2013-05-20 06:30:00 +02:00
Release Process
====================
2024-02-05 23:00:22 +01:00
* Update translations, see [translation_process.md ](https://github.com/neobytes-project/neobytes/blob/master/doc/translation_process.md#syncing-with-transifex )
2015-12-25 13:09:26 +01:00
* Update hardcoded [seeds ](/contrib/seeds )
2013-05-20 06:30:00 +02:00
* * *
2015-10-17 12:10:45 +02:00
###First time / New builders
2015-10-13 13:11:17 +02:00
Check out the source code in the following directory hierarchy.
2013-05-20 06:30:00 +02:00
2015-09-17 23:17:26 +02:00
cd /path/to/your/toplevel/build
2024-02-05 23:00:22 +01:00
git clone https://github.com/neobytes-project/gitian.sigs.git
git clone https://github.com/neobytes-project/neobytes-detached-sigs.git
2015-09-17 23:17:26 +02:00
git clone https://github.com/devrandom/gitian-builder.git
2024-02-05 23:00:22 +01:00
git clone https://github.com/neobytes-project/neobytes.git
2015-09-17 23:17:26 +02:00
2024-02-05 23:00:22 +01:00
###NeoBytes Core maintainers/release engineers, update (commit) version in sources
2015-09-17 23:17:26 +02:00
2024-02-05 23:00:22 +01:00
pushd ./neobytes
2013-05-20 06:30:00 +02:00
contrib/verifysfbinaries/verify.sh
2015-12-25 13:09:26 +01:00
configure.ac
2013-05-20 06:30:00 +02:00
doc/README*
2015-12-25 13:09:26 +01:00
doc/Doxyfile
contrib/gitian-descriptors/*.yml
2013-05-20 06:30:00 +02:00
src/clientversion.h (change CLIENT_VERSION_IS_RELEASE to true)
2015-10-13 13:11:17 +02:00
# tag version in git
2013-05-20 06:30:00 +02:00
2013-12-06 01:26:40 +01:00
git tag -s v(new version, e.g. 0.8.0)
2013-05-20 06:30:00 +02:00
2015-10-13 13:11:17 +02:00
# write release notes. git shortlog helps a lot, for example:
2013-05-20 06:30:00 +02:00
2013-05-25 22:29:28 +02:00
git shortlog --no-merges v(current version, e.g. 0.7.2)..v(new version, e.g. 0.8.0)
2015-09-17 23:17:26 +02:00
popd
2013-05-20 06:30:00 +02:00
* * *
2015-10-17 12:10:45 +02:00
###Setup and perform Gitian builds
2014-08-13 01:24:05 +02:00
2015-10-17 12:10:45 +02:00
Setup Gitian descriptors:
2014-08-13 01:24:05 +02:00
2024-02-05 23:00:22 +01:00
pushd ./neobytes
2015-10-17 12:10:45 +02:00
export SIGNER=(your Gitian key, ie bluematt, sipa, etc)
2013-05-25 22:29:28 +02:00
export VERSION=(new version, e.g. 0.8.0)
2015-12-25 13:09:26 +01:00
git fetch
2013-09-24 21:31:52 +02:00
git checkout v${VERSION}
popd
2015-09-17 23:17:26 +02:00
2015-10-17 12:10:45 +02:00
Ensure your gitian.sigs are up-to-date if you wish to gverify your builds against other Gitian signatures.
2015-09-17 23:17:26 +02:00
pushd ./gitian.sigs
git pull
popd
2015-10-13 13:11:17 +02:00
Ensure gitian-builder is up-to-date to take advantage of new caching features (`e9741525c` or later is recommended).
2015-09-17 23:17:26 +02:00
2013-07-07 18:24:15 +02:00
pushd ./gitian-builder
2015-09-17 23:17:26 +02:00
git pull
2014-05-14 01:23:22 +02:00
2015-10-13 13:11:17 +02:00
###Fetch and create inputs: (first time, or when dependency versions change)
2014-05-14 01:23:22 +02:00
2014-12-11 21:38:29 +01:00
mkdir -p inputs
2015-06-19 00:17:36 +02:00
wget -P inputs https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch
wget -P inputs http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz
2013-05-20 06:30:00 +02:00
2015-10-17 12:10:45 +02:00
Register and download the Apple SDK: see [OS X readme ](README_osx.txt ) for details.
