This is an automated email from the ASF dual-hosted git repository. asorokoumov pushed a commit to branch release-process in repository https://gitbox.apache.org/repos/asf/otava.git
commit a485d588fb8292c25f8ccca667c4af3963f2dca2 Author: Alex Sorokoumov <[email protected]> AuthorDate: Fri Dec 12 21:39:53 2025 -0800 Describe release process --- docs/RELEASE.md | 426 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 426 insertions(+) diff --git a/docs/RELEASE.md b/docs/RELEASE.md new file mode 100644 index 0000000..ad34714 --- /dev/null +++ b/docs/RELEASE.md @@ -0,0 +1,426 @@ +# Creating Apache Otava Release + +> [!TIP] +> This document is based on the release guide of [Apache Flink project](https://cwiki.apache.org/confluence/display/FLINK/Creating+a+Flink+Release). + +## Introduction + +The Otava community treats releases with great importance. They are a public face of the project and most users interact with the project only through the releases. Releases are signed off by the entire Otava community in a public vote. +Each release is executed by a Release Manager, who is selected/proposed by the Otava PMC members. This document describes the process that the Release Manager follows to perform a release. Any changes to this process should be discussed and adopted on the [[email protected]]([email protected]) mailing list. + +Please remember that publishing software has legal consequences. This guide complements the foundation-wide [Product Release Policy](https://www.apache.org/dev/release.html) and [Release Distribution Policy](https://www.apache.org/dev/release-distribution). + +## Overview + +### What is in Apache Otava Release + +Apache Otava release consists of: +* ASF source zips archived on [dist.apache.org](dist.apache.org). +* PyPi wheels published to [pypi.org](https://pypi.org/project/apache-otava/). +* Docker images published to [Dockerhub](https://hub.docker.com/r/apache/otava). +* Release tag on [GitHub](https://github.com/apache/otava/releases). + +### Phases of the release + +The release process consists of several steps: +1. Decide to release +2. Prepare for the release +3. Build a release candidate +4. Vote on the release candidate +5. If necessary, fix any issues and go back to step 3. +6. Finalize the release +7. Promote the release + +## Decide to release + +Deciding to release and selecting a Release Manager is the first step of the release process. This is a consensus-based decision of the entire community. +Anybody can propose a release on the dev@ mailing list, giving a solid argument and nominating a committer as the Release Manager (including themselves). There’s no formal process, no vote requirements, and no timing requirements. Any objections should be resolved by consensus before starting the release. +In general, the community prefers to have a rotating set of 3-5 Release Managers. Keeping a small core set of managers allows enough people to build expertise in this area and improve processes over time, without Release Managers needing to re-learn the processes for each release. That said, if you are a committer interested in serving the community in this way, please reach out to the community on the dev@ mailing list. + +#### Checklist to proceed to the next step + +1. Community agrees to release +2. Community selects a Release Manager + +## One-time configuration + +Before your first release, you should perform one-time configuration steps. This will set up your security keys for signing the release and access to various release repositories. + +### GPG Key + +You need to have a GPG key to sign the release artifacts. Please be aware of the ASF-wide [release signing guidelines](https://www.apache.org/dev/release-signing.html). If you don’t have a GPG key associated with your Apache account, please create one according to the guidelines. +Determine your Apache GPG Key and Key ID, as follows: + +```bash +gpg --list-keys +``` + +This will list your GPG keys. One of these should reflect your Apache account, for example: + +```bash +-------------------------------------------------- +pub 2048R/845E6689 2016-02-23 +uid Nomen Nescio <[email protected]> +sub 2048R/BA4D50BE 2016-02-23 +``` + +Here, the key ID is the 8-digit hex string in the