[openssl] master update
Richard Levitte
levitte at openssl.org
Sat Sep 12 18:20:27 UTC 2020
The branch master has been updated
via 4588f35b5af9bc0d250877ce22915d0cd96f320e (commit)
from 35e6ea3bdc2741c1818337e75756b45d6a2a6122 (commit)
- Log -----------------------------------------------------------------
commit 4588f35b5af9bc0d250877ce22915d0cd96f320e
Author: Richard Levitte <levitte at openssl.org>
Date: Sun Aug 9 14:22:09 2020 +0200
dev/release.sh: Rework to be smoother
It now creates all the necessary feature branches for github in your
repository, making the cloned sub-directory unnecessary for post-release
purposes.
Reviewed-by: Matt Caswell <matt at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12614)
-----------------------------------------------------------------------
Summary of changes:
dev/release.sh | 205 ++++++++++++++++++++++++++++++++++++++-------------------
1 file changed, 137 insertions(+), 68 deletions(-)
diff --git a/dev/release.sh b/dev/release.sh
index 770495fc93..98fdd6a580 100755
--- a/dev/release.sh
+++ b/dev/release.sh
@@ -227,6 +227,7 @@ else
echo >&2 "Please 'git checkout' an approprite branch"
exit 1
fi
+orig_HEAD=$(git rev-parse HEAD)
# Initialize #########################################################
@@ -235,42 +236,58 @@ echo "== Initializing work tree"
get_version
# Generate a cloned directory name
-clone_branch="openssl-$SERIES.x"
-release_clone="$clone_branch-release-tmp"
+release_clone="$orig_branch-release-tmp"
echo "== Work tree will be in $release_clone"
# Make a clone in a subdirectory and move there
if ! [ -d "$release_clone" ]; then
$VERBOSE "== Cloning to $release_clone"
- git clone $git_quiet -b "$orig_branch" . "$release_clone"
+ git clone $git_quiet -b "$orig_branch" -o parent . "$release_clone"
fi
cd "$release_clone"
get_version
-current_branch="$(git rev-parse --abbrev-ref HEAD)"
-new_branch="openssl-$SERIES.x"
+# Branches we will work with. The release branch is where we make the
+# changes for the release, the update branch is where we make the post-
+# release changes
+update_branch="$orig_branch"
+release_branch="openssl-$SERIES.x"
-# Check that we're still on the same branch, or on a release branch
-if [ "$current_branch" = "$orig_branch" ]; then
+# among others, we only create a release branch if the patch number is zero
+if [ "$update_branch" = "$release_branch" ] || [ $PATCH -ne 0 ]; then
+ if $do_branch && $warn_branch; then
+ echo >&2 "Warning! We're already in a release branch; --branch ignored"
+ fi
+ do_branch=false
+fi
+
+if ! $do_branch; then
+ release_branch="$update_branch"
+fi
+
+# Branches we create for PRs
+branch_version="$VERSION${PRE_LABEL:+-$PRE_LABEL$PRE_NUM}"
+tmp_update_branch="OSSL--$update_branch--$branch_version"
+tmp_release_branch="OSSL--$release_branch--$branch_version"
+
+# Check that we're still on the same branch as our parent repo, or on a
+# release branch
+current_branch=$(git rev-parse --abbrev-ref HEAD)
+if [ "$current_branch" = "$update_branch" ]; then
:
-elif [ "$current_branch" = "$new_branch" ]; then
+elif [ "$current_branch" = "$release_branch" ]; then
:
else
- echo >&2 "The cloned sub-directory '$release_clone' is on a branch"
- echo >&2 "other than '$current_branch' or '$new_branch'"
- echo >&2 "Please 'cd \"$(pwd)\"; git checkout $current_branch'"
- exit 1
-fi
-
-if $do_branch; then
- if [ "$current_branch" = "$new_branch" ]; then
- do_branch=false
- fi
- if ! $do_branch && $warn_branch; then
- echo >&2 "Warning: --branch ignored, we're already in a release branch"
+ echo >&2 "The cloned sub-directory '$release_clone' is on a branch"
+ if [ "$update_branch" = "$release_branch" ]; then
+ echo >&2 "other than '$update_branch'."
+ else
+ echo >&2 "other than '$update_branch' or '$release_branch'."
fi
+ echo >&2 "Please 'cd \"$(pwd)\"; git checkout $update_branch'"
+ exit 1
fi
SOURCEDIR=$(pwd)
@@ -290,22 +307,13 @@ if [ "$TYPE" != 'dev' ]; then
exit 1
fi
-# We only create a release branch if the patch number is zero
-if [ $PATCH -ne 0 ]; then
- if $do_branch; then
- echo >&2 "Warning! We're already in a release branch; --branch ignored"
- fi
- do_branch=false
-fi
-
# Update the version information. This won't save anything anywhere, yet,
# but does check for possible next_method errors before we do bigger work.
next_release_state "$next_method"
-if $do_branch; then
- $VERBOSE "== Creating a release branch: $new_branch"
- git checkout $git_quiet -b "$new_branch"
-fi
+# Create our temporary release branch
+$VERBOSE "== Creating a local release branch: $tmp_release_branch"
+git checkout $git_quiet -b "$tmp_release_branch"
echo "== Configuring OpenSSL for update and release. This may take a bit of time"
@@ -324,6 +332,13 @@ if [ -n "$(git status --porcelain)" ]; then
fi
fi
+# Create our temporary update branch, if it's not the release branch.
