From 1c8b7b4663d9d349924d401162688c4565859aac Mon Sep 17 00:00:00 2001 From: Alexander Block Date: Fri, 19 Jan 2018 10:50:14 +0100 Subject: [PATCH] Sync release-notes.md with Bitcoin 0.14 Also remove references to unused communication channels (Freenode, mailing lists) --- doc/release-process.md | 254 ++++++++++++++++++++++++----------------- 1 file changed, 152 insertions(+), 102 deletions(-) diff --git a/doc/release-process.md b/doc/release-process.md index 1dee8408b8..0a6e4d488f 100644 --- a/doc/release-process.md +++ b/doc/release-process.md @@ -5,11 +5,25 @@ Release Process * Update manpages, see [gen-manpages.sh](https://github.com/dashpay/dash/blob/master/contrib/devtools/README.md#gen-manpagessh). -* Update hardcoded [seeds](/contrib/seeds) +Before every minor and major release: -* * * +* Update [bips.md](bips.md) to account for changes since the last release. +* Update version in sources (see below) +* Write release notes (see below) +* Update `src/chainparams.cpp` nMinimumChainWork with information from the getblockchaininfo rpc. +* Update `src/chainparams.cpp` defaultAssumeValid with information from the getblockhash rpc. + - The selected value must not be orphaned so it may be useful to set the value two blocks back from the tip. + - Testnet should be set some tens of thousands back from the tip due to reorgs there. + - This update should be reviewed with a reindex-chainstate with assumevalid=0 to catch any defect + that causes rejection of blocks in the past history. + +Before every major release: + +* Update hardcoded [seeds](/contrib/seeds/README.md). TODO: Give example PR for Dash +* Update [`BLOCK_CHAIN_SIZE`](/src/qt/intro.cpp) to the current size plus some overhead. ### First time / New builders + If you're using the automated script (found in [contrib/gitian-build.sh](/contrib/gitian-build.sh)), then at this point you should run it with the "--setup" command. Otherwise ignore this. Check out the source code in the following directory hierarchy. @@ -22,162 +36,202 @@ Check out the source code in the following directory hierarchy. ### Dash Core maintainers/release engineers, update (commit) version in sources - pushd ./dash - contrib/verifysfbinaries/verify.sh - configure.ac - doc/README* - doc/Doxyfile - contrib/gitian-descriptors/*.yml - src/clientversion.h (change CLIENT_VERSION_IS_RELEASE to true) +- `configure.ac`: + - `_CLIENT_VERSION_MAJOR` + - `_CLIENT_VERSION_MINOR` + - `_CLIENT_VERSION_REVISION` + - Don't forget to set `_CLIENT_VERSION_IS_RELEASE` to `true` +- `src/clientversion.h`: (this mirrors `configure.ac` - see issue #3539) + - `CLIENT_VERSION_MAJOR` + - `CLIENT_VERSION_MINOR` + - `CLIENT_VERSION_REVISION` + - Don't forget to set `CLIENT_VERSION_IS_RELEASE` to `true` +- `doc/README.md` and `doc/README_windows.txt` +- `doc/Doxyfile`: `PROJECT_NUMBER` contains the full version +- `contrib/gitian-descriptors/*.yml`: usually one'd want to do this on master after branching off the release - but be sure to at least do it before a new major release - # tag version in git +Write release notes. git shortlog helps a lot, for example: - git tag -s v(new version, e.g. 0.8.0) + git shortlog --no-merges v(current version, e.g. 0.12.2)..v(new version, e.g. 0.12.3) - # write release notes. git shortlog helps a lot, for example: +Generate list of authors: - git shortlog --no-merges v(current version, e.g. 0.7.2)..v(new version, e.g. 0.8.0) - popd + git log --format='%aN' "$*" | sort -ui | sed -e 's/^/- /' -* * * +Tag version (or release candidate) in git + + git tag -s v(new version, e.g. 0.12.3) ### Setup and perform Gitian builds If you're using the automated script (found in [contrib/gitian-build.sh](/contrib/gitian-build.sh)), then at this point you should run it with the "--build" command. Otherwise ignore this. - Setup Gitian descriptors: +Setup Gitian descriptors: - pushd ./dash - export SIGNER=(your Gitian key, ie bluematt, sipa, etc) - export