-nginx/shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz ~/svn_release/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION}
cp -f ~/shenyu/shenyu-nginx/shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz.asc ~/svn_release/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION}

3. 添加校验文件

根据 Requirements for cryptographic signatures and checksums [7] 的说明添加校验文件。

# go to release folder
cd ~/svn_release/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION}
shasum -a 512 shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz > shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz.sha512

4. 提交新版本

cd ~/svn_release/dev/shenyu/shenyu-nginx
svn add ${PUBLISH.VERSION}/
svn --username=${LDAP ID} commit -m "release apache shenyu nginx ${PUBLISH.VERSION}"

预发版本验证

1. 验证 sha512 校验和

根据 Checking Hashes [8] 的说明验证 sha512 校验和。

shasum -c shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz.sha512

2. 验证 GPG 签名

根据 Checking Signatures [9] 的说明验证 GPG 签名。

curl https://downloads.apache.org/shenyu/KEYS >> KEYS
gpg --import KEYS
gpg --verify shenyu-nginx-source.zip.asc shenyu-nginx-${PUBLISH.VERSION}-src.tar.gz

3. 确保 SVN 与 GitHub 源码一致

根据 Incubator Release Checklist [10] 的说明确保 SVN 与 GitHub 源码一致。

wget https://github.com/apache/shenyu-nginx/archive/${PUBLISH.VERSION}.zip
unzip ${PUBLISH.VERSION}.zip
mvn shenyu-nginx-${PUBLISH.VERSION} shenyu-nginx-${PUBLISH.VERSION}-src 
tar xzf shenyu-nginx-v${PUBLISH.VERSION}-src.tar.gz
diff -r shenyu-nginx-${PUBLISH.VERSION}-src shenyu-nginx-v${PUBLISH.VERSION}

4. 检查源码包

根据 Incubator Release Checklist [10] 的说明检查源码包。

  • 存在 LICENSENOTICE 文件
  • NOTICE 文件中的年份正确
  • 所有文件的开头都有 ASF 许可证
  • 不存在未依赖软件的 LICENSENOTICE
  • 不存在不符合预期的二进制文件
  • 编译通过 (luarocks make rockspec/shenyu-nginx-${PUBLISH.VERSION}.rockspec)
  • 如果存在第三方代码依赖:
    • 第三方代码依赖的许可证兼容

5. 检查二进制包

根据 Binary distributions [11] 的说明检查二进制包。

  • 存在 LICENSENOTICE 文件
  • NOTICE 文件中的年份正确
  • 所有文本文件开头都有 ASF 许可证
  • 不存在未依赖软件的 LICENSENOTICE
  • 如果存在第三方代码依赖:
    • 第三方代码依赖的许可证兼容

投票流程

根据 RELEASE APPROVAL [12], Releases [13], voting [14] 的说明进行社区投票。

ShenYu 社区投票

1. 投票持续至少 72 小时并获得 3 个+1 binding

发送至:

dev@shenyu.apache.org

标题:

[VOTE] Release Apache ShenYu Nginx ${PUBLISH.VERSION}

正文:

Hello ShenYu Community,

This is a call for vote to release Apache ShenYu Nginx version ${PUBLISH.VERSION}.

Release notes:
https://github.com/apache/shenyu-nginx/blob/main/RELEASE-NOTES.md

The release candidates:
https://dist.apache.org/repos/dist/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION}/

Git tag for the release:
https://github.com/apache/shenyu-nginx/tree/${PUBLISH.VERSION}

Release Commit ID:
https://github.com/apache/shenyu-nginx/commit/xxxxxxxxxxxxxxx


Keys to verify the Release Candidate:
https://downloads.apache.org/shenyu/KEYS

Look at here for how to verify this release candidate:
https://shenyu.apache.org/community/shenyu-nginx-release-guide/#check-release

The vote will be open for at least 72 hours or until necessary number of votes are reached.

Please vote accordingly:

[ ] +1 approve

[ ] +0 no opinion

[ ] -1 disapprove with the reason

Checklist for reference:

[ ] Download links are valid.

[ ] Checksums and PGP signatures are valid.

[ ] Source code distributions have correct names matching the current release.

[ ] LICENSE and NOTICE files are correct for each ShenYu Nginx repo.

[ ] All files have license headers if necessary.

[ ] No compiled archives bundled in source archive.

