HomeDocumentation > Geronimo Release Process > Geronimo 3.0.x Release Process

Geronimo 3.0.x Release Process

Reference http://www.apache.org/dev/publishing-maven-artifacts.html

Have 3.0.1 release as an example.

Release Checklist

1. Better to use a non-Windows system to create the release candidate

2. mvn rat:check

3. Manually update some files:

  • Updates all pom.xml files to search "SNAPSHOT" to ensure there is no snapshot dependencies
  • Updates plugin-list url in $SRC\framework\configs\plugin\pom.xml
  • Updates ##VERSION## in README.txt and RELEASE_NOTES.txt in source code root folder and $SRC\framework\configs\karaf-framework
  • Updates JIRAs in RELEASE_NOTES.txt (bugs, improvement, new features, known issues, and limitations)
  • Updates the copyright year number in NOTICE files
  • Updates some un-released modules' versions to 3.0.1. Refer to this ant scripts to update the versions in batch.
  • Commit them

4. mvn release:prepare -DdryRun=true -Pall-subprojects

5. Release Prepare

  • Before doing release prepare, clean up you local repository to avoid the bad staging release artifacts to be included in the geronimo release. see reference.
  • This will update the versions in branch 3.0 and create the release tag
    • Manually remove all *.log files in the source code root folder, otherwise those might be packed into the source code zip files.
    • mvn release:clean -Pall-subprojects
    • mvn release:prepare -Pall-subprojects
      • you need "mvn clean install -Dstage=bootstrap" in midway

6. Release Perform

7. Vote

  • Vote in mailing list, meanwhile wait TCK results. Sample release vote email as following:
[VOTE] Release Geronimo 3.0.0
  • Post "VOTE PASSxxx" in the subject, and summarize the vote status in the body when vote close.

8. Release artifacts

  • In Apache nexus, click "release"
    • the artifacts will be synchronized to maven central repository in some time.

9. Update geronimo-plugins.xml

10. Check-in artifacts into dist svnpubsub

11. Announce in Mailing list and Post news in homepage

12. Update the security advisory page

13. Manaually update files in the 3.0 branch after release

  • update 3.0.1-SNAPSHOT to ##VERSION## in README.txt and RELEASE_NOTES.txt
  • remove the JIRA list in RELEASE_NOTES.txt (bugs, improvement, new features, limitations)
  • search "3.0.0" and change them to "3.0.1-SNAPSHOT"
  • Update artifact-alias, add version 3.0.0 in artifact-alias after 3.0.0 release
    • /framework/configs/pom.xml
    • /plugins/client/pom.xml
    • /plugins/corba/client-corba-yoko/pom.xml
    • /plugins/pom.xml
  • commit them


1. Use Genesis 2.0 as a parent pom

  • genesis-java5-flava-2.0.pom
    • genesis-default-flava-2.0.pom
      • genesis-2.0.pom
        • apache-6.pom

2. Use Maven 3.0.3

It is highly recommended to use Maven's password encryption capabilities for your passwords.http://maven.apache.org/guides/mini/guide-encryption.html

3. Setup PGP Keys (for the ones who be the release manager the first time)

  • Download gnupg2
  • Generate your PGP Key (refer: http://www.apache.org/dev/openpgp.html) so that maven-release-plugin can sign your built artifacts when do release:perform
    • How To Avoid SHA-1
    • How To Generate a Strong Key
  • Update Maven's settings.xml with following:
  • Meanwhile, append your public key to https://svn.apache.org/repos/asf/geronimo/KEYS and https://dist.apache.org/repos/dist/release/geronimo/KEYS so that user can verify the artifacts you released.
    • gpg --gen-key
      • RSA and RSA (default), 4096
    • gpg --list-sigs "xxxxxx" && gpg --armor --export "xxxxxx" > xxxxxx.key
      • "cat" your public key to above KEYS file