2015-06-05 04:29:41 +02:00
https://developer.apple.com/devcenter/download.action?path=/Developer_Tools/xcode_6.1.1/xcode_6.1.1.dmg
2015-01-13 18:58:24 +01:00
2015-01-20 06:20:44 +01:00
Using a Mac, create a tarball for the 10.9 SDK and copy it to the inputs directory:
2013-05-20 06:30:00 +02:00
2015-01-20 06:20:44 +01:00
tar -C /Volumes/Xcode/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/ -czf MacOSX10.9.sdk.tar.gz MacOSX10.9.sdk
2014-12-11 21:38:29 +01:00
2015-09-17 23:17:26 +02:00
###Optional: Seed the Gitian sources cache and offline git repositories
2014-12-12 00:53:24 +01:00
2015-10-17 12:10:45 +02:00
By default, Gitian will fetch source files as needed. To cache them ahead of time:
2014-12-11 21:38:29 +01:00
2024-02-05 23:00:22 +01:00
make -C ../neobytes/depends download SOURCES_PATH=`pwd`/cache/common
2014-12-11 21:38:29 +01:00
2015-09-17 23:17:26 +02:00
Only missing files will be fetched, so this is safe to re-run for each build.
2015-10-17 12:10:45 +02:00
NOTE: Offline builds must use the --url flag to ensure Gitian fetches only from local URLs. For example:
2015-10-13 13:11:17 +02:00
```
2024-02-05 23:00:22 +01:00
./bin/gbuild --url neobytes=/path/to/neobytes,signature=/path/to/sigs {rest of arguments}
2015-10-13 13:11:17 +02:00
```
The gbuild invocations below < b > DO NOT DO THIS< / b > by default.
2014-12-11 21:38:29 +01:00
2024-02-05 23:00:22 +01:00
###Build and sign NeoBytes Core for Linux, Windows, and OS X:
2015-01-13 18:58:24 +01:00
2024-02-05 23:00:22 +01:00
./bin/gbuild --commit neobytes=v${VERSION} ../neobytes/contrib/gitian-descriptors/gitian-linux.yml
./bin/gsign --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../neobytes/contrib/gitian-descriptors/gitian-linux.yml
mv build/out/neobytes-*.tar.gz build/out/src/neobytes-*.tar.gz ../
2015-09-17 23:17:26 +02:00
2024-02-05 23:00:22 +01:00
./bin/gbuild --commit neobytes=v${VERSION} ../neobytes/contrib/gitian-descriptors/gitian-win.yml
./bin/gsign --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../neobytes/contrib/gitian-descriptors/gitian-win.yml
mv build/out/neobytes-*-win-unsigned.tar.gz inputs/neobytes-win-unsigned.tar.gz
mv build/out/neobytes-*.zip build/out/neobytes-*.exe ../
2015-09-17 23:17:26 +02:00
2024-02-05 23:00:22 +01:00
./bin/gbuild --commit neobytes=v${VERSION} ../neobytes/contrib/gitian-descriptors/gitian-osx.yml
./bin/gsign --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../neobytes/contrib/gitian-descriptors/gitian-osx.yml
mv build/out/neobytes-*-osx-unsigned.tar.gz inputs/neobytes-osx-unsigned.tar.gz
mv build/out/neobytes-*.tar.gz build/out/neobytes-*.dmg ../
2014-05-14 01:23:22 +02:00
popd
2015-09-17 23:17:26 +02:00
2013-05-20 06:30:00 +02:00
Build output expected:
2024-02-05 23:00:22 +01:00
1. source tarball (neobytes-${VERSION}.tar.gz)
2. linux 32-bit and 64-bit dist tarballs (neobytes-${VERSION}-linux[32|64].tar.gz)
3. windows 32-bit and 64-bit unsigned installers and dist zips (neobytes-${VERSION}-win[32|64]-setup-unsigned.exe, neobytes-${VERSION}-win[32|64].zip)
4. OS X unsigned installer and dist tarball (neobytes-${VERSION}-osx-unsigned.dmg, neobytes-${VERSION}-osx64.tar.gz)
2015-10-17 12:10:45 +02:00
5. Gitian signatures (in gitian.sigs/${VERSION}-< linux |{ win , osx } -unsigned > /(your Gitian key)/
2013-05-20 06:30:00 +02:00
2015-12-25 13:09:26 +01:00
###Verify other gitian builders signatures to your own. (Optional)
Add other gitian builders keys to your gpg keyring
2024-02-05 23:00:22 +01:00
gpg --import ../neobytes/contrib/gitian-downloader/*.pgp
2015-12-25 13:09:26 +01:00
Verify the signatures
2024-02-05 23:00:22 +01:00
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../neobytes/contrib/gitian-descriptors/gitian-linux.yml
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../neobytes/contrib/gitian-descriptors/gitian-win.yml
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../neobytes/contrib/gitian-descriptors/gitian-osx.yml
2015-12-25 13:09:26 +01:00
popd
2013-05-20 06:30:00 +02:00
###Next steps:
Commit your signature to gitian.sigs:
pushd gitian.sigs
2014-07-01 18:29:44 +02:00
git add ${VERSION}-linux/${SIGNER}
2015-06-26 14:48:41 +02:00
git add ${VERSION}-win-unsigned/${SIGNER}
2014-11-26 01:23:18 +01:00
git add ${VERSION}-osx-unsigned/${SIGNER}
git commit -a
git push # Assuming you can push to the gitian.sigs tree
popd
2013-05-20 06:30:00 +02:00
2015-10-17 12:10:45 +02:00
Wait for Windows/OS X detached signatures:
Once the Windows/OS X builds each have 3 matching signatures, they will be signed with their respective release keys.
