Next step is to carry out a vote on the gene...@incubator.apache.org list.
This may seem like unnecessary bureaucracy; for which I apologize. The reason is that only a PMC (in this case the Incubator PMC, IPMC) may release code on behalf of the ASF. Practically speaking, the release will receive due diligence by experts in the IPMC. It’s likely that they will find problems, and if so, we may need another RC, and two votes, to resolve them. Please be patient, because this is the learning process. Riley, Glad to see that you have sent a RESULT email already. Please start a vote thread on general@, referencing the thread on dev@. Good luck! Can you also log cases for the issues I noted during the vote. The IPMC tends to be lenient for the first release, especially if the podling is learning and improving. Julian > On Dec 22, 2022, at 11:44, Riley Kuttruff <r...@apache.org> wrote: > > So the vote for rc2 passed. What are our next steps? Do I push the .tar.gz > and .asc files to https://dist.apache.org/repos/dist/incubator/sdap ? > >> On 2022/12/14 20:04:29 Riley Kuttruff wrote: >> I verified, built and tested the release tarballs in the same manner I did >> before and it passed just the same. >> >> I believe it's compliant with ASF policy but I'm not 100% sure so I'm >> holding off on the vote. >> - We added DISCLAIMER & README files to all release tarballs >> - I went through and checked MOST of the files for the ASF license headers >> and added them where needed though I may have missed something >> >>> On 2022/12/13 19:36:26 Nga Chung wrote: >>> HI all, >>> >>> I started a VOTE thread for 1.0.0rc2, but can someone else please volunteer >>> to take over as release manager because I will be away 12/16/22 - 1/16/23. >>> >>> I captured initial release instructions here >>> https://github.com/ngachung/incubator-sdap-nexus/blob/SDAP-414/docs/release.rst >>> >>> Thanks, >>> Nga >>> >>> >>>> On Wed, Dec 7, 2022 at 1:07 AM Julian Hyde <jh...@apache.org> wrote: >>> >>>> By the way, I wouldn't create a new RC for the vote. Just vote on the >>>> RC1 you already have. We know we'll need to iterate through a few RCs >>>> before we get a good one. >>>> >>>> On Wed, Dec 7, 2022 at 1:05 AM Julian Hyde <jh...@apache.org> wrote: >>>>> >>>>> Hey, that looks pretty good! In fact it looks a lot like an Apache >>>> release. >>>>> >>>>> A few things: >>>>> >>>>> 1. I saw you added dist/dev/incubator/sdap/KEYS; can you move that >>>>> file so that its path is dist/release/incubator/sdap/KEYS. Its main >>>>> purpose will be for people who download the release after it has been >>>>> released and want to verify the signatures. Putting it in 'release' >>>>> will ensure that it is automatically mirrored to >>>>> https://downloads.apache.org >>>>> >>>>> 2. I got the following output from gpg: >>>>> >>>>> gpg: Signature made Mon 05 Dec 2022 10:52:22 PM PST >>>>> gpg: using RSA key >>>> 1392A8A11801359247A803D8D2449E0EB5EF1E73 >>>>> gpg: Good signature from "Nga Chung (CODE SIGNING KEY) >>>>> <nch...