Required tools

To build a binary release of OpenMeetings you need:

  • JDK17
  • Apache Maven 3.8.7
  • Git Command line client
  • A text editor
  • You need to be online! The build process actively downloads needed libraries and dependencies.
  • Valid certficate to be able to enter https://securesigning.pki.digicert.com/csportal Please ask INFRA in case you need one.

Prepare your Apache ID

Step1 - Prepare files

  • Check that all files:
    NOTICE.md, CHANGELOG.md, README.md
    are up to date and refer to the right version.
  • Ensure LICENSE file is up-to-date:
    • Run:
      mvn clean license:aggregate-add-third-party
    • Merge the contents of target/THIRD-PARTY.txt to LICENSE file
  • Check site is green here https://whimsy.apache.org/site/project/openmeetings
  • Ensure All contributed translations are imported to our codebase
    (More info and examples are here))
  • Update following files in OM documentation:
    openmeetings-server/src/site/xdoc/index.xml
    openmeetings-server/src/site/xdoc/NewsArchive.xml
    openmeetings-server/src/site/xdoc/downloads.xml
    Download links in NewsArchive.xml and README.md should be updated
  • Switch to the necessary branch:
    git checkout master
  • Create temporary local branch
    git checkout -b release-5.0.1
  • Update versions of all modules
    mvn versions:set -DgenerateBackupPoms=false -DnewVersion=5.0.1
  • Update final SCM URL located at pom.xml and openmeetings-server/pom.xml
    <scm>
        <url>https://github.com/apache/openmeetings.git</url>
    
        SET https://github.com/apache/openmeetings/tree/5.0.1
    						
  • Add timestamp to parent pom (properties section)
    							YEAR-MONTH-DAY_OF_MONTHT00:00:00Z
    						
  • Create a TAG and commit it to the Git
    git commit -a -m "5.0.1 Release Candidate 1"
    git tag -s 5.0.1-RC1 -m "5.0.1 Release Candidate 1 tag"
    git push origin 5.0.1-RC1
    						
  • Deploy release artifacts to Maven

    mvn clean && mvn deploy -Pdeploy,rc
  • Run the command:

    mvn clean && mvn install -PallModules,rc
  • Test building the source on windows and OSx or Linux

    Test running the binary's

  • Commit artifacts you have created with KEYS file to the https://dist.apache.org/repos/dist/dev/openmeetings/ Proposed file structure for "Release Candidate 1" of 5.0.1 will be:

    5.0.1
    5.0.1/rc1
    5.0.1/rc1/src
    5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip
    5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz
    5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip.sha
    5.0.1/rc1/src/apache-openmeetings-5.0.1-src.zip.asc
    5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz.sha
    5.0.1/rc1/src/apache-openmeetings-5.0.1-src.tar.gz.asc
    5.0.1/rc1/bin
    5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip
    5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz
    5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip.sha
    5.0.1/rc1/bin/apache-openmeetings-5.0.1.zip.asc
    5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz.sha
    5.0.1/rc1/bin/apache-openmeetings-5.0.1.tar.gz.asc
    5.0.1/rc1/CHANGELOG
    						

    NOTE KEYS file is located at https://www.apache.org/dist/openmeetings/KEYS and should be just updated

Step2 - VOTE and RESULT emails

Send a "VOTE" to the developer mailing list including links to release artifacts.
A VOTE always contains two parts:
Send an email to the developer mailing list with the subject line:
[VOTE] Apache OpenMeetings x.xx release
An example for such an email: example Vote email example Vote email (Incubator)
After the vote is over, send a "RESULT" email to the list with the subject line:
[RESULT][VOTE] Apache OpenMeetings x.xx release
An example for such an email: example Result email
Votes on whether a package is ready to be released use majority approval -- i.e., at least three PMC members must vote affirmatively for release, and there must be more positive than negative votes. Releases may not be vetoed. Before voting +1 PMC members are required to download the signed source code package, compile it as provided, and test the resulting executable on their own platform, along with also verifying that the package meets the requirements of the ASF policy on releases.

