...

Before Release Day

Release Numbering Convention

As agreed by the Steering Group, VIVO follows the Semantic Versioning guidelines - http://semver.org/

1. MAJOR version when you make incompatible API changes,
2. MINOR version when you add functionality in a backwards-compatible manner, and
3. PATCH version when you make backwards-compatible bug fixes.

Verify release privileges

...

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                      http://maven.apache.org/xsd/settings-1.0.0.xsd">
  <profiles>
    <id>ossrh</id>
    <activation>
      <activeByDefault>true</activeByDefault>
    </activation>
    <properties>
       <gpg.keyname>YourKeyName</gpg.keyname>
       <gpg.passphrase>YourKeyPassphrase</gpg.passphrase>
       <gpg.defaultKeyring>false</gpg.defaultKeyring>
       <gpg.useagent>true</gpg.useagent>
       <gpg.lockmode>never</gpg.lockmode>
       <gpg.homedir>YourGPGDir</gpg.homedir>
       <gpg.publicKeyring>YourGPGDir/pubring.gpg</gpg.publicKeyring>
       <gpg.secretKeyring>YourGPGDir/secring.gpg</gpg.secretKeyring>
    </properties>
  </profiles>
  <servers>
    <!--Login info for Sonatype SnapShot repository-->
    <server>
      <id>ossrh</id>
      <username>YourSonatypeUsername</username>
      <password>YourSonatypePassword</password>
    </server>
    <server>
      <id>github</id>
      <username>your-github-id</username>
      <password>your-github-pwd</password>
    </server>
		  </servers>
</settings>

If you don't yet have a ~/.m2/settings.xml file, you should create one, and copy the full contents above (obviously make sure to put in your username and password, and GPG details).

...

• create one if you haven't before
• ensure that it's listed within the contributor keys
• You must generate and publish your own personal Code Signing Key (required by Sonatype). Here are two sites that give hints on how to do that:
  
  • Creating a Code Signing Key
  • How to Generate PGP Signatures with Maven (required for all Sonatype releases)
  • Make sure to publish your Key file to hkp://pgp.mit.edu, as this is the Key Server Sonatype uses for verification:
    
    • (e.g.) gpg --keyserver hkp://pgp.mit.edu --send-keys [yourKeyID]
      

      • [yourKeyId] can be found by running the following command and copying the alpha-numeric string after the "/" on the "pub" line 

        • gpg --list-keys 
          

    • You can see if your key is already on that Key Server by visiting http://pgp.mit.edu and searching on your name

Prepare and distribute test plan

...

Push Release Branch to develop and Maintenance

The release branch has changes made since code freeze. It also contains the update to the version numbers for future development.

...

Ensure that your commit history matches the release branch's commit history, except for the two additional commits. 

1. Changing from SNAPSHOT version to release version. Something like [maven-release-plugin] prepare release $REPO-$CURR
2. Changing from release version to next development version. Something like [maven-release-plugin] prepare for next development iteration

If this appears correct, you can push your release branch on to the maintenance branch.

...