Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Separate signing of tar and zipballs #33

Merged
merged 3 commits into from
Sep 21, 2020
Merged

Separate signing of tar and zipballs #33

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
30477d4
separate gpg sign of zip and tarballs from actual release
nichtsfrei Sep 18, 2020
bb46006
fix incorrect PROJECT_DEV behaviour
nichtsfrei Sep 18, 2020
640d401
change RELEASE.md
nichtsfrei Sep 18, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,9 +10,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
- add handling of PROJECT_DEV_VERSION in CMakeLists.txt if set [#32](https://github.com/greenbone/pontos/pull/32)
### Changed
- set releasename to projectname version [#25](https://github.com/greenbone/pontos/pull/25)
- separate signing tar and zipballs from release into a own command `sign` [#33](https://github.com/greenbone/pontos/pull/33)
### Deprecated
### Removed
### Fixed
- project_dev handling was not working when there was a command after the set[#33](https://github.com/greenbone/pontos/pull/33)

[Unreleased]: https://github.com/greenbone/pontos/compare/v0.3.0...HEAD

Expand Down
131 changes: 57 additions & 74 deletions RELEASE.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,32 @@ first time.
[testpypi]
repository = https://test.pypi.org/legacy/
username = <username>
```

## Create a GitHub Token for uploading the release files

## Prepare testing the Release
This step is only necessary if the token has to be created for the first time or
if it has been lost.

* Fetch upstream changes and create release branch
* Open Github Settings at https://github.com/settings/tokens
* Create a new token
* Copy token and store it carefully
* Export token and GitHub user name in your current shell

```sh
export GITHUB_TOKEN=<token>
export GITHUB_NAME=<name>
```


## Prepare testing the to be released version

* Fetch upstream changes

```sh
git remote add upstream [email protected]:greenbone/pontos.git
git fetch upstream
git checkout -b create-new-release upstream/master
git rebase update/master
```

* Get the current version number
Expand All @@ -58,10 +76,10 @@ first time.
poetry run python -m pontos.version show
```

* Update the version number to some alpha version e.g.
* Update the version number to some dev version e.g.

```sh
poetry run python -m pontos.version update 2.2.3a1
poetry run python -m pontos.version update 20.8.2dev1
```

## Uploading to the PyPI Test Instance
Expand All @@ -79,22 +97,28 @@ first time.
twine upload -r testpypi dist/*
```

* Check if the package is available at <https://test.pypi.org/project/pontos>
* Check if the package is available at <https://test.pypi.org/project/pontos>.

## Testing the Uploaded Package

* Create a test directory
* Create a test directory:

```sh
mkdir pontos-install-test
cd pontos-install-test
python3 -m venv test-env
source ./test-env/bin/activate
source test-env/bin/activate
pip install -U pip # ensure the environment uses a recent version of pip
pip install --pre -I --extra-index-url https://test.pypi.org/simple/ pontos
python -c "from pontos.version import __version__; print(__version__)"
python -m pontos.version show
```

* Remove test environment
* Check install version with a Python script:

```sh
python3 -c "from gvm import __version__; print(__version__)"
```

* Remove test environment:

```sh
deactivate
Expand All @@ -104,97 +128,56 @@ first time.

## Prepare the Release

* Determine new release version number

If the output is something like `2.2.3.dev1` or `2.2.3a1`, the new version
should be `2.2.3`.

* Update to new version number (`<new-version>` must be replaced by the version
from the last step)
* Run pontos-release prepare

```sh
cd path/to/git/clone/of/pontos
poetry run python -m pontos.version update <new-version>
poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project pontos --space greenbone --git-signing-key <your-public-gpg-key> --git-remote-name upstream prepare
```

* Update the `CHANGELOG.md` file:
* Change `[unreleased]` to new release version.
* Add a release date.
* Update reference to Github diff.
* Remove empty sub sections like *Deprecated*.

* Create a git commit:
* Check git log and tag

```sh
git add .
git commit -m "Prepare release <version>"
```
git log -p

## Performing the Release on GitHub

* Create a pull request (PR) for the earlier commit:

```sh
git push origin
# is the changelog correct?
# does the version look right?
# does the tag point to the correct commit?
```
Open GitHub and create a PR against <https://github.com/greenbone/pontos>

* Update after PR is merged
* If something did go wrong delete the tag, revert the commits and remove the
temporary file for the release changelog

```sh
git fetch upstream
git rebase upstream/master master
```

* Create a git tag

```sh
git tag v<version>
git tag -d v<version>
git reset <last-commit-id-before-running-pontos-release> --hard
rm .release.txt.md
```

or even signed with your gpg key

```sh
git tag -s v<version>
```
## Create the Release

* Push tag to GitHub
* Run pontos-release release

```sh
git push --tags upstream
poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project pontos --space greenbone --git-signing-key <your-public-gpg-key> --git-remote-name upstream release
```

## Uploading to the 'real' PyPI

* Uploading to PyPI is done automatically by pushing a git tag via CircleCI

* Check if new version is available at <https://pypi.org/project/pontos>
* Check if new version is available at <https://pypi.org/project/pontos>.

## Bumping `master` Branch to the Next Version
## Check the Release

* Update to a Development Version
* Check the Github release:

The next version should contain an incremented minor version and a dev suffix
e.g. 2.3.0.dev1
See https://github.com/greenbone/pontos/releases

```sh
poetry run python -m pontos.version update <next-dev-version>
```
## Sign tar and zipball

* Create a commit
* May run pontos-release sign

```sh
git commit -m "Update version after <version> release"
```

* Push changes to GitHub

```sh
git push upstream
poetry run pontos-release --release-version <version> --next-release-version <dev-version> --project pontos --space greenbone sign
```

## Announcing the Release

* Create a Github release:

See https://help.github.com/articles/creating-releases/
Loading