Compare commits

...

1 Commits

Author SHA1 Message Date
Maxime Beauchemin
9807963cd4 Apache Releases
https://github.com/mistercrunch/superset/blob/apache-releases/RELEASING.md#apache-releases
2019-03-18 23:32:06 -07:00
4 changed files with 120 additions and 55 deletions

1
.gitignore vendored
View File

@@ -78,3 +78,4 @@ geckodriver.log
ghostdriver.log ghostdriver.log
testCSV.csv testCSV.csv
.terser-plugin-cache/ .terser-plugin-cache/
apache-superset-*.tar.gz*

39
INSTALL.txt Normal file
View File

@@ -0,0 +1,39 @@
# INSTALL / BUILD instructions for Apache Superset (incubating)
# These instructions should work along sources releases under
# https://dist.apache.org/repos/dist/dev/incubator/superset/*/*source.tar.gz$
# [required] fetch the tarball and untar the source
# change into the directory that was untarred.
#############################
# Dependencies
#############################
# Superset runs best on python3.6
# Also recommended is the latest long term supported node / npm
# For complementary information read our CONTRIBUTING.md
# for OS level dependencies find instructions here:
# http://superset.apache.org/installation.html
# Fetch npm dependencies
cd superset/assets/
npm ci
# Build the Javascript bundles
npm run prod
# Back to the root of the repo
cd ../..
# [optional] Superset pulls in quite a lot of dependencies in order
# to connect to other services. You might want to test or run Superset
# from a virtual env to make sure those dependencies are separated
# from your system wide versions
python3 -m env36
source env36/bin/activate
# [required] building and installing by pip (preferred)
pip install .
# superset --help

View File

@@ -46,66 +46,63 @@ git commit -a -m "New doc version"
git push origin master git push origin master
``` ```
## Publishing a PyPI release # Apache Releases
We create a branch that goes along each minor release `0.24` You'll probably want to run these commands manually and understand what
and micro releases get corresponding tags as in `0.24.0`. Git history should they do prior to doing so.
never be altered in release branches.
Bug fixes and security-related patches get cherry-picked
(usually from master) as in `git cherry-pick -x {SHA}`.
Following a set of cherries being picked, a release can be pushed to First you need to setup a few things. This is a one-off and doesn't
PyPI as follows: need to be done at every release.
```bash ```bash
# branching off of master # Create PGP Key
git checkout -b 0.25 gpg --gen-key
# cherry-picking a SHA # Checkout ASF dist repo
git cherry-pick -x f9d85bd2e1fd9bc233d19c76bed09467522b968a svn checkout https://dist.apache.org/repos/dist/dev/incubator/superset/ ~/svn/superset
# repeat with other SHAs, don't forget the -x cd ~/svn/superset
# source of thruth for release numbers live in package.json
vi superset/assets/package.json # Add your GPG pub key to KEYS file. Replace "Maxime Beauchemin" with your name
# hard code release in file, commit to the release branch export FULLNAME="Maxime Beauchemin"
git commit -a -m "0.25.0" (gpg --list-sigs $FULLNAME && gpg --armor --export $FULLNAME ) >> KEYS
# create the release tag in the release branch
git tag 0.25.0 # Commit the changes
git push apache 0.25 --tags svn commit -m "Add PGP keys of new Superset committer"
# check travis to confirm the build succeeded as
# you shouldn't assume that a clean cherry will be clean
# when landing on a new sundae
# compile the JS, and push to pypi
# to run this part you'll need a pypi account and rights on the
# superset package. Committers that want to ship releases
# should have this access.
# You'll also need a `.pypirc` as specified here:
# https://gist.github.com/davydany/b08acef08f75fe297e13ae4d24ce9f4d
./pypi_push.sh
# publish an update to the CHANGELOG.md for the right version range
# looking the latest CHANGELOG entry for the second argument
./gen_changelog.sh 0.22.1 0.25.0
# this will overwrite the CHANGELOG.md with only the version range
# so you'll want to copy paste that on top of the previous CHANGELOG.md
# open a PR against `master`
``` ```
In the future we'll start publishing release candidates for minor releases Now let's craft a source release
only, but typically not for micro release. ```bash
The process will be similar to the process described above, expect the # Setting a VERSION var will be useful
tags will be formatted `0.25.0rc1`, `0.25.0rc2`, ..., until consensus export VERSION=0.31.0rc18
is reached.
We should also have a Github PR label process to target the proper # Let's create a git tag
release, and tooling helping keeping track of all the cherries and git tag -f ${VERSION}
target versions.
For Apache releases, the process will be a bit heavier and should get # [WARNING!] This command wipes everything in your repo that is
documented here. There will be extra steps for signing the binaries, # gitignored in preparation for the source release.
with a PGP key and providing MD5, Apache voting, as well as # You may want to check that there's nothing your care about here first.
publishing to Apache's SVN repository. View the ASF docs for more # Alternatively you could clone the repo into another location as in
information. # git clone git@github.com:apache/incubator-superset.git superset-releases
git clean -fxd
git archive \
--format=tar.gz ${VERSION} \
--prefix=apache-superset-${VERSION}/ \
-o apache-superset-${VERSION}-source.tar.gz
scripts/sign.sh apache-superset-${VERSION}-source.tar.gz
```
Now let's ship this into svn
```bash
# cp or mv the files over to the svn repo
mkdir ~/svn/superset/${VERSION}/
cp apache-superset-${VERSION}* ~/svn/superset/${VERSION}/
cd ~/svn/superset/
svn add ${VERSION}
svn commit
```
Now you're ready to announce the release on the mailing list

28
scripts/sign.sh Executable file
View File

@@ -0,0 +1,28 @@
#!/usr/bin/env bash
#
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# Use this to sign the tar balls generated from
# python setup.py sdist --formats=gztar
# ie. sign.sh <my_tar_ball>
# you will still be required to type in your signing key password
# or it needs to be available in your keychain
NAME=${1}
gpg --armor --output ${NAME}.asc --detach-sig ${NAME}
gpg --print-md SHA512 ${NAME} > ${NAME}.sha512