@apache.org>" [unknown] >>>>> gpg: WARNING: This key is not certified with a trusted signature! >>>>> gpg: There is no indication that the signature belongs to the >>>> owner. >>>>> >>>>> This means that the artifacts are signed correctly, but you are not in >>>>> my web of trust. Soon after the release, we should have a key-signing >>>>> party (or you should get your key signed by a colleague who has a >>>>> well-connected key). >>>>> >>>>> 3. At first glance, the contents of the .tar.gz files look pretty >>>>> good. I haven't checked the headers etc. yet. There seems to be a >>>>> LICENSE.txt and NOTICE in each, which is good. You should also add a >>>>> DISCLAIMER and/or DISCLAIMER-WIP file (required by the incubation >>>>> process [1]). I also recommend adding a top-level README in each >>>>> .tar.gz that describes the purpose of the file, and how to build it >>>>> (for example see Calcite's README [2]) >>>>> >>>>> A good next step would be to start a vote. Craft an email with the >>>>> same general structure as Apache Hop (incubating) 0.99-rc2 [3] and >>>>> send it to dev@. Then PPMC members should vote on the release, each >>>>> describing the checks that they made. Then finish the vote with an >>>>> email with a [RESULT][VOTE] or [CANCEL][VOTE] subject line. (We know >>>>> the vote will fail, due to the missing DISCLAIMER file, but it's good >>>>> to practice the process, and with many people scrutinizing the release >>>>> we will find issues faster.) >>>>> >>>>> You'll also want to craft release notes (they don't have to be in the >>>>> release, but they should be somewhere accessible for people to read). >>>>> >>>>> And you should be writing that "how to" guide as you go along, if >>>>> you're not already. >>>>> >>>>> Julian >>>>> >>>>> [1] https://incubator.apache.org/policy/incubation.html#disclaimers >>>>> [2] https://github.com/apache/calcite/blob/main/README >>>>> [3] https://lists.apache.org/thread/ncnok4clt6k491zv6c3v4kk2fc41qsz2 >>>>> >>>>> On Mon, Dec 5, 2022 at 11:06 PM Nga Chung <ngatch...@gmail.com> wrote: >>>>>> >>>>>> Riley, thank you for adding all the missing ASF header and the NOTICE. >>>>>> >>>>>> Riley's changes have been merged and rc1 artifacts have been uploaded >>>> to >>>>>> >>>> https://dist.apache.org/repos/dist/dev/incubator/sdap/apache-sdap-1.0.0-rc1/ >>>>>> >>>>>> >>>>>> Has anyone had any success testing rc0? >>>>>> >>>>>> Julian, any suggestions on next steps? >>>>>> >>>>>> Thanks, >>>>>> Nga >>>>>> >>>>>> On Thu, Dec 1, 2022 at 1:03 PM Kuttruff, Riley K (US 398F-Affiliate) >>>>>> <riley.k.kuttr...@jpl.nasa.gov.invalid> wrote: >>>>>> >>>>>>> It appears some of the source files are missing the ASF header. I >>>> did a >>>>>>> check for all the Python files across the repositories and added >>>> them where >>>>>>> needed in a pair of PRs (nexus & ingester; nexusproto had no .py >>>> files >>>>>>> missing the header). >>>>>>> >>>>>>> I still have yet to check for any non-python source files. >>>>>>> >>>>>>> Riley >>>>>>> >>>>>>> On 11/30/22, 4:29 PM, "Nga Chung" <nch...@apache.org> wrote: >>>>>>> >>>>>>> Hi everyone, >>>>>>> >>>>>>> So this email thread probably needs renaming or we can start a >>>> new one >>>>>>> if >>>>>>> we're proceeding with a Version 1.0.0 release instead of >>>> 0.4.5a56. >>>>>>> >>>>>>> Anyways, with help from many folks we now have a release >>>> candidate >>>>>>> that can >>>>>>> be found here: >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/dev/incubator/sdap/apache-sdap-1.0.0-rc0/__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGjkf-Wmw$ >>>>>>> >>>>>>> >>>>>>> Instructions for building docker images from source can be found >>>> here: >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://incubator-sdap-nexus.readthedocs.io/en/latest/build.html__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGMdzQUnc$ >>>>>>> Instructions for deploying locally to test can be found here: >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://incubator-sdap-nexus.readthedocs.io/en/latest/quickstart.html__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtG-tQ0nvg$ >>>>>>> Associated docker images can be found here: >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://hub.docker.com/search?q=apache*2Fsdap__;JQ!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtG5KMpZEg$ >>>>>>> >>>>>>> Here's how I created rc0. I will get these instructions into >>>> github but >>>>>>> wanted to get all this out first for your review. >>>>>>> >>>>>>> git clone --branch release/1.0.0 >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://github.com/apache/incubator-sdap-nexusproto.git__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGbmDU9OM$ >>>>>>> >>>>>>> cd incubator-sdap-nexusproto*/* >>>>>>> >>>>>>> git ls-files > /tmp/manifest.txt >>>>>>> >>>>>>> tar cvfz apache-sdap-nexusproto-1.0.0-src.tar.gz -T >>>> /tmp/manifest.txt >>>>>>> >>>>>>> gpg --armor --output apache-sdap-nexusproto-1.0.0-src.tar.gz.asc >>>>>>> --detach-sig apache-sdap-nexusproto-1.0.0-src.tar.gz >>>>>>> >>>>>>> shasum -a 512 apache-sdap-nexusproto-1.0.0-src.tar.gz > >>>>>>> apache-sdap-nexusproto-1.0.0-src.tar.gz.sha512 >>>>>>> >>>>>>> >>>>>>> git clone --branch release/1.0.0 >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://github.com/apache/incubator-sdap-ingester.git__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGgkAuYFg$ >>>>>>> >>>>>>> cd incubator-sdap-ingester/ >>>>>>> >>>>>>> git ls-files > /tmp/manifest.txt >>>>>>> >>>>>>> tar cvfz apache-sdap-ingester-1.0.0-src.tar.gz -T >>>> /tmp/manifest.txt >>>>>>> >>>>>>> gpg --armor --output apache-sdap-ingester-1.0.0-src.tar.gz.asc >>>>>>> --detach-sig >>>>>>> apache-sdap-ingester-1.0.0-src.tar.gz >>>>>>> >>>>>>> shasum -a 512 apache-sdap-ingester-1.0.0-src.tar.gz > >>>>>>> apache-sdap-ingester-1.0.0-src.tar.gz.sha512 >>>>>>> >>>>>>> >>>>>>> git clone --branch release/1.0.0 >>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://github.com/apache/incubator-sdap-nexus.git__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtG19U3rPQ$ >>>>>>> >>>>>>> cd incubator-sdap-nexus/ >>>>>>> >>>>>>> git ls-files > /tmp/manifest.txt >>>>>>> >>>>>>> tar cvfz apache-sdap-nexus-1.0.0-src.tar.gz -T /tmp/manifest.txt >>>>>>> >>>>>>> gpg --armor --output apache-sdap-nexus-1.0.0-src.tar.gz.asc >>>>>>> --detach-sig >>>>>>> apache-sdap-nexus-1.0.0-src.tar.gz >>>>>>> >>>>>>> shasum -a 512 apache-sdap-nexus-1.0.0-src.tar.gz > >>>>>>> apache-sdap-nexus-1.0.0-src.tar.gz.sha512 >>>>>>> >>>>>>> svn co >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/dev/incubator/sdap__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtG8upBcY0$ >>>>>>> sdap >>>>>>> mkdir sdap/apache-sdap-1.0.0-rc0 >>>>>>> cp >>>> incubator-sdap-nexusproto/apache-sdap-nexusproto-1.0.0-src.tar.gz* >>>>>>> sdap/apache-sdap-1.0.0-rc0/. >>>>>>> cp incubator-sdap-ingester/apache-sdap-ingester-1.0.0-src.tar.gz* >>>>>>> sdap/apache-sdap-1.0.0-rc0/. >>>>>>> cp incubator-sdap-nexus/apache-sdap-nexus-1.0.0-src.tar.gz* >>>>>>> sdap/apache-sdap-1.0.0-rc0/. >>>>>>> >>>>>>> svn add apache-sdap-1.0.0-rc0 >>>>>>> >>>>>>> svn ci -m "Uploading release candidate Apache SDAP >>>>>>> apache-sdap-1.0.0-rc0 to >>>>>>> dev area" apache-sdap-1.0.0-rc0 >>>>>>> >>>>>>> >>>>>>> Thanks, >>>>>>> Nga >>>>>>> >>>>>>> On Wed, Nov 9, 2022 at 4:26 PM Julian Hyde < >>>> jhyde.apa...