2024-02-05 23:00:22 +01:00
Detached signatures will then be committed to the [neobytes-detached-sigs ](https://github.com/neobytes-project/neobytes-detached-sigs ) repository, which can be combined with the unsigned apps to create signed binaries.
2014-09-27 20:47:12 +02:00
2015-10-17 12:10:45 +02:00
Create (and optionally verify) the signed OS X binary:
2014-09-27 20:47:12 +02:00
2014-11-26 01:23:18 +01:00
pushd ./gitian-builder
2024-02-05 23:00:22 +01:00
./bin/gbuild -i --commit signature=v${VERSION} ../neobytes/contrib/gitian-descriptors/gitian-osx-signer.yml
./bin/gsign --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../neobytes/contrib/gitian-descriptors/gitian-osx-signer.yml
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../neobytes/contrib/gitian-descriptors/gitian-osx-signer.yml
mv build/out/neobytes-osx-signed.dmg ../neobytes-${VERSION}-osx.dmg
2014-11-26 01:23:18 +01:00
popd
2013-05-20 06:30:00 +02:00
2015-09-17 23:17:26 +02:00
Create (and optionally verify) the signed Windows binaries:
2015-06-19 00:17:36 +02:00
pushd ./gitian-builder
2024-02-05 23:00:22 +01:00
./bin/gbuild -i --commit signature=v${VERSION} ../neobytes/contrib/gitian-descriptors/gitian-win-signer.yml
./bin/gsign --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../neobytes/contrib/gitian-descriptors/gitian-win-signer.yml
./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-signed ../neobytes/contrib/gitian-descriptors/gitian-win-signer.yml
mv build/out/neobytes-*win64-setup.exe ../neobytes-${VERSION}-win64-setup.exe
mv build/out/neobytes-*win32-setup.exe ../neobytes-${VERSION}-win32-setup.exe
2015-06-19 00:17:36 +02:00
popd
2015-10-17 12:10:45 +02:00
Commit your signature for the signed OS X/Windows binaries:
2013-05-20 06:30:00 +02:00
pushd gitian.sigs
2014-11-26 01:23:18 +01:00
git add ${VERSION}-osx-signed/${SIGNER}
2015-06-19 00:17:36 +02:00
git add ${VERSION}-win-signed/${SIGNER}
2013-05-20 06:30:00 +02:00
git commit -a
git push # Assuming you can push to the gitian.sigs tree
popd
-------------------------------------------------------------------------
2014-08-22 11:28:51 +02:00
### After 3 or more people have gitian-built and their results match:
2013-05-20 06:30:00 +02:00
2014-09-27 15:58:47 +02:00
- Create `SHA256SUMS.asc` for the builds, and GPG-sign it:
```bash
sha256sum * > SHA256SUMS
2014-09-29 16:58:30 +02:00
gpg --digest-algo sha256 --clearsign SHA256SUMS # outputs SHA256SUMS.asc
2014-09-27 15:58:47 +02:00
rm SHA256SUMS
2014-08-22 11:28:51 +02:00
```
2014-09-29 16:58:30 +02:00
(the digest algorithm is forced to sha256 to avoid confusion of the `Hash:` header that GPG adds with the SHA256 used for the files)
2015-02-16 10:37:13 +01:00
Note: check that SHA256SUMS itself doesn't end up in SHA256SUMS, which is a spurious/nonsensical entry.
2014-08-22 11:28:51 +02:00
2024-02-05 23:00:22 +01:00
- Upload zips and installers, as well as `SHA256SUMS.asc` from last step, to the neobytes.org server
2014-08-04 09:47:59 +02:00
2024-02-05 23:00:22 +01:00
- Update neobytes.org
2014-08-22 11:28:51 +02:00
- Announce the release:
2013-12-10 09:57:30 +01:00
2024-02-05 23:00:22 +01:00
- Release on NeoBytes forum: https://www.neobytes.org/forum/topic/official-announcements.54/
2013-12-10 09:57:30 +01:00
2024-02-05 23:00:22 +01:00
- NeoBytes-development mailing list
2013-12-10 09:57:30 +01:00
2024-02-05 23:00:22 +01:00
- Update title of #neobytes -project on Freenode IRC
2014-08-22 11:28:51 +02:00
2024-02-05 23:00:22 +01:00
- Optionally reddit /r/neobytes, ... but this will usually sort out itself
2014-08-22 11:28:51 +02:00
2024-02-05 23:00:22 +01:00
- Notify flare so that he can start building [the PPAs ](https://launchpad.net/~neobytes.org/+archive/ubuntu/neobytes )
2014-08-22 11:28:51 +02:00
- Add release notes for the new version to the directory `doc/release-notes` in git master
2013-12-10 09:57:30 +01:00
2015-01-13 18:58:24 +01:00
- Celebrate