This document is intended to be kept up to date by the DSpace Release Managers. It details the steps necessary to perform snapshot and official releases of DSpace and supporting Modules.
For lack of a better place at this time, here's some useful pages on Sonatype (THESE LINKS SHOULD PROBABLY EVENTUALLY BE MOVED TO THE APPROPRIATE LOCATION IN OUR INSTRUCTIONS BELOW): |
To perform a release, you must have all of the following:
Here's notes from Mark Diggory on how to give someone else access to the OSUOSL server (projects.dspace.org):
~/.ssh/authorizedkeys
(make sure permissions are correct on file)maven:x:4002:peterdietz,esm,mdiggory,tdonohue,ben,kim,apache |
umask 002
is in the users ~/.bash_profile
so maven permissions are written correctly.DSpace's root pom.xml already has the correct staging and snapshot repositories listed in the OSS parents distributionManagement section. In order to deploy, you will need to add your Sonatype OSS username and password to your local ~/.m2/settings.xml
file:
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> <servers> <!--Login info for Sonatype SnapShot repository--> <server> <id>sonatype-nexus-snapshots</id> <username>YourSonatypeUsername</username> <password>YourSonatypePassword</password> </server> <!--Login info for Sonatype Staging/Release repository--> <server> <id>sonatype-nexus-staging</id> <username>YourSonatypeUsername</username> <password>YourSonatypePassword</password> </server> <!--Login info for DSpace Projects (projects.dspace.org) website @OSUOSL--> <server> <id>website</id> <username>YourOSUOSLUserName</username> <privateKey>[Full-path-to]\.ssh\id_rsa</privateKey> <passphrase>YourKeyPassphrase (if necessary)</passphrase> </server> </servers> </settings> |
If you don't yet have a ~/.m2/settings.xml
file, you should create one, and copy the full contents above (obviously make sure to put in your username and password).
Make sure you're using a recent version of Maven. As of this writing, the latest was 2.2.1, and it worked fine. In particular, avoid version 2.2.0: it has a serious bug that affects deployments: MNG-4235. Maven 2.1.0 also is problematic, as it produces improper GPG signatures.
For more information see the Pre-Requisities section of theSonatype Maven Repository Usage Guide
From a clean, up-to-date copy of trunk, run the following command:
mvn clean javadoc:jar source:jar deploy
You will have to enter in your GPG passphrase (which you established when you created your Code Signing Key).
The snapshot will be immediately available in the public Sonatype repository: http://oss.sonatype.org/content/groups/public
These same steps are also covered in the Sonatype Maven Repository Usage Guide |
This step is not required, but performs a useful sanity check without committing any changes. From a clean, up-to-date copy of trunk, run the following command:
mvn release:prepare -DdryRun=true
You will have to enter in your GPG passphrase (which you established when you created your Code Signing Key).
This step will set the version declared in the project's pom.xml files, commit the changes to trunk, tag the release, and finally, check in another trunk change that increments the next development version (e.g. x.y-SNAPSHOT) in the pom.xml files.
mvn release:prepare -Dresume=false
(Optionally, you may also include the parameters -Dusername=YourSVNUsername -Dpassword=YourSVNPassword
, though I've not found these to be necessary)
You will have to enter in your GPG passphrase (which you established when you created your Code Signing Key).
This may fail to compile part way through the process, complaining that an internal project dependency is not met. If this occurs, don't worry. Just run the following:
|
If backing out of this step is needed for any reason, the following will restore the subversion repository and your working copy to the state it was previously in:
|
This step will sign, checksum, and push all release artifacts (including javadocs and sources) to the staging repository.
mvn release:perform
mvn release:perform -Darguments="-Dgpg.keyname=YourKeyId -Dgpg.passphrase=YourKeyPassword"
If any errors or problems occur during the deploy, you can re-run mvn release:perform
safely after fixing those issues (re-running it will just overwrite existing staged contents).
For screenshots and more details on this step, visit the Sonatype Repository Usage Guide's section on Releasing your artifacts |
If anything is incorrect, select the staged repository and select "Drop". After the problem is resolved, you can re-deploy the artifacts to staging and verify them again. To re-deploy an already-tagged release:
mvn release:perform -Dtag=dspace-x.y -DconnectionUrl=scm:svn:
https://scm.dspace.org/svn/repo/dspace
-Darguments="-Dgpg.keyname=YourKeyId -Dgpg.passphrase=YourKeyPassword"
If everything looks good, select the repository and select "Release". The artifacts should be synced to central within an hour, and will officially be released to http://repo2.maven.org/maven2/org/dspace/