2. 宣布投票结果

发送至:

dev@shenyu.apache.org

标题:

[RESULT][VOTE] Release Apache ShenYu Nginx ${PUBLISH.VERSION}

正文:

We’ve received 3 +1 binding votes and 2 +1 non-binding votes:

+1, xxx (binding)
+1, xxx (binding)
+1, xxx (binding)
+1, xxx (non-binding)
+1, xxx (non-binding)

Vote thread:
https://lists.apache.org/thread/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Thanks everyone for taking the time to verify and vote for the release!

完成发布

1. 完成 SVN 发布

根据 Uploading packages [6] 的说明将新版本从 dev 目录转移到 release 目录。

svn mv https://dist.apache.org/repos/dist/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION} https://dist.apache.org/repos/dist/release/shenyu/shenyu-nginx -m "transfer packages for ${PUBLISH.VERSION}"
svn delete https://dist.apache.org/repos/dist/release/shenyu/shenyu-nginx/${PREVIOUS.RELEASE.VERSION}

2. 完成 GitHub release

编辑 Releases ${PUBLISH.VERSION}点击 Release.

3. 更新下载页面

根据 Release Download Pages for Projects [15], Normal distribution on the Apache downloads site [16] 的说明更新下载页面。

Apache 镜像连接生效后(至少一小时),更新下载页面: 英文版中文版

注意:项目下载链接应该使用 https://www.apache.org/dyn/closer.lua 而不是 closer.cgi 或者 mirrors.cgi

注意:GPG 签名文件和哈希校验文件的下载连接必须使用这个前缀:https://downloads.apache.org/shenyu/

4. 更新文档

${PUBLISH.VERSION} 版本的文档进行归档,并更新版本页面

5. 更新事件页面

添加新版本事件

b. 更新新闻页面

添加新版本新闻

发布公告

注意:announce@apache.org 地址要求以纯文本格式发送邮件。如果你使用的是 Gmail,可以在编辑界面勾选纯文本模式

发送至:

dev@shenyu.apache.org
announce@apache.org

标题:

[ANNOUNCE] Apache ShenYu Nginx ${PUBLISH.VERSION} available

正文:

Hi,

Apache ShenYu Team is glad to announce the new release of Apache ShenYu Nginx ${PUBLISH.VERSION}.

Apache ShenYu is an asynchronous, high-performance, cross-language, responsive API gateway.
Support various languages (http protocol), support Dubbo, Spring-Cloud, Grpc, Motan, Sofa, Tars and other protocols.
Plugin design idea, plugin hot swap, easy to expand.
Flexible flow filtering to meet various flow control.
Built-in rich plugin support, authentication, limiting, fuse, firewall, etc.
Dynamic flow configuration, high performance.
Support cluster deployment, A/B Test, blue-green release.

Download Links: https://shenyu.apache.org/download/

Release Notes: https://github.com/apache/shenyu-nginx/blob/main/RELEASE-NOTES.md

Website: https://shenyu.apache.org/

ShenYu Resources:
- Issue: https://github.com/apache/shenyu/issues
- Mailing list: dev@shenyu.apache.org
- Documents: https://shenyu.apache.org/docs/index/


- Apache ShenYu Team

重新发布(非必需)

注意:只有在投票没有通过的情况下才需要重新发布。

1. 取消投票邮件模板

发送至:

dev@shenyu.apache.org

标题:

[CANCEL][VOTE] Release Apache ShenYu Nginx ${PUBLISH.VERSION}

正文:

Hi,

I'm cancelling this vote because of xxxxxx issues. I'll fix them and start the round ${n} vote process.
The detail of the modifications are as follows:

1. xxxxxx
2. xxxxxx

Thanks a lot for all your help.

2. 清理预发仓库

访问 https://repository.apache.org/#stagingRepositories, 使用 Apache 的 LDAP 账户登录后,选中之前 Close 的版本,点击 Drop

3. 删除 GitHub 分支和标签

git push origin --delete ${PUBLISH.VERSION}-release
git branch -D ${PUBLISH.VERSION}-release
git push origin --delete tag v${PUBLISH.VERSION}
git tag -d v${PUBLISH.VERSION}

4. 删除 SVN 待发布内容

svn delete https://dist.apache.org/repos/dist/dev/shenyu/shenyu-nginx/${PUBLISH.VERSION} -m "delete ${PUBLISH.VERSION}"

5. 更新邮件标题

完成以上步骤后,可以开始重新进行发布操作。接下来的投票邮件标题需要增加 [ROUND ${n}] 后缀。例如:

[VOTE] Release Apache ShenYu Nginx ${PUBLISH.VERSION} [ROUND 2]

投票结果和通知邮件不需要加后缀。

以上内容参考