@gmail.com> >>>>>>> wrote: >>>>>>> >>>>>>>> hanks for volunteering to be release manager! >>>>>>>> >>>>>>>> The artifacts to be voted on will be in the following >>>> directory (or >>>>>>>> something very much like it): >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/dev/incubator/sdap/apache-sdap-0.4.5a56-rc0/__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGsl1T6OQ$ >>>>>>>> >>>>>>>> with >>>>>>>> * “dev” being the place for candidate releases (to be replaced >>>> by >>>>>>> “release” >>>>>>>> when the release is final) >>>>>>>> * “sdap” being the project name (prefixed with “incubator/“ >>>> while >>>>>>> sdap is >>>>>>>> incubating) >>>>>>>> * “apache-sdap” being the component >>>>>>>> * “0.4.5a56” being the version >>>>>>>> * “rc0” being the release candidate label >>>>>>>> >>>>>>>> On release, you will copy the artifacts to >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/release/incubator/sdap/apache-sdap-0.4.5a56/__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGQnZZiUU$ >>>>>>>> >>>>>>>> Note that ‘dev’ became ‘release’ and the ‘rc0’ label was >>>> removed. >>>>>>> And by >>>>>>>> the time you release, you'll also need a KEYS file similar to >>>> the >>>>>>> one in >>>>>>>> the bRPC project: >>>>>>>> >>>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/release/incubator/brpc/KEYS__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtG858uAsg$ >>>>>>>> >>>>>>>> Browse >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/dev/__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGJkaorxg$ >>>>>>> and you’ll see that all >>>>>>>> projects use this directory structure. >>>>>>>> >>>>>>>> Let’s look at the artifacts that were in Calcite’s last >>>> release. In >>>>>>> the >>>>>>>> directory >>>>>>>> >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/dev/calcite/apache-calcite-1.31.0-rc2/__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGkK8Q9VQ$ >>>>>>>> sh >>>>>>>> you’ll see the following files: >>>>>>>> >>>>>>>> * apache-calcite-1.31.0-src.tar.gz # source tar ball >>>>>>>> * apache-calcite-1.31.0-src.tar.gz.asc # armored signature >>>>>>> generated by >>>>>>>> PGP >>>>>>>> * apache-calcite-1.31.0-src.tar.gz.sha512 # SHA512 checksum >>>> of the >>>>>>>> src.tar.gz file >>>>>>>> >>>>>>>> SDAP will need equivalent files. >>>>>>>> >>>>>>>> Now, how to write to dist.apache.org? That web server is a >>>> view >>>>>>> onto an >>>>>>>> ASF >>>>>>>> source code repository managed by the Subversion source control >>>>>>> system. ASF >>>>>>>> uses it for content management of releases. >>>>>>>> >>>>>>>> First, install subversion. "sudo apt-get install subversion” or >>>>>>> similar. >>>>>>>> >>>>>>>> Then checkout the tree: >>>>>>>> >>>>>>>> svn co >>>>>>> >>>> https://urldefense.us/v3/__https://dist.apache.org/repos/dist/dev/incubator/sdap/trunk__;!!PvBDto6Hs4WbVuu7!aY2tIy4CD6wRO7JlwQ9_XSOpDkqvhu8QMq2ROLe907bKV-UqYPygNoR8NjtGTWMmcJY$ >>>>>>> sdap >>>>>>>> cd sdap >>>>>>>> mkdir apache-sdap-0.4.5a56-rc0 >>>>>>>> >>>>>>>> Create some files, then check