-
Notifications
You must be signed in to change notification settings - Fork 5.9k
Release Process
NOTE: This release process uses the spring-build-conventions gradle plug-in.
- Update dependencies
- Update release version
- Build Locally
- Push the release commit
- Announce the release on Slack
- Tag the release
- Update to next development version
- Update version on project page
- Update Release Notes on GitHub
- Close / Create Milestone
- Announce the release on other channels
If you are on master use 1.b, otherwise use 1.a
- Dependencies are declared in
gradle/dependency-management.gradle
- Update Spring Framework and Spring Data at a minimum
- Then find dependencies that need updating by running the
update-dependencies.sh
script:
./scripts/update-dependencies.sh
Prerequisites: The build
directory has to exist to store the file build/updates.txt
. This directory gets created when a new build is run, but is not present on a fresh git clone.
Master is setup to use Gradle dependency locking and version ranges so builds automatically take advantage of the latest dependencies. In order to ensure releases are reproducible, we must lock the dependencies before a release.
To lock the dependencies execute:
./gradlew writeLocks --write-locks
This writes out all the resolved versions. Run the build. If it passes, commit the changes.
- Update the version number in
gradle.properties
for the release, for example,5.1.0.M1
,5.1.0.RC1
,5.1.0.RELEASE
- Run the build locally with:
./gradlew check
- Push the release commit and Jenkins will build and deploy the artifacts
- If you are pushing to Maven Central, then you can get notified when it's uploaded by running the following:
./scripts/release/wait-for-done.sh 5.2.0.RELEASE
- Announce via Slack on #spring-security, including the keyword
spring-security-release
in the message. Something like:
spring-security-release 5.2.0.RC1 is out!
- Tag the release and then push the tag
git tag 5.2.0.RC1
git push origin 5.2.0.RC1
- Update release version to next
BUILD-SNAPSHOT
version and then push - If dependency locks (1.b) were used, revert the commit that included the lock files so that the build uses the latest versions again.
- Update release version on projects.spring.io
- Download the GitHub release notes generator
wget https://github.com/spring-io/github-release-notes-generator/releases/download/v0.0.2/github-release-notes-generator.jar
- Generate the release notes
java -jar github-release-notes-generator.jar \
--releasenotes.github.organization=spring-projects \
--releasenotes.github.repository=spring-security \
--spring.config.location=scripts/release/release-notes-sections.yml \
$MILESTONE release-notes
Note 1: $MILESTONE
is something like 5.2.1
or 5.3.0.M1
.
Note 2: The location scripts/release/release-notes-sections.yml
is relative to the spring-security
repo.
Note 3: This will create a file on your filesystem called release-notes
.
- Copy the release notes to your clipboard (your mileage may vary with the following command)
cat release-notes | xclip -selection clipboard
- Create the release on GitHub, associate it with the tag, and paste the generated notes
- In GitHub Milestones, create a new milestone for the next release version
- Move any open issues from the existing milestone you just released to the new milestone
- Close the milestone for the release.
- Create a Blog
- Tweet from @SpringSecurity
- Send email to [email protected]
- Visit https://build.spring.io/browse/SEC-B42X
- Log In
- Ensure you have admin permissions for the build
- Make sure last build is successful
- Then click on the build number of the last build
- Click the arrow on the left hand side below the details
- Click on Default Job
- Click on Artifactory Release & Promotion
- Fill out the form with the correct values. Use the screenshot below for an example
- Click
Build and Release to Artifactory
- A build will start for the release. When it completes (will have "Manual run by ..." next to it) click on the build number
- Click on Artifactory Release & Promotion again
- Fill out form for release
- Click
Update
. Wait for it to complete.
- Click on Artifactory Build Info
- Invoke the the scripts in scripts/release/ to release with necessary arguments. Get all the secrets from LastPass
$ ./scripts/release/push-to-spring-distributions.sh $BUILD_NUMBER_FROM_BAMBOO
$ ./scripts/release/sync-to-central.sh $RELEASE_VERSION $BINTRAY_API_KEY $SONATYPE_USER_TOKEN $SONATYPE_TOKEN_PWD
$ ./scripts/release/wait-for-done.sh $RELEASE_VERSION
You will get a notification when the release is done.
NOTE: wait-for-done only works if you have spd-say installed.