-
Notifications
You must be signed in to change notification settings - Fork 452
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x.py: support source packaging #729
Conversation
f.write(version) | ||
|
||
# 1. Git commit and tag | ||
git = find_command('git', msg='git is required for source packaging') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We don't push anything to remote here. The release manager should manually git push --tags
to push the tag.
In my opinion the workflow should be:
- Checkout a staging branch - if we do lightweight release, it's possible to run on
unstable
branch. - Run
./x.py package source
to get the source tarball,.asc
sign file,.sha512
checksum file. - Copy those files to SVN (https://dist.apache.org/repos/dist/dev/incubator/kvrocks).
- Manually push tags (maybe we can have a
-rcN
tailer, but I don't make it too complex now. - Calling a vote.
|
||
# 3. GPG Sign | ||
gpg = find_command('gpg', msg='gpg is required for source packaging') | ||
run([gpg, '--detach-sign', '--armor', tarball], stdout=subprocess.PIPE) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FYI - You can verify signature by gpg --verify ${tarball}.asc ${tarball}
.
sha512sum = find_command('sha512sum', msg='sha512sum is required for source packaging') | ||
output = run([sha512sum, tarball], stdout=subprocess.PIPE) | ||
payload = output.read().decode().strip() | ||
with open(f'{tarball}.sha512', 'w+') as f: | ||
f.write(payload) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FYI - You can verify checksum by sha512sum -c ${tarball}.sha512
.
Signed-off-by: tison <wander4096@gmail.com>
71b0c9c
to
9d13b84
Compare
Thanks @tisonkun |
Thanks for your reviews. Merging... |
Try out with:
./x.py package source -v 2.1.0
in a staging branch.