pub line: 845E6689. +Now, add your Apache GPG key to the Otava’s KEYS file in the [release](https://dist.apache.org/repos/dist/release/incubator/otava/KEYS) repository at [dist.apache.org](https://dist.apache.org/repos/dist/). Follow the instructions listed at the top of these files. (Note: Only PMC members have write access to the release repository. If you end up getting 403 errors ask on the mailing list for assistance.) PMC member can refer following scripts to add your Apache GPG key to the KEYS in the [...] + +```bash +svn co https://dist.apache.org/repos/dist/release/incubator/otava otava-dist-release-repo +cd otava-dist-release-repo +(gpg --list-sigs <YOUR_KEY_ID> && gpg --armor --export <YOUR_KEY_ID>) >> KEYS +svn ci -m "[otava] Add <YOUR_NAME>'s public key" +``` + +Configure git to use this key when signing code by giving it your key ID, as follows: + +```bash +git config --global user.signingkey 845E6689 +``` + +You may drop the`--global` option if you’d prefer to use this key for the current repository only. +You may wish to start `gpg-agent` to unlock your GPG key only once using your passphrase. Otherwise, you may need to enter this passphrase hundreds of times. The setup for gpg-agent varies based on operating system, but may be something like this: + +``` +eval $(gpg-agent --daemon --no-grab --write-env-file $HOME/.gpg-agent-info) +export GPG_TTY=$(tty) +export GPG_AGENT_INFO +``` + +### PyPI + +Create both [PyPI](https://pypi.org/) and [TestPypI](https://test.pypi.org) accounts. Then, ask PMC members to get added to [Otava](https://pypi.org/org/apache-otava/) organization on both platforms. + +Install `twine` if you don't have it already: + +```bash +$ pip install twine +``` + +### Dockerhub + +Make sure you have a Dockerhub account. +Create ASF INFRA issue to add your Dockerhub account to `apache` organization, `otava` team. + +### Checklist to proceed to the next step + +1. Release Manager’s GPG key is published to dist.apache.org +2. Release Manager’s GPG key is configured in git configuration +3. Release Manager's GPG key is configured as the default gpg key. +4. Release Manager's PyPI and TestPyPI accounts are created and have access to `apache-otava` organizations on both platforms. +5. Release Manager's Dockerhub account is created and has write access to `apache/otava` repository. + + +## Build a release candidate + +### Set up ENV variables for convenience + +```bash +export RELEASE_VERSION=... +export RELEASE_CANDIDATE=rc... +``` + +For example, + +```bash +export RELEASE_VERSION=0.7.0 +export RELEASE_CANDIDATE=rc1 +``` + +### Create new Github tag + +```bash +git tag -a $RELEASE_VERSION-incubating-$RELEASE_CANDIDATE -m "$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE" +git push origin $RELEASE_VERSION-incubating-$RELEASE_CANDIDATE +``` + +### Download sources from Github + +```bash +mkdir -p release +wget -O release/apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz https://github.com/apache/otava/archive/refs/tags/$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE.tar.gz +``` + +### Build PyPI artifacts + +```bash +uv build --no-create-gitignore +mv dist release/pypi +``` + +### Create and verify signatures + +Sign and verify signatures for source release candidate: + +```bash +cd release +gpg --armor --output apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz.asc --detach-sig apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz +gpg --verify apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz.asc apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz +``` + +Sign and verify signatures for PyPI artifacts: + +```bash +cd pypi +gpg --armor --output apache_otava-$RELEASE_VERSION-py3-none-any.whl.asc --detach-sig apache_otava-$RELEASE_VERSION-py3-none-any.whl +gpg --armor --output apache_otava-$RELEASE_VERSION.tar.gz.asc --detach-sig apache_otava-$RELEASE_VERSION.tar.gz + +gpg --verify apache_otava-$RELEASE_VERSION-py3-none-any.whl.asc apache_otava-$RELEASE_VERSION-py3-none-any.whl +gpg --verify apache_otava-$RELEASE_VERSION.tar.gz.asc apache_otava-$RELEASE_VERSION.tar.gz +``` + +### Create and verify checksums + +Create and verify checksum for source release candidate: + +```bash +cd release +sha512sum apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz > apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz.sha512 + +sha512sum --check apache-otava-$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE-src.tar.gz.sha512 +``` + +Create and verify checksums for PyPI artifacts: + +```bash +cd pypi +sha512sum apache_otava-$RELEASE_VERSION-py3-none-any.whl > apache_otava-$RELEASE_VERSION-py3-none-any.whl.sha512 +sha512sum apache_otava-$RELEASE_VERSION.tar.gz > apache_otava-$RELEASE_VERSION.tar.gz.sha512 + +sha512sum --check apache_otava-$RELEASE_VERSION.tar.gz.sha512 +sha512sum --check apache_otava-$RELEASE_VERSION-py3-none-any.whl.sha512 +``` + +### Publish Release Candidate + +```bash +cp -r release ../otava otava-dist-release-repo/$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE +cd ../otava otava-dist-release-repo +svn add $RELEASE_VERSION-incubating-$RELEASE_CANDIDATE/ +svn ci -m "[otava] Add $RELEASE_VERSION-incubating-$RELEASE_CANDIDATE" +``` + +### Start a vote on a project mailing list + +Mailing list: [[email protected]]([email protected]) +Subject: `[VOTE] Release Apache Otava (incucating) $RELEASE_VERSION-$RELEASE_CANDIDATE` +Here is a sample text: + +``` +Hello everyone, + +Please review and vote for the releasing Apache Otava (incubating) $RELEASE_VERSION-$RELEASE_CANDIDATE. + +Changelog for this release candidate <>. +The official Apache source release has been deployed to https://dist.apache.org/repos/dist/dev/incubator/otava/$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE/. +GH tag for release https://github.com/apache/otava/releases/tag/$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE. +The release has been signed with a key <your-signature> available here https://downloads.apache.org/incubator/otava/KEYS. + +Please download, verify, and test. + +Please vote on releasing this candidate by replying with: +[ ] +1 Release this package +[ ] 0 No opinion +[ ] -1 Do not release (please provide reason) + +To learn more about Apache Otava, please see https://otava.apache.org. + +This vote will be open for at least 72 hours. + +Checklist for reference: +[ ] Download links are valid. +[ ] Checksums and signatures. +[ ] LICENSE/NOTICE files exist. +[ ] No unexpected binary files. +[ ] All source files have ASF headers. +[ ] Can install from source. +[ ] Can run examples using all supported Python versions. +``` + +### In case project or Incubator vote fails... + +1.Create a result thread on the project dev mailing list - [email protected]. + +Subject: `[RESULT][VOTE] Release Apache Otava (incubating) $RELEASE_VERSION-$RELEASE_CANDIDATE` +Sample text: + +``` +Hey everyone, + +The vote to release Apache Otava $RELEASE_VERSION-incubating-$RELEASE_CANDIDAT has failed with X -1 binding votes. + +Vote thread: <link-to-vote-thread-archive>. + +``` + +2. Fix the issue. +3. Increment `RELEASE_CANDIDATE` env variable. +4. Repeat the steps above. + +### After project vote succeeds + +#### Create a result thread on the mailing list. + +Mailing list: [email protected]. +Subject: `[RESULT][VOTE] Release Apache Otava (incubating) $RELEASE_VERSION-$RELEASE_CANDIDATE` +Sample text: + +``` +Hey everyone, + +The vote to release Apache Otava (incubating) $RELEASE_VERSION-$RELEASE_CANDIDATE has passed with X +1 binding votes, Y +1 non-binding votes and 0 -1 votes. +Vote thread: <link-to-vote-thread-archive>. +``` + +#### Create Incubator vote thread + +Mailing list: [[email protected]]([email protected]) +Subject: `[VOTE] Release Apache Otava (incucating) $RELEASE_VERSION-$RELEASE_CANDIDATE` + +Sample text: +``` +Hello, + +This is a call for a vote to release Apache Otava (incubating) $RELEASE_VERSION-$RELEASE_CANDIDATE. + +The vote thread: <link-to-the-project-vote-thread> +Vote result: <link-to-the-project-vote-result-thread> +Release candidate: https://dist.apache.org/repos/dist/dev/incubator/otava/$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE/ +GH tag for release https://github.com/apache/otava/releases/tag/$RELEASE_VERSION-incubating-$RELEASE_CANDIDATE. + +The release has been signed with Key <your-signature>, corresponding to <your-apache-email> available here https://downloads.apache.org/incubator/otava/KEYS. + +This vote will be open for at least 72 