+# This is used in post-release below
+if $do_branch; then
+ $VERBOSE "== Creating a local update branch: $tmp_update_branch"
+ git branch $git_quiet "$tmp_update_branch"
+fi
+
# Write the version information we updated
set_version
@@ -402,11 +417,9 @@ echo "Signing the release files. You may need to enter a pass phrase"
gpg$gpgkey --use-agent -sba "../$tgzfile"
gpg$gpgkey --use-agent -sta --clearsign "../$announce"
-# We finish off by resetting all files, so we don't have to update
-# files with release dates again
-$VERBOSE "== Reset all files to their pre-commit contents"
-git reset $git_quiet HEAD^ -- .
-git checkout -- .
+# Push everything to the parent repo
+$VERBOSE "== Push what we have to the parent repository"
+git push --follow-tags parent HEAD
if $do_upload; then
(
@@ -424,6 +437,10 @@ fi
# Post-release #######################################################
+$VERBOSE "== Reset all files to their pre-release contents"
+git reset $git_quiet HEAD^ -- .
+git checkout -- .
+
prev_release_text="$release_text"
prev_release_date="$RELEASE_DATE"
@@ -454,9 +471,13 @@ if [ -n "$reviewers" ]; then
addrev --nopr $reviewers
fi
+# Push everything to the parent repo
+$VERBOSE "== Push what we have to the parent repository"
+git push parent HEAD
+
if $do_branch; then
- $VERBOSE "== Going back to the main branch $current_branch"
- git checkout $git_quiet "$current_branch"
+ $VERBOSE "== Going back to the update branch $tmp_update_branch"
+ git checkout $git_quiet "$tmp_update_branch"
get_version
next_release_state "minor"
@@ -482,64 +503,109 @@ if $do_branch; then
fi
fi
+# Push everything to the parent repo
+$VERBOSE "== Push what we have to the parent repository"
+git push parent HEAD
+
# Done ###############################################################
$VERBOSE "== Done"
+cd $HERE
cat <<EOF
======================================================================
-The release is done, and involves a few commits for you to deal with.
-It has all been done in a clone of this workspace, see details below.
-EOF
-if $do_branch; then
- cat <<EOF
-Additionally, a release branch has been created for you, so you need
-to look for new commits in two places.
+The release is done, and involves a few files and commits for you to
+deal with. Everything you need has been pushed to your repository,
+please see instructions that follow.
+======================================================================
+
EOF
-fi
if $do_release; then
cat <<EOF
-These files were uploaded to $upload_address:
+The following files were uploaded to $upload_address, please ensure they
+are dealt with appropriately:
- ../$tgzfile
- ../$tgzfile.sha1
- ../$tgzfile.sha256
- ../$tgzfile.asc
- ../$announce.asc
+ $tgzfile
+ $tgzfile.sha1
+ $tgzfile.sha256
+ $tgzfile.asc
+ $announce.asc
EOF
fi
cat <<EOF
-Release worktree: $release_clone
+----------------------------------------------------------------------
EOF
-if [ "$current_branch" != "$new_branch" ]; then
- cat <<EOF
-Current branch: $current_branch
-EOF
-fi
+
if $do_branch; then
cat <<EOF
-New release branch: $new_branch
+You need to prepare the main repository with a new branch, '$release_branch'.
+That is done directly in the server's bare repository like this:
+
+ git branch $release_branch $orig_HEAD
+
+Two additional release branches have been added to your repository.
+Push them to github, make PRs from them and have them approved:
+
+ $tmp_update_branch
+ $tmp_release_branch
+
+When merging them into the main repository, do it like this:
+
+ git push --follow-tags openssl-git at git.openssl.org:openssl.git \\
+ $tmp_release_branch:$release_branch
+ git push openssl-git at git.openssl.org:openssl.git \\
+ $tmp_update_branch:$update_branch
+EOF
+else
+cat <<EOF
+One additional release branch has been added to your repository.
+Push it to github, make a PR from it and have it approved:
+
+ $tmp_release_branch
+
+When merging it into the main repository, do it like this:
+
+ git push --follow-tags openssl-git at git.openssl.org:openssl.git \\
+ $tmp_release_branch:$release_branch
EOF
fi
cat <<EOF
-======================================================================
+
+----------------------------------------------------------------------
EOF
cat <<EOF
-If something went wrong and you want to start over, all you need is to
-remove the release worktree:
+
+When everything is done, or if something went wrong and you want to start
+over, simply clean away temporary things left behind:
+
+The release worktree:
rm -rf $release_clone
+EOF
+
+if $do_branch; then
+ cat <<EOF
-If a tarball was uploaded, you must also clean that away, or ask you
-kind OpenSSL sysadmin to do so.
+The additional release branches:
+
+ git branch -D $tmp_release_branch
+ git branch -D $tmp_update_branch
+EOF
+else
+ cat <<EOF
+
+The temporary release branch:
+
+ git branch -D $tmp_release_branch
EOF
+fi
exit 0
@@ -581,9 +647,12 @@ branch (see L</RELEASE BRANCHES AND TAGS> below for a discussion on those).
B<release.sh> tries to be smart and figure out the next release if no hints
are given through options, and will exit with an error in ambiguous cases.
-B<release.sh> always clones the current workspace into a sub-directory
-named C<< openssl-I<SERIES>-tmp >>, where C<< I<SERIES> >> is taken from
-the available version information in the source.
+B<release.sh> finishes off with instructions on what to do next. When
+finishing commands are given, they must be followed exactly.
+
+B<release.sh> leaves behind a clone of the local workspace, as well as one
+or two branches in the local repository. These will be mentioned and can
+safely be removed after all instructions have been successfully followed.
=head1 OPTIONS
More information about the openssl-commits
mailing list