them in: >>>>>>>> >>>>>>>> svn add apache-sdap-0.4.5a56-rc0 >>>>>>>> svn ci -m’Uploading release candidate Apache SDAP >>>>>>> sdap-0.4.5a56-rc0 to >>>>>>>> dev area’ apache-sdap-0.4.5a56-rc0 >>>>>>>> >>>>>>>> These instructions are from memory, so there might be a few >>>> mistakes. >>>>>>>> Hopefully you get the general idea. Do some Google searches and >>>>>>> you’ll >>>>>>>> probably find the release instructions used by other projects. >>>>>>>> >>>>>>>> You'll need to log into subversion using your ASF username and >>>>>>> password, >>>>>>>> but I don’t remember the details. >>>>>>>> >>>>>>>> Be sure to write a ‘how to’ so that the next release manager >>>> can >>>>>>> follow >>>>>>>> your steps, and add it to the source code when you’re done. And >>>>>>> maybe one >>>>>>>> or two shell scripts. >>>>>>>> >>>>>>>> I also recommend that you create a bug with the title ‘Release >>>> SDAP >>>>>>>> 0.4.5a56’. It will be a useful place to have discussions, link >>>> to >>>>>>> other >>>>>>>> bugs, release notes, etc. >>>>>>>> >>>>>>>> Julian >>>>>>>> >>>>>>>> >>>>>>>> On Nov 9, 2022, at 3:32 PM, Nga Chung <nch...@apache.org> >>>> wrote: >>>>>>>> >>>>>>>> I'm going to be the release manager for this first release. >>>> Where >>>>>>> exactly >>>>>>>> do we upload the 3 .tar.gz (1 per repository) to? >>>>>>>> >>>>>>>> Thanks, >>>>>>>> Nga >>>>>>>> >>>>>>>> On Thu, Nov 3, 2022 at 5:12 PM Julian Hyde <jh...@apache.org> >>>> wrote: >>>>>>>> >>>>>>>> Regarding testing. I recommend that the release manager >>>> creates a >>>>>>>> recipe ("HOWTO") for the steps to create a release. One of >>>> those >>>>>>> steps >>>>>>>> is a manual smoke test (e.g. am I able to start the server and >>>> do x, >>>>>>>> y, and z simple operations). >>>>>>>> >>>>>>>> Other people voting on the release can do their own smoke >>>> tests. >>>>>>>> >>>>>>>> But do bear in mind that if there are bugs, this does not >>>> prevent a >>>>>>>> release. Clearly you don't want show-stopper bugs like code >>>> that >>>>>>>> doesn't compile. >>>>>>>> >>>>>>>> Julian >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Nov 2, 2022 at 3:47 PM Perez, Stepheny K (US 398F) >>>>>>>> <stepheny.k.pe...@jpl.nasa.gov.invalid> wrote: >>>>>>>> >>>>>>>> >>>>>>>> Hi everyone, >>>>>>>> >>>>>>>> I’d like to start the conversation regarding our first official >>>>>>> Apache >>>>>>>> >>>>>>>> release. From what I can tell, these are the major items that >>>> need >>>>>>> to be >>>>>>>> completed before we can move forward: >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> 1. Identify a release manager. Any volunteers? >>>>>>>> >>>>>>>> 2. Create release tarball >>>>>>>> >>>>>>>> 3. Write release notes >>>>>>>> >>>>>>>> 4. Write installation instructions from source (Riley >>>> Kuttruff >>>>>>> has >>>>>>>> >>>>>>>> started this work) >>>>>>>> >>>>>>>> >>>>>>>> 5. Push docker images to Dockerhub (and update >>>> quickstart with >>>>>>>> >>>>>>>> these versions) >>>>>>>> >>>>>>>> >>>>>>>> Another important task before moving forward would be testing >>>> the >>>>>>> latest >>>>>>>> >>>>>>>> SDAP analysis image 0.4.5a56. I have personally used this >>>> version >>>>>>> without >>>>>>>> any issues. Has anyone else upgraded to this latest alpha >>>> version? >>>>>>>> >>>>>>>> >>>>>>>> Thank you! >>>>>>>> Stepheny >>>>>>>> >>>>>>> >>>>>>> >>>> >>> >>