hours. + +Checklist for reference: + +[ ] Download links are valid. +[ ] Checksums and signatures. +[ ] LICENSE/NOTICE files exist +[ ] No unexpected binary files +[ ] All source files have ASF headers +[ ] Can install from source +[ ] Can run examples using all supported Python versions + +To learn more about Apache Otava, please see https://otava.apache.org. +``` + +### Create Incubator vote result thread + +Proceed only after Incubator vote succeeds. If the vote failed, see section `In case project or Incubator vote fails` above. + +Mailing list: [[email protected]]([email protected]) +Subject: `[RESULT][VOTE] Release Apache Otava (incucating) $RELEASE_VERSION-$RELEASE_CANDIDATE` +Sample text: + +``` +Hello everyone, + +The vote to release Apache Otava (incubating) $RELEASE_VERSION-$RELEASE_CANDIDATE has passed with X +1 +binding and Y +1 non-binding votes, no -1 votes. + +Binding +1 votes: +- ... +- ... + +Non-Binding +1 votes: +- ... + +Vote thread: <link-to-vote-thread> + +We will proceed with publishing the approved artifacts and sending out the +announcement soon. +``` + +### Publish Source Release + +In `otava-dist-release-repo`: + +```bash +cp -r $RELEASE_VERSION-incubating-$RELEASE_CANDIDATE $RELEASE_VERSION-incubating +svn add $RELEASE_VERSION-incubating +svn ci -m "[otava] Add 0.7.0-incubating" +``` + +### Publish release tag on Github + +```bash +git checkout $RELEASE_VERSION-incubating-$RELEASE_CANDIDATE +git tag -a $RELEASE_VERSION-incubating -m "$RELEASE_VERSION-incubating" +git push origin $RELEASE_VERSION-incubating +``` + +### Publish PyPi artifacts + +In svn release directory: + +```bash +# Go to release pypi directory +cd $RELEASE_VERSION-incubating + +# Publish to Test PyPI +twine upload --verbose --repository testpypi apache_otava-$RELEASE_VERSION-py3-none-any.whl apache_otava-$RELEASE_VERSION.tar.gz +# verify that test PyPI page looks good, then publish to real PyPi +twine upload --verbose apache_otava-0.7.0-py3-none-any.whl apache_otava-0.7.0.tar.gz +``` + +### Publish Docker Image + +Build the image: + +```bash +uv run tox -e docker-build +``` + +Tag the image: + +```bash +docker tag apache/otava:latest apache/otava:$RELEASE_VERSION-incubating +``` + +Push the image to Dockerhub: + +```bash +docker push apache/otava:$RELEASE_VERSION-incubating +``` + +### Write announcement email to project incubator mailing lists + +Mailing lists: +- [[email protected]]([email protected]) +- [[email protected]]([email protected]) + +Subject: `[ANNOUNCE] Apache Otava (incubating) version $RELEASE_VERSION released` + +Sample text: + +``` +Apache Otava (incubating) version $RELEASE_VERSION has been released. + +Apache Otava is a command-line tool that detects and alerts about statistically significant changes in performance test results (more generally, time-series data) stored in CSV files or a number of supported databases. + +A typical use-case of Otava is as follows: +1. A set of performance tests is scheduled repeatedly, such as after each commit is pushed. +2. The resulting metrics of the test runs are stored in a time series database (Graphite) or appended to CSV files. +3. Otava is launched by a Jenkins/Cron job (or an operator) to analyze the recorded metrics regularly. +4. Otava notifies about significant changes in recorded metrics by outputting text reports or sending Slack notifications. +5. Otava is capable of finding even small, but persistent shifts in metric values, despite noise in data. It adapts automatically to the level of noise in data and tries to notify only about persistent, statistically significant changes, be it in the system under test or in the environment. + +Highlights of $RELEASE_VERSION release are: + +$RELEASE_VERSION is available as: +- Source release https://dist.apache.org/repos/dist/dev/incubator/otava/$RELEASE_VERSION-incubating/ +- Github release https://github.com/apache/otava/releases/tag/$RELEASE_VERSION-incubating +- PyPI https://pypi.org/project/apache-otava/ +- Docker image https://hub.docker.com/r/apache/otava + +Otava resources: +- Website: https://otava.apache.org/ +- Issues: https://github.com/apache/otava/issues +- Mailing list: [email protected] + +<Your name> +On behalf of Apache Otava (incubating) Team +```