Step3 - Sign web start application

If VOTEs positive: Sign screen sharing web application and re-pack the release

  • Go to the folder you check out your $BRANCHORTAG
  • Run the command:

    cd openmeetings-screenshare
    mvn clean install -Prc,release
    						
  • Go to https://securesigning.pki.digicert.com/csportal
  • Select "Signing Sets"
  • Select "Add signing set"
  • Enter "Signing set name" (must include "Apache OpenMeetings" and version) for ex. "Apache OpenMeetings 5.0.1-RELEASE"
  • Enter "Version" for ex. "5.0.1-RELEASE"
  • Select "Java Signing Sha256" as "Signing service"
  • Select "Upload files" and add all jar files from target/jnlp
  • Select "Sign now"
  • Select "Type of signing" -> "Production"
  • Select "Sign"
  • Select "Download set"
  • Open binary artifacts of OM created on previous step (both tar.gz and zip)
  • Replace jar files inside artifacts webapps/openmeetings/screenshare with the signed ones
  • Re-create artifact signatures

    Create sha512sum checksums

    #On OSX you might use this command to make a SHA checksum and store it to a file
    shasum -a 512 -r apache-openmeetings-XXX-src.zip >apache-openmeetings-XXX-src.zip.sha512
    						
    #To create SHA hashes On Ubuntu:
    for f in `ls -1 *.tar.gz *.zip`; do sha512sum $f > $f.sha512; done
    
    #To check SHA hashes On Ubuntu:
    for f in `ls -1 *.tar.gz *.zip`; do sha512sum -c $f.sha512; done
    
    						

    Create signatures with the your KEY for every file, the KEY must be available at:
    https://github.com/apache/openmeetings/blob/master/KEYS

    #To create signatures On Ubuntu:
    for f in `ls -1 *.tar.gz *.zip`; do gpg --armor --output $f.asc --detach-sig $f; done
    
    #To check signatures On Ubuntu:
    for f in `ls -1 *.tar.gz *.zip`; do gpg --verify $f.asc; done
    
    						

NOTE: "Type of signing" can be selected as "Test" to check everything works as expected

Step4 - Create release tag

Release tag based on RCXX should finally be created

git checkout 5.0.0-M1-RC1
git tag 5.0.0-M1
git push origin 5.0.0-M1

				

Step5 - Distribute and announce

If VOTEs positive: Upload the release

  • Upload Artifacts with signatures created on the previous steps to https://dist.apache.org/repos/dist/release/openmeetings/CURRENT_VERSION
  • Close staging repo:
    • Go to: Staging Repositories
    • Select openmeetings staging repo and Close it with valid message:
      for ex. "The VOTE about 3.1.2 release was successful"
    • Select openmeetings staging repo and Release it with valid message:
      for ex. "The VOTE about 3.1.2 release was successful"
  • Wait 24 hours (until all Apache mirrors have synced the packages) and send an announcement to the mailing list + blog and any other channel.
  • Email announcements should have the subject line:
    [ANNOUNCE] Apache OpenMeetings x.xx released
  • Update release section of DOAP file openmeetings-site/doap.rdf (https://github.com/apache/openmeetings-site/blob/asf-site/doap.rdf)
  • Add a section to downloads website.
    Make sure that the binary packages are linked using the mirror URL as base path ( not http://www.apache.org/dist):
    Mirror URL: http://www.apache.org/dyn/closer.lua/openmeetings/
  • Release candidates should be deleted from https://dist.apache.org/repos/dist/dev/openmeetings/
    Old releases should be deleted from https://dist.apache.org/repos/dist/release/openmeetings/
Apache OpenMeetings, OpenMeetings, Apache, the Apache feather, and the Apache OpenMeetings project logo
are trademarks of the Apache Software Foundation.
Privacy policy