VERSION=(new version, e.g. 0.8.0) - git fetch - git checkout v${VERSION} - popd + pushd ./dash + export SIGNER=(your Gitian key, ie bluematt, sipa, etc) + export VERSION=(new version, e.g. 0.12.3) + git fetch + git checkout v${VERSION} + popd - Ensure your gitian.sigs are up-to-date if you wish to gverify your builds against other Gitian signatures. +Ensure your gitian.sigs are up-to-date if you wish to gverify your builds against other Gitian signatures. - pushd ./gitian.sigs - git pull - popd + pushd ./gitian.sigs + git pull + popd - Ensure gitian-builder is up-to-date: +Ensure gitian-builder is up-to-date: + + pushd ./gitian-builder + git pull + popd - pushd ./gitian-builder - git pull ### Fetch and create inputs: (first time, or when dependency versions change) - mkdir -p inputs - wget -P inputs https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch - wget -P inputs http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz + pushd ./gitian-builder + mkdir -p inputs + wget -P inputs https://bitcoincore.org/cfields/osslsigncode-Backports-to-1.7.1.patch + wget -P inputs http://downloads.sourceforge.net/project/osslsigncode/osslsigncode/osslsigncode-1.7.1.tar.gz + popd - Create the OS X SDK tarball, see the [OS X readme](README_osx.md) for details, and copy it into the inputs directory. +Create the OS X SDK tarball, see the [OS X readme](README_osx.md) for details, and copy it into the inputs directory. ### Optional: Seed the Gitian sources cache and offline git repositories By default, Gitian will fetch source files as needed. To cache them ahead of time: - make -C ../dash/depends download SOURCES_PATH=`pwd`/cache/common + pushd ./gitian-builder + make -C ../dash/depends download SOURCES_PATH=`pwd`/cache/common + popd Only missing files will be fetched, so this is safe to re-run for each build. NOTE: Offline builds must use the --url flag to ensure Gitian fetches only from local URLs. For example: -``` -./bin/gbuild --url dash=/path/to/dash,signature=/path/to/sigs {rest of arguments} -``` + + pushd ./gitian-builder + ./bin/gbuild --url dash=/path/to/dash,signature=/path/to/sigs {rest of arguments} + popd + The gbuild invocations below DO NOT DO THIS by default. ### Build and sign Dash Core for Linux, Windows, and OS X: - ./bin/gbuild --memory 3000 --commit dash=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-linux.yml - ./bin/gsign --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-linux.yml - mv build/out/dash-*.tar.gz build/out/src/dash-*.tar.gz ../ + pushd ./gitian-builder + ./bin/gbuild --memory 3000 --commit dash=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-linux.yml + ./bin/gsign --signer $SIGNER --release ${VERSION}-linux --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-linux.yml + mv build/out/dash-*.tar.gz build/out/src/dash-*.tar.gz ../ - ./bin/gbuild --memory 3000 --commit dash=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-win.yml - ./bin/gsign --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-win.yml - mv build/out/dash-*-win-unsigned.tar.gz inputs/dash-win-unsigned.tar.gz - mv build/out/dash-*.zip build/out/dash-*.exe ../ + ./bin/gbuild --memory 3000 --commit dash=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-win.yml + ./bin/gsign --signer $SIGNER --release ${VERSION}-win-unsigned --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-win.yml + mv build/out/dash-*-win-unsigned.tar.gz inputs/dash-win-unsigned.tar.gz + mv build/out/dash-*.zip build/out/dash-*.exe ../ - ./bin/gbuild --memory 3000 --commit dash=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-osx.yml - ./bin/gsign --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-osx.yml - mv build/out/dash-*-osx-unsigned.tar.gz inputs/dash-osx-unsigned.tar.gz - mv build/out/dash-*.tar.gz build/out/dash-*.dmg ../ - popd + ./bin/gbuild --memory 3000 --commit dash=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-osx.yml + ./bin/gsign --signer $SIGNER --release ${VERSION}-osx-unsigned --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-osx.yml + mv build/out/dash-*-osx-unsigned.tar.gz inputs/dash-osx-unsigned.tar.gz + mv build/out/dash-*.tar.gz build/out/dash-*.dmg ../ + popd - Build output expected: +Build output expected: - 1. source tarball (dash-${VERSION}.tar.gz) - 2. linux 32-bit and 64-bit dist tarballs (dash-${VERSION}-linux[32|64].tar.gz) - 3. windows 32-bit and 64-bit unsigned installers and dist zips (dash-${VERSION}-win[32|64]-setup-unsigned.exe, dash-${VERSION}-win[32|64].zip) - 4. OS X unsigned installer and dist tarball (dash-${VERSION}-osx-unsigned.dmg, dash-${VERSION}-osx64.tar.gz) - 5. Gitian signatures (in gitian.sigs/${VERSION}-/(your Gitian key)/ + 1. source tarball (`dash-${VERSION}.tar.gz`) + 2. linux 32-bit and 64-bit dist tarballs (`dash-${VERSION}-linux[32|64].tar.gz`) + 3. windows 32-bit and 64-bit unsigned installers and dist zips (`dash-${VERSION}-win[32|64]-setup-unsigned.exe`, `dash-${VERSION}-win[32|64].zip`) + 4. OS X unsigned installer and dist tarball (`dash-${VERSION}-osx-unsigned.dmg`, `dash-${VERSION}-osx64.tar.gz`) + 5. Gitian signatures (in `gitian.sigs/${VERSION}-/(your Gitian key)/`) ### Verify other gitian builders signatures to your own. (Optional) - Add other gitian builders keys to your gpg keyring, and/or refresh keys. +Add other gitian builders keys to your gpg keyring, and/or refresh keys. - gpg --import ../dash/contrib/gitian-keys/*.pgp - gpg --refresh-keys + gpg --import dash/contrib/gitian-keys/*.pgp + gpg --refresh-keys - Verify the signatures +Verify the signatures - ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../dash/contrib/gitian-descriptors/gitian-linux.yml - ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../dash/contrib/gitian-descriptors/gitian-win.yml - ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../dash/contrib/gitian-descriptors/gitian-osx.yml - - popd + pushd ./gitian-builder + ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-linux ../dash/contrib/gitian-descriptors/gitian-linux.yml + ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-unsigned ../dash/contrib/gitian-descriptors/gitian-win.yml + ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-unsigned ../dash/contrib/gitian-descriptors/gitian-osx.yml + popd ### Next steps: Commit your signature to gitian.sigs: - pushd gitian.sigs - git add ${VERSION}-linux/${SIGNER} - git add ${VERSION}-win-unsigned/${SIGNER} - git add ${VERSION}-osx-unsigned/${SIGNER} - git commit -a - git push # Assuming you can push to the gitian.sigs tree - popd + pushd gitian.sigs + git add ${VERSION}-linux/${SIGNER} + git add ${VERSION}-win-unsigned/${SIGNER} + git add ${VERSION}-osx-unsigned/${SIGNER} + git commit -a + git push # Assuming you can push to the gitian.sigs tree + popd - Wait for Windows/OS X detached signatures: - Once the Windows/OS X builds each have 3 matching signatures, they will be signed with their respective release keys. - Detached signatures will then be committed to the [dash-detached-sigs](https://github.com/dashpay/dash-detached-sigs) repository, which can be combined with the unsigned apps to create signed binaries. +Wait for Windows/OS X detached signatures: - Create (and optionally verify) the signed OS X binary: +- Once the Windows/OS X builds each have 3 matching signatures, they will be signed with their respective release keys. +- Detached signatures will then be committed to the [dash-detached-sigs](https://github.com/dashpay/dash-detached-sigs) repository, which can be combined with the unsigned apps to create signed binaries. - pushd ./gitian-builder - ./bin/gbuild -i --commit signature=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-osx-signer.yml - ./bin/gsign --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-osx-signer.yml - ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../dash/contrib/gitian-descriptors/gitian-osx-signer.yml - mv build/out/dash-osx-signed.dmg ../dash-${VERSION}-osx.dmg - popd +Create (and optionally verify) the signed OS X binary: - Create (and optionally verify) the signed Windows binaries: + pushd ./gitian-builder + ./bin/gbuild -i --commit signature=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-osx-signer.yml + ./bin/gsign --signer $SIGNER --release ${VERSION}-osx-signed --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-osx-signer.yml + ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-osx-signed ../dash/contrib/gitian-descriptors/gitian-osx-signer.yml + mv build/out/dash-osx-signed.dmg ../dash-${VERSION}-osx.dmg + popd - pushd ./gitian-builder - ./bin/gbuild -i --commit signature=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-win-signer.yml - ./bin/gsign --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-win-signer.yml - ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-signed ../dash/contrib/gitian-descriptors/gitian-win-signer.yml - mv build/out/dash-*win64-setup.exe ../dash-${VERSION}-win64-setup.exe - mv build/out/dash-*win32-setup.exe ../dash-${VERSION}-win32-setup.exe - popd +Create (and optionally verify) the signed Windows binaries: + + pushd ./gitian-builder + ./bin/gbuild -i --commit signature=v${VERSION} ../dash/contrib/gitian-descriptors/gitian-win-signer.yml + ./bin/gsign --signer $SIGNER --release ${VERSION}-win-signed --destination ../gitian.sigs/ ../dash/contrib/gitian-descriptors/gitian-win-signer.yml + ./bin/gverify -v -d ../gitian.sigs/ -r ${VERSION}-win-signed ../dash/contrib/gitian-descriptors/gitian-win-signer.yml + mv build/out/dash-*win64-setup.exe ../dash-${VERSION}-win64-setup.exe + mv build/out/dash-*win32-setup.exe ../dash-${VERSION}-win32-setup.exe + popd Commit your signature for the signed OS X/Windows binaries: - pushd gitian.sigs - git add ${VERSION}-osx-signed/${SIGNER} - git add ${VERSION}-win-signed/${SIGNER} - git commit -a - git push # Assuming you can push to the gitian.sigs tree - popd - -------------------------------------------------------------------------- + pushd gitian.sigs + git add ${VERSION}-osx-signed/${SIGNER} + git add ${VERSION}-win-signed/${SIGNER} + git commit -a + git push # Assuming you can push to the gitian.sigs tree + popd ### After 3 or more people have gitian-built and their results match: - Create `SHA256SUMS.asc` for the builds, and GPG-sign it: + ```bash sha256sum * > SHA256SUMS +``` + +The list of files should be: +``` +dash-${VERSION}-aarch64-linux-gnu.tar.gz +dash-${VERSION}-arm-linux-gnueabihf.tar.gz +dash-${VERSION}-i686-pc-linux-gnu.tar.gz +dash-${VERSION}-x86_64-linux-gnu.tar.gz +dash-${VERSION}-osx64.tar.gz +dash-${VERSION}-osx.dmg +dash-${VERSION}.tar.gz +dash-${VERSION}-win32-setup.exe +dash-${VERSION}-win32.zip +dash-${VERSION}-win64-setup.exe +dash-${VERSION}-win64.zip +``` +The `*-debug*` files generated by the gitian build contain debug symbols +for troubleshooting by developers. It is assumed that anyone that is interested +in debugging can run gitian to generate the files for themselves. To avoid +end-user confusion about which file to pick, as well as save storage +space *do not upload these to the dash.org server*. + +- GPG-sign it, delete the unsigned file: +``` gpg --digest-algo sha256 --clearsign SHA256SUMS # outputs SHA256SUMS.asc rm SHA256SUMS ``` @@ -192,11 +246,7 @@ Note: check that SHA256SUMS itself doesn't end up in SHA256SUMS, which is a spur - Release on Dash forum: https://www.dash.org/forum/topic/official-announcements.54/ - - Dash-development mailing list - - - Update title of #dashpay on Freenode IRC - - - Optionally reddit /r/Dashpay, ... but this will usually sort out itself + - Optionally Discord, twitter, reddit /r/Dashpay, ... but this will usually sort out itself - Notify flare so that he can start building [the PPAs](https://launchpad.net/~dash.org/+archive/ubuntu/dash)