membphis opened a new issue #14: doc: how to release a new version for PPMC URL: https://github.com/apache/incubator-apisix-website/issues/14 # 主要步骤: 1. 生成 gpg key 2. 将公钥同步到服务器 3. 登录 id.apache.org 填写 key fingerprint 4. Apache svn 中添加自己的 gpg 公钥 5. 制作安装包并上传到 Apache svn 6. 发投票邮件 # 生成 gpg key 必须使用 apache 官方邮箱账号生成的 gpg key。 ## 安装GPG 在 [GnuPG](https://www.gnupg.org/download/index.html) 官网下载安装包。 GnuPG 的 1.x 版本和 2.x 版本的命令有细微差别,下列说明以 `GnuPG-2.1.23` 版本为例。 安装完成后,执行以下命令查看版本号。 ```shell gpg --version ``` ## 创建 key 安装完成后,执行以下命令创建 `key`。 `GnuPG-2.x` 可使用: ```shell gpg --full-gen-key ``` `GnuPG-1.x` 可使用: ```shell gpg --gen-key ``` 根据提示完成 `key`: **注意:请使用 Apache mail 生成 GPG 的 Key。** ```shell gpg (GnuPG) 2.0.12; Copyright (C) 2009 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) 4096 Requested keysize is 4096 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: ${输入用户名} Email address: ${输入邮件地址} Comment: ${输入注释} You selected this USER-ID: "${输入的用户名} (${输入的注释}) <${输入的邮件地址}>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O You need a Passphrase to protect your secret key. # 输入密码 ``` ## 查看生成的key ```shell # gpg --list-keys pub 4096R/30B5FD72 2020-01-02 uid ${用户名} (${注释}) <{邮件地址}> sub 4096R/3D2F913D 2020-01-02 ``` 比如笔者本地获取的信息: ```shell $ gpg --list-keys /home/resty/.gnupg/pubring.gpg ------------------------------ pub 4096R/30B5FD72 2020-01-02 uid Yuansheng Wang <membp...@apache.org> sub 4096R/3D2F913D 2020-01-02 ``` 其中 30B5FD72 为公钥 ID。 # 将公钥同步到服务器 ```shell # 最后参数是上面生成的公钥 ID。 $ gpg --keyserver hkp://pool.sks-keyservers.net --send-key 30B5FD72 gpg: sending key 30B5FD72 to hkp server pool.sks-keyservers.net ``` `pool.sks-keyservers.net` 为随意挑选的[公钥服务器](https://sks-keyservers.net/status/),每个服务器之间是自动同步的,选任意一个即可。 # id.apache.org 中录入 key fingerprint ## 获取 key fingerprint ```shell # 注意下方 Key fingerprint 部分 $ gpg --list-keys --fingerprint /home/resty/.gnupg/pubring.gpg ------------------------------ pub 4096R/30B5FD72 2020-01-02 Key fingerprint = 0F91 BE0A 55A7 B22F DE1A CEEC 3352 48FD 30B5 FD72 uid Yuansheng Wang <membp...@apache.org> sub 4096R/3D2F913D 2020-01-02 ``` # 登录 id.apache.org 填写 key fingerprint  点击左下角的 `Submit changes...` 按钮提交保存。 # Apache svn 中添加自己的 gpg 公钥 下载 svn 目录 ``` $ svn --username=${Apache 用户名} co https://dist.apache.org/repos/dist/dev/incubator/apisix ``` 进入 apisix 目录并查看其中文件: ``` $ cd apisix $ ls KEYS ``` 导出公钥到追加到 KEYS 文件: ```shell $ gpg -a --export ${GPG用户名} >> KEYS ``` 提交修改后的 KEYS 文件,把公钥信息保存到 svn 服务器: ```shell $ svn --username=${Apache 用户名} commit -m "added ${Apache 邮箱} gpg pub key" Authentication realm: <https://dist.apache.org:443> ASF Committers Password for 'membphis': # 输入密码 Store password unencrypted (yes/no)? yes Sending KEYS Transmitting file data . Committed revision 37434. ``` # 制作安装包并上传到 Apache svn 每个安装包都有版本,这里以准备 `1.0-rc1` 版本为例。 在制作安装包之前,先确保在 github 上已经准备好分支 `v1.0`。 ```shell # 进入 Apache svn 的 apisix 目录,应只有一个 KEYS 文件 $ ls KEYS # 新建版本号目录并进入,比如:1.0-rc1 $ mkdir 1.0-rc1 && cd 1.0-rc1 # 下载安装包 git clone -b v1.0 g...@github.com:apache/incubator-apisix.git apache-apisix-1.0-rc1-incubating # 删除 .git 文件夹 $ rm -rf apache-apisix-1.0-rc1-incubating/.git # 制作压缩包 $ tar zcvf apache-apisix-1.0-rc1-incubating-src.tar.gz apache-apisix-1.0-rc1-incubating # 制作签名(这步会弹出对话框,提示你输入生成 gpg 时录入的密码) $ gpg --armor --detach-sign apache-apisix-1.0-rc1-incubating-src.tar.gz # 生成 sha512 校验文件 $ shasum -a512 apache-apisix-1.0-rc1-incubating-src.tar.gz > apache-apisix-1.0-rc1-incubating-src.tar.gz.sha512 # 删除 apache-apisix-1.0-rc1-incubating $ rm -rf apache-apisix-1.0-rc1-incubating # 后退到 Apache svn 的 apisix 根目录,并确认文件目录 $ cd .. && tree . ├── 1.0-rc1 │ ├── apache-apisix-1.0-rc1-incubating-src.tar.gz │ ├── apache-apisix-1.0-rc1-incubating-src.tar.gz.asc │ └── apache-apisix-1.0-rc1-incubating-src.tar.gz.sha512 └── KEYS 1 directory, 4 files # 添加新文件到 svn $ svn add * A 1.0-rc1 A (bin) 1.0-rc1/apache-apisix-1.0-rc1-incubating-src.tar.gz.asc A (bin) 1.0-rc1/apache-apisix-1.0-rc1-incubating-src.tar.gz A 1.0-rc1/apache-apisix-1.0-rc1-incubating-src.tar.gz.sha512 svn: warning: W150002: '/home/resty/git/apache_svn/apisix/KEYS' is already under version control svn: E200009: Could not add all targets because some targets are already versioned svn: E200009: Illegal target for the requested operation # 提交修改到 Apache svn 服务器 $ svn --username=${Apache 用户名} commit -m "release 1.0-rc1" Adding 1.0-rc1 Adding (bin) 1.0-rc1/apache-apisix-1.0-rc1-incubating-src.tar.gz Adding (bin) 1.0-rc1/apache-apisix-1.0-rc1-incubating-src.tar.gz.asc Adding 1.0-rc1/apache-apisix-1.0-rc1-incubating-src.tar.gz.sha512 Transmitting file data ... Committed revision 37435. ``` # 发投票邮件 参考邮件: https://lists.apache.org/thread.html/4d45dcbeecd0bb70f8010db3d075a5624817a5783beee66f392ae5e0%40%3Cdev.apisix.apache.org%3E 主要参考内容:邮件发送人(apache 邮箱)、邮件标题、邮件正文(主要是修改版本号和链接地址)。
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
