Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-05 18:22:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

4.2.x now uses same process as 5.x

Rob Winch 2020-02-06 08:30:33 -06:00
parent 77e1a1f6bb
commit 61f30cd6fe
1 changed files with 16 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

89
Release-Process.md

@ -1,10 +1,8 @@
# For Versions 5+
## Perform a Milestone, RC or GA Release
# Perform a Milestone, RC or GA Release
**NOTE:** This release process uses the [spring-build-conventions](https://github.com/spring-gradle-plugins/spring-build-conventions) gradle plug-in.
### Process Overview
## Process Overview
1. [Update dependencies](#1-update-dependencies)
2. [Update release version](#2-update-release-version)
@ -19,13 +17,13 @@
11. [Announce the release on other channels](#11-announce-the-release-on-other-channels)
### Detailed Steps
## Detailed Steps
#### 1. Update dependencies
### 1. Update dependencies
If you are on master use 1.b, otherwise use 1.a
#### 1.a Updating Manually
### 1.a Updating Manually
- Dependencies are declared in `gradle/dependency-management.gradle`
- Update Spring Framework and Spring Data at a minimum
@ -35,7 +33,7 @@ If you are on master use 1.b, otherwise use 1.a
```
_Prerequisites: The `build` directory has to exist to store the file `build/updates.txt`. This directory gets created when a new build is run, but is not present on a fresh git clone._
#### 1.b Lock Dependencies
### 1.b Lock Dependencies
Master is setup to use Gradle [dependency locking](https://docs.gradle.org/current/userguide/dependency_locking.html) and version ranges so builds automatically take advantage of the latest dependencies. In order to ensure releases are reproducible, we must lock the dependencies before a release.
@ -47,18 +45,18 @@ To lock the dependencies execute:
This writes out all the resolved versions. Run the build. If it passes, commit the changes.
#### 2. Update release version
### 2. Update release version
- Update the version number in `gradle.properties` for the release, for example, `5.1.0.M1`, `5.1.0.RC1`, `5.1.0.RELEASE`
#### 3. Build Locally
### 3. Build Locally
- Run the build locally with:
```bash
./gradlew check
```
#### 4. Push the release commit
### 4. Push the release commit
- Push the release commit and [Jenkins](https://jenkins.spring.io/job/spring-security/) will build and deploy the artifacts
- If you are pushing to Maven Central, then you can get notified when it's uploaded by running the following:
@ -66,14 +64,14 @@ This writes out all the resolved versions. Run the build. If it passes, commit t
./scripts/release/wait-for-done.sh 5.2.0.RELEASE
```
#### 5. Announce the release on Slack
### 5. Announce the release on Slack
- Announce via Slack on [#spring-security](https://pivotal.slack.com/messages/spring-security), including the keyword `spring-security-release` in the message. Something like:
```
spring-security-release 5.2.0.RC1 is out!
```
#### 6. Tag the release
### 6. Tag the release
- Tag the release and then push the tag
```
@ -81,16 +79,16 @@ git tag 5.2.0.RC1
git push origin 5.2.0.RC1
```
#### 7. Update to next development version
### 7. Update to next development version
- Update release version to next `BUILD-SNAPSHOT` version and then push
- If dependency locks (1.b) were used, revert the commit that included the lock files so that the build uses the latest versions again.
#### 8. Update version on project page
### 8. Update version on project page
- Update release version on [projects.spring.io](https://spring.io/admin/projects/spring-security)
#### 9. Update Release Notes on GitHub
### 9. Update Release Notes on GitHub
- Download [the GitHub release notes generator](https://github.com/spring-io/github-release-notes-generator/releases/latest)
```
@ -116,70 +114,15 @@ cat release-notes | xclip -selection clipboard
- Create the [release on GitHub](https://github.com/spring-projects/spring-security/releases), associate it with the tag, and paste the generated notes
#### 10. Close / Create Milestone
### 10. Close / Create Milestone
- In [GitHub Milestones](https://github.com/spring-projects/spring-security/milestones),
create a new milestone for the next release version
- Move any open issues from the existing milestone you just released to the new milestone
- Close the milestone for the release.
#### 11. Announce the release on other channels
### 11. Announce the release on other channels
- Create a [Blog](https://spring.io/admin/blog)
- Tweet from [@SpringSecurity](https://twitter.com/springsecurity)
- Send email to spring-developer@pivotal.io
# For Spring Security 4.2.x
* Visit https://build.spring.io/browse/SEC-B42X
* Log In
* Ensure you have admin permissions for the build
* Make sure last build is successful
* Then click on the build number of the last build
![Latest Build](https://user-images.githubusercontent.com/3627351/59799650-005d9100-92a2-11e9-95d0-06ebaaf90b57.png)
* Click the arrow on the left hand side below the details
![Left-hand Arrow](https://user-images.githubusercontent.com/3627351/59799760-43b7ff80-92a2-11e9-8347-6b431946c1fe.png)
* Click on Default Job
![Default Job Link](https://user-images.githubusercontent.com/3627351/59799865-811c8d00-92a2-11e9-96e4-0d0f53cb0058.png)
* Click on Artifactory Release & Promotion
![Artifactory Release & Promotion Link](https://user-images.githubusercontent.com/3627351/59800702-88dd3100-92a4-11e9-81c8-ed2405353d71.png)
* Fill out the form with the correct values. Use the screenshot below for an example
![Staging Release Configuration](https://user-images.githubusercontent.com/3627351/59800651-68ad7200-92a4-11e9-837b-b4caf13821dc.png)
* Click `Build and Release to Artifactory`
* A build will start for the release. When it completes (will have "Manual run by ..." next to it) click on the build number
![Build Completed](https://user-images.githubusercontent.com/3627351/59800229-41a27080-92a3-11e9-838c-9eaefa79b9a8.png)
* Click on Artifactory Release & Promotion again
* Fill out form for release
![Release form](https://user-images.githubusercontent.com/3627351/59800582-3bf95a80-92a4-11e9-9beb-040b74ff209a.png)
* Click `Update`. Wait for it to complete.
![Release Promotion completed](https://user-images.githubusercontent.com/3627351/59800350-a067ea00-92a3-11e9-98e5-00d5b5fcd064.png)
* Click on Artifactory Build Info
* Invoke the the scripts in scripts/release/ to release with necessary arguments. Get all the secrets from LastPass
```
$ ./scripts/release/push-to-spring-distributions.sh $BUILD_NUMBER_FROM_BAMBOO
$ ./scripts/release/sync-to-central.sh $RELEASE_VERSION $BINTRAY_API_KEY $SONATYPE_USER_TOKEN $SONATYPE_TOKEN_PWD
$ ./scripts/release/wait-for-done.sh $RELEASE_VERSION
```
You will get a notification when the release is done.
NOTE: wait-for-done only works if you have spd-say installed.