Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-06 10:42:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

4.2.x now uses same process as 5.x

Rob Winch 2020-02-06 08:30:33 -06:00
parent 77e1a1f6bb
commit 61f30cd6fe
1 changed files with 16 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
Release-Process.md

@ -1,10 +1,8 @@
# For Versions 5+ # Perform a Milestone, RC or GA Release
## Perform a Milestone, RC or GA Release
**NOTE:** This release process uses the [spring-build-conventions](https://github.com/spring-gradle-plugins/spring-build-conventions) gradle plug-in. **NOTE:** This release process uses the [spring-build-conventions](https://github.com/spring-gradle-plugins/spring-build-conventions) gradle plug-in.
### Process Overview ## Process Overview
1. [Update dependencies](#1-update-dependencies) 1. [Update dependencies](#1-update-dependencies)
2. [Update release version](#2-update-release-version) 2. [Update release version](#2-update-release-version)
@ -19,13 +17,13 @@
11. [Announce the release on other channels](#11-announce-the-release-on-other-channels) 11. [Announce the release on other channels](#11-announce-the-release-on-other-channels)
### Detailed Steps ## Detailed Steps
#### 1. Update dependencies ### 1. Update dependencies
If you are on master use 1.b, otherwise use 1.a If you are on master use 1.b, otherwise use 1.a
#### 1.a Updating Manually ### 1.a Updating Manually
- Dependencies are declared in `gradle/dependency-management.gradle` - Dependencies are declared in `gradle/dependency-management.gradle`
- Update Spring Framework and Spring Data at a minimum - Update Spring Framework and Spring Data at a minimum
@ -35,7 +33,7 @@ If you are on master use 1.b, otherwise use 1.a
``` ```
_Prerequisites: The `build` directory has to exist to store the file `build/updates.txt`. This directory gets created when a new build is run, but is not present on a fresh git clone._ _Prerequisites: The `build` directory has to exist to store the file `build/updates.txt`. This directory gets created when a new build is run, but is not present on a fresh git clone._
#### 1.b Lock Dependencies ### 1.b Lock Dependencies
Master is setup to use Gradle [dependency locking](https://docs.gradle.org/current/userguide/dependency_locking.html) and version ranges so builds automatically take advantage of the latest dependencies. In order to ensure releases are reproducible, we must lock the dependencies before a release. Master is setup to use Gradle [dependency locking](https://docs.gradle.org/current/userguide/dependency_locking.html) and version ranges so builds automatically take advantage of the latest dependencies. In order to ensure releases are reproducible, we must lock the dependencies before a release.
@ -47,18 +45,18 @@ To lock the dependencies execute:
This writes out all the resolved versions. Run the build. If it passes, commit the changes. This writes out all the resolved versions. Run the build. If it passes, commit the changes.
#### 2. Update release version ### 2. Update release version
- Update the version number in `gradle.properties` for the release, for example, `5.1.0.M1`, `5.1.0.RC1`, `5.1.0.RELEASE` - Update the version number in `gradle.properties` for the release, for example, `5.1.0.M1`, `5.1.0.RC1`, `5.1.0.RELEASE`
#### 3. Build Locally ### 3. Build Locally
- Run the build locally with: - Run the build locally with:
```bash ```bash
./gradlew check ./gradlew check
``` ```
#### 4. Push the release commit ### 4. Push the release commit
- Push the release commit and [Jenkins](https://jenkins.spring.io/job/spring-security/) will build and deploy the artifacts - Push the release commit and [Jenkins](https://jenkins.spring.io/job/spring-security/) will build and deploy the artifacts
- If you are pushing to Maven Central, then you can get notified when it's uploaded by running the following: - If you are pushing to Maven Central, then you can get notified when it's uploaded by running the following:
@ -66,14 +64,14 @@ This writes out all the resolved versions. Run the build. If it passes, commit t
./scripts/release/wait-for-done.sh 5.2.0.RELEASE ./scripts/release/wait-for-done.sh 5.2.0.RELEASE
``` ```
#### 5. Announce the release on Slack ### 5. Announce the release on Slack
- Announce via Slack on [#spring-security](https://pivotal.slack.com/messages/spring-security), including the keyword `spring-security-release` in the message. Something like: - Announce via Slack on [#spring-security](https://pivotal.slack.com/messages/spring-security), including the keyword `spring-security-release` in the message. Something like:
``` ```
spring-security-release 5.2.0.RC1 is out! spring-security-release 5.2.0.RC1 is out!
``` ```
#### 6. Tag the release ### 6. Tag the release
- Tag the release and then push the tag - Tag the release and then push the tag
