Skip to content

Latest commit

 

History

History
68 lines (49 loc) · 3.22 KB

RELEASE.md

File metadata and controls

68 lines (49 loc) · 3.22 KB

Feign Release Process

This repo uses semantic versions. Please keep this in mind when choosing version numbers.

  1. Alert others you are releasing

    There should be no commits made to master while the release is in progress (about 10 minutes). Before you start a release, alert others on gitter so that they don't accidentally merge anything. If they do, and the build fails because of that, you'll have to recreate the release tag described below.

  2. Push a git tag

    Prepare the next release by running the release script from a clean checkout of the master branch. This script will:

    • Update all versions to the next release.
    • Tag the release.
    • Update all versions to the next development version.
  3. Wait for CI

    This part is controlled by the CircleCI configuration, specifically the deploy job. Which creates the release artifacts and deploys them to maven central.

Credentials

Credentials of various kind are needed for the release process to work. If you notice something failing due to unauthorized, you will need to modify the stored values in Sonatype CircleCI Context for the OpenFeign organization.

SONATYPE_USER - the username of the Sonatype account used to upload artifacts. SONATYPE_PASSWORD - password for the Sonatype account. GPG_KEY - the gpg key used to sign the artifacts. GPG_PASSPHRASE - the passphrase for the gpg key

Troubleshooting invalid credentials

If the deploy job fails due to invalid credentials, double check the SONATYPE_USER and SONATYPE_PASSWORD variables first and correct them.

Troubleshooting GPG issues

If the deploy job fails when signing artifacts, the GPG key may have expired or is incorrect. To update the GPG_KEY, you must export a valid GPG key to ascii and replace all newline characters with \n. This will allow CircleCi to inject the key into the environment in a way where it can be imported again. Use the following command to generate the key file.

gpg -a --export-secret-keys | cat -e | sed  | sed 's/\$/\\n/g' > gpg_key.asc

Paste the contents of this file into the GPG_KEY variable in the context and try the job again.

First release of the year

The license plugin verifies license headers of files include a copyright notice indicating the years a file was affected. This information is taken from git history. There's a once-a-year problem with files that include version numbers (pom.xml). When a release tag is made, it increments version numbers, then commits them to git. On the first release of the year, further commands will fail due to the version increments invalidating the copyright statement. The way to sort this out is the following:

Before you do the first release of the year, move the SNAPSHOT version back and forth from whatever the current is. In-between, re-apply the licenses.

$ ./mvnw versions:set -DnewVersion=1.3.3-SNAPSHOT -DgenerateBackupPoms=false
$ ./mvnw com.mycila:license-maven-plugin:format
$ ./mvnw versions:set -DnewVersion=1.3.2-SNAPSHOT -DgenerateBackupPoms=false
$ git commit -am"Adjusts copyright headers for this year"