</replacetokens>
</filterchain>
</copy>
+ <copy file="maven/poi-examples.pom" tofile="${dist.dir}/poi-examples-${version.id}.pom">
+ <filterchain>
+ <replacetokens>
+ <token key="VERSION" value="${version.id}"/>
+ </replacetokens>
+ </filterchain>
+ </copy>
<copy file="maven/poi-ooxml-schemas.pom" tofile="${dist.dir}/poi-ooxml-schemas-${version.id}.pom">
<filterchain>
<replacetokens>
<patternset refid="src.dist.patterns"/>
</tarfileset>
</tar>
-
+
+ <!-- script to create signatures and hashes -->
+ <copy file="maven/multisign.sh" todir="${dist.dir}"/>
+
<echo>Creating Maven POMs</echo>
<antcall target="maven-poms"/>
- <echo>Generating MD5 Checksums</echo>
-
- <checksum fileext=".md5">
- <fileset dir="${dist.dir}" includes="*.pom,*.gz,*.zip"/>
- </checksum>
-
<echo>Distribution located in ${dist.dir}</echo>
+ <echo>Use ${dist.dir}/multisign.sh to create md5 checksums and GPG signatures</echo>
</target>
<target name="dist" depends="clean, compile-all, test-all, site, jar, assemble"
--- /dev/null
+#! /bin/sh
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# create md5 checksums and gpg signatures
+
+stty -echo
+echo "enter your GPG passphrase"
+read passphrase
+stty echo
+
+for i in *; do
+ echo Signing $i
+ echo $passphrase | gpg --passphrase-fd 0 --output $i.asc --detach-sig --armor $i
+ gpg --verify $i.asc $i
+ echo Hashing $i
+ openssl md5 < $i > $i.md5
+done
M2_REPOSITORY=scp://people.apache.org/www/people.apache.org/repo/m2-ibiblio-rsync-repository
M2_SCP=people.apache.org:/www/people.apache.org/repo/m2-ibiblio-rsync-repository
-mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
- -Durl=$M2_REPOSITORY \
- -Dfile=poi-@VERSION@-@DSTAMP@.jar -DpomFile=poi-@VERSION@.pom
-scp poi-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi/@VERSION@/
-scp poi-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi/@VERSION@/
-
-mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
- -Durl=$M2_REPOSITORY \
- -Dfile=poi-scratchpad-@VERSION@-@DSTAMP@.jar -DpomFile=poi-scratchpad-@VERSION@.pom
-scp poi-scratchpad-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-scratchpad/@VERSION@/
-scp poi-scratchpad-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-scratchpad/@VERSION@/
-
-mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
- -Durl=$M2_REPOSITORY \
- -Dfile=poi-contrib-@VERSION@-@DSTAMP@.jar -DpomFile=poi-contrib-@VERSION@.pom
-scp poi-contrib-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-contrib/@VERSION@/
-scp poi-contrib-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-contrib/@VERSION@/
-
-mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
- -Durl=$M2_REPOSITORY \
- -Dfile=poi-ooxml-@VERSION@-@DSTAMP@.jar -DpomFile=poi-ooxml-@VERSION@.pom
-scp poi-ooxml-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-ooxml/@VERSION@/
-scp poi-ooxml-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-ooxml/@VERSION@/
-
-mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
- -Durl=$M2_REPOSITORY \
- -Dfile=poi-examples-@VERSION@-@DSTAMP@.jar -DpomFile=poi-examples-@VERSION@.pom
-scp poi-examples-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-examples/@VERSION@/
-scp poi-examples-@VERSION@-sources.* $M2_SCP/org/apache/poi/poi-examples/@VERSION@/
-
-mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
- -Durl=$M2_REPOSITORY \
- -Dfile=poi-ooxml-schemas-@VERSION@-@DSTAMP@.jar -DpomFile=poi-ooxml-schemas-@VERSION@.pom
-scp poi-ooxml-schemas-@VERSION@.pom.asc $M2_SCP/org/apache/poi/poi-ooxml-schemas/@VERSION@/
-
-
+VERSION=@VERSION@
+DSTAMP=@DSTAMP@
+
+for artifactId in poi poi-scratchpad poi-contrib poi-ooxml poi-examples poi-ooxml-schemas
+do
+ mvn gpg:sign-and-deploy-file -DrepositoryId=apache-releases -P apache-releases \
+ -Durl=$M2_REPOSITORY \
+ -Dfile=$artifactId-$VERSION-$DSTAMP.jar -DpomFile=$artifactId-$VERSION.pom
+ #The maven sign-and-deploy-file command does NOT sign POM files, so we have to upload the POM's .asc manually
+ scp $artifactId-$VERSION.pom.asc $M2_SCP/org/apache/poi/$artifactId/$VERSION/
+
+ if [ -r $artifactId-$VERSION-sources.jar ]; then
+ mvn deploy:deploy-file -DrepositoryId=apache-releases -P apache-releases \
+ -Durl=$M2_REPOSITORY -DgeneratePom=false -Dpackaging=java-source \
+ -Dfile=$artifactId-$VERSION-sources.jar -DpomFile=$artifactId-$VERSION.pom
+ scp $artifactId-$VERSION-sources.jar.asc $M2_SCP/org/apache/poi/$artifactId/$VERSION/
+ fi
+done
https://svn.apache.org/repos/asf/poi/trunk
{code}
- 5. Start a new section in sites.xml and status.xml.
+ 5. Start a new section in status.xml.
6. Build as if the vote had passed. The build date must be +7 days from current.
{code}
ant build
{code}
-After build you should have the following files in the build/dist:
-
-{code}
-poi-$TAG-$DATE.jar
-poi-bin-$TAG-$DATE.tar.gz
-poi-bin-$TAG-$DATE.zip
-poi-contrib-$TAG-$DATE.jar
-poi-scratchpad-$TAG-$DATE.jar
-poi-src-$TAG-$DATE.tar.gz
-poi-src-$TAG-$DATE.zip
-{code}
where $TAG is the release tag specified in build.xml in the version.id property, $DATE is the release date (typically +7 days from the actual build date).
7. Signing the release artifacts:
{code}
cd build/dist
-for i in *.zip ; do
- gpg --armor --output $i.asc --detach-sig $i;
-done
-for i in *.gz ; do
- gpg --armor --output $i.asc --detach-sig $i;
-done
-{code}
-
-Verify the signatures:
-
-{code}
-gpg --multifile --verify *.asc
-{code}
-
- 8. Create MD5 checksums for all artifacts to be published:
-
-{code}
-for i in *.zip ; do
- openssl md5 < $i > $i.md5
-done
-for i in *.gz ; do
- openssl md5 < $i > $i.md5
-done
-{code}
+./multisign.sh
- 9. Upload to your area at people.apache.org.
-There should be two directories:
-main
-maven
+ 8. Upload to your area at people.apache.org, e.g. public_html/poi
Make sure that the all files have read permission.
cp *-bin-* /www/www.apache.org/dist/poi/release/bin
{code}
-copy Maven artifacts
+deploy Maven artifacts
{code}
cd build/dist
./mvn-deploy.sh
projects / poi.git / commitdiff