``` ```
@ -81,16 +79,16 @@ git tag 5.2.0.RC1
git push origin 5.2.0.RC1 git push origin 5.2.0.RC1
``` ```
#### 7. Update to next development version ### 7. Update to next development version
- Update release version to next `BUILD-SNAPSHOT` version and then push - Update release version to next `BUILD-SNAPSHOT` version and then push
- If dependency locks (1.b) were used, revert the commit that included the lock files so that the build uses the latest versions again. - If dependency locks (1.b) were used, revert the commit that included the lock files so that the build uses the latest versions again.
#### 8. Update version on project page ### 8. Update version on project page
- Update release version on [projects.spring.io](https://spring.io/admin/projects/spring-security) - Update release version on [projects.spring.io](https://spring.io/admin/projects/spring-security)
#### 9. Update Release Notes on GitHub ### 9. Update Release Notes on GitHub
- Download [the GitHub release notes generator](https://github.com/spring-io/github-release-notes-generator/releases/latest) - Download [the GitHub release notes generator](https://github.com/spring-io/github-release-notes-generator/releases/latest)
``` ```
@ -116,70 +114,15 @@ cat release-notes | xclip -selection clipboard
- Create the [release on GitHub](https://github.com/spring-projects/spring-security/releases), associate it with the tag, and paste the generated notes - Create the [release on GitHub](https://github.com/spring-projects/spring-security/releases), associate it with the tag, and paste the generated notes
#### 10. Close / Create Milestone ### 10. Close / Create Milestone
- In [GitHub Milestones](https://github.com/spring-projects/spring-security/milestones), - In [GitHub Milestones](https://github.com/spring-projects/spring-security/milestones),
create a new milestone for the next release version create a new milestone for the next release version
- Move any open issues from the existing milestone you just released to the new milestone - Move any open issues from the existing milestone you just released to the new milestone
- Close the milestone for the release. - Close the milestone for the release.
#### 11. Announce the release on other channels ### 11. Announce the release on other channels
- Create a [Blog](https://spring.io/admin/blog) - Create a [Blog](https://spring.io/admin/blog)
- Tweet from [@SpringSecurity](https://twitter.com/springsecurity) - Tweet from [@SpringSecurity](https://twitter.com/springsecurity)
- Send email to spring-developer@pivotal.io - Send email to spring-developer@pivotal.io
# For Spring Security 4.2.x
* Visit https://build.spring.io/browse/SEC-B42X
* Log In
* Ensure you have admin permissions for the build
* Make sure last build is successful
* Then click on the build number of the last build
![Latest Build](https://user-images.githubusercontent.com/3627351/59799650-005d9100-92a2-11e9-95d0-06ebaaf90b57.png)
* Click the arrow on the left hand side below the details
![Left-hand Arrow](https://user-images.githubusercontent.com/3627351/59799760-43b7ff80-92a2-11e9-8347-6b431946c1fe.png)
* Click on Default Job
![Default Job Link](https://user-images.githubusercontent.com/3627351/59799865-811c8d00-92a2-11e9-96e4-0d0f53cb0058.png)
* Click on Artifactory Release & Promotion
![Artifactory Release & Promotion Link](https://user-images.githubusercontent.com/3627351/59800702-88dd3100-92a4-11e9-81c8-ed2405353d71.png)
* Fill out the form with the correct values. Use the screenshot below for an example
![Staging Release Configuration](https://user-images.githubusercontent.com/3627351/59800651-68ad7200-92a4-11e9-837b-b4caf13821dc.png)
* Click `Build and Release to Artifactory`
* A build will start for the release. When it completes (will have "Manual run by ..." next to it) click on the build number
![Build Completed](https://user-images.githubusercontent.com/3627351/59800229-41a27080-92a3-11e9-838c-9eaefa79b9a8.png)
* Click on Artifactory Release & Promotion again
* Fill out form for release
![Release form](https://user-images.githubusercontent.com/3627351/59800582-3bf95a80-92a4-11e9-9beb-040b74ff209a.png)
* Click `Update`. Wait for it to complete.
![Release Promotion completed](https://user-images.githubusercontent.com/3627351/59800350-a067ea00-92a3-11e9-98e5-00d5b5fcd064.png)
* Click on Artifactory Build Info
* Invoke the the scripts in scripts/release/ to release with necessary arguments. Get all the secrets from LastPass
```
$ ./scripts/release/push-to-spring-distributions.sh $BUILD_NUMBER_FROM_BAMBOO
$ ./scripts/release/sync-to-central.sh $RELEASE_VERSION $BINTRAY_API_KEY $SONATYPE_USER_TOKEN $SONATYPE_TOKEN_PWD
$ ./scripts/release/wait-for-done.sh $RELEASE_VERSION
```
You will get a notification when the release is done.
NOTE: wait-for-done only works if you have spd-say installed.