Implement Chad's missing config script
This is a somewhat tedious step, as not all commits are official cherry picks (they could be two similar commits), and some cherry picks don't get detected as identical changes (e.g. if there is a merge conflict).
As a first step, run `git checkout <branch>; git cherry master`. This will list all the commits in the branch. Commits with a minus (-) sign are already cherry picked. and commits with a plus (+) sign need further investigation. This will narrow down the investigation a lot. Alternatively, you can use `git log --left-right --graph --cherry-mark --oneline GROUPER_2_3_BRANCH...master` which will show the commit graph for both branches, with '<' for the commits only in the branch and '=' for cherry-picked commits.
For the commits needing attention, there is often no quick way to verify they have been applied to master (main). Probably the easiest thing to do is look at what changed using `git show <commit>`, see what changed, and then `git blame <filename>` in the master (main) branch to see if the changes somehow made it to master (main). Github also has a git blame function, so you can compare changes in two different windows. Another way to compare, if you can find a master (main) commit with the same commit message, is to do a `git show` in both commits and compare the differences (maybe using the diff command). If the only differences are in line numbers and spacing, the commits are a good match.
For all the commits that can't be accounted for, ask the original committers to look into why they never got cherry-picked.
Edit all the README.txt files (DONE)
Update Grouper specsheet software requirements page (DONE)
Grouper installer (Chris)
Search for the old version (e.g. 2.2.2 or 2_2_2 or 2_2_002) in all the files (Chris) (TODO)
If its a minor release, change the release version policy page (DONE)
This is the single commit that will be the official release. All code work should be finished at this point.
Create a new branch: git checkout -b GROUPER_2_4_BRANCH
Edit all the pom.xmls <version> tags
mvn versions:set -DnewVersion=2.4.0 # if the git diff looks ok: mvn versions:commit # otherwise # mvn versions:revert
Look for other snapshot references that needs to change: `find . -name pom.xml | xargs grep SNAPSHOT`
Commit in the new branch. Note, if this is in the master (main) branch, or any other branch that Travis will act on, include "[ci skip]" in the commit message, so that it won't build and publish to the Sonatype snapshot repository.
Push the new branch (TODO needs an extra git command to track the remote?)
For the commit just pushed, tag as GROUPER_2_4_0 and push
git tag GROUPER_2_4_0 git push --tags
Or, if there is already a GROUPER_2_4_0 tag, these steps will override it in the remote repository:
# Retag: # https://stackoverflow.com/questions/8044583/how-can-i-move-a-tag-on-a-git-branch-to-a-different-commit # https://hackernoon.com/under-the-sink-removing-remote-git-tags-3d5644d67ea0 # (this will force delete the tag in the remote tag, since there is no source before the colon) git push upstream :refs/tags/GROUPER_2_4_0 # > To https://github.com/Internet2/grouper.git # > - [deleted] GROUPER_2_4_0 # Force update the local tag to the current commit git tag -fa GROUPER_2_4_0 # Dry run - note in the output that it will push the commit plus the tag git push --dry-run upstream master --tags git push upstream master --tags
In the branch, change pom 2.4.0->2.4.1-SNAPSHOT, update .travis.yml to include the 2.4 branch, commit, test build, commit, and push
In master (main), change pom 2.4.0-SNAPSHOT->2.5.0-SNAPSHOT, test build, commit, and push
Handle Copyright According to Policy
Run the copyright wizard on the entire branch for java files. Or you can diff in version control and go through the new files. Note, only new files should have diffs... this is the custom copyright. You can update the year for new files, don't update the year for existing files. The year should be used and not a range. That is our policy on copyrights. (dont want to change all files)
Copyright 2015 Internet2 Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Make sure the subjects.sql and quickstart.xml file are in the release directory (copy from 2.3.0)
Review UI / WS code changes* from the previous version with respect to Open Web Application Security Project (OWASP) top 10 web application security vulnerabilities
If possible run a security scan against a test instance - University of Pennsylvania via Chris?
*We have not carried out a thorough security review of the existing code base for any version of Grouper. We should do that in order for the incremental reviews to be adequate
Run API (SuiteDefault) JUnit tests (set true in all JUnit test includes in grouper.properties). Also run the Grouper Installer, it should end in success for the client connecting to the WS and you should be able to use the UI.
API JUnit Tests
MySQL (with utf/bin collation table types)
create role GrouperRole; GRANT connect, resource, CREATE view TO GrouperRole; CREATE USER groupertest IDENTIFIED BY <pass>; GRANT connect, resource, GrouperRole TO groupertest;
From demo server
ps -ef | grep java --- kill hsql [mchyzer@i2midev6 bin]$ getGrouperSource.sh GROUPER_2_5_BRANCH cd /home/mchyzer/tmp/grouperDownload/build_mchyzer/grouper-GROUPER_2_5_BRANCH/grouper-parent mvn cd ../grouper mkdir -p dist/lib cp /home/mchyzer/.m2/repository/edu/internet2/middleware/grouper/grouper/2.5.0-SNAPSHOT/grouper-2.5.0-SNAPSHOT.jar dist/lib/grouper.jar cp /home/mchyzer/.m2/repository/edu/internet2/middleware/grouper/grouper/2.5.0-SNAPSHOT/grouper-2.5.0-SNAPSHOT-tests.jar lib/grouper/ touch conf/grouper.client.properties cp misc/grouper.hibernate.example.properties conf/grouper.hibernate.propertiescp misc/subject.example.properties conf/subject.properties emacs conf/grouper.hibernate.properties echo "abc123" > conf/morphString.properties mvn dependency:copy-dependencies mkdir -p lib/grouper cp target/dependency/* lib/grouper/ ./start-hsql.sh & ./bin/gsh.sh -registry -runscript ./bin/gsh.sh -test -all
ps -ef | grep java --- kill hsql wget http://www.internet2.edu/grouper/release/x.y.z/grouper.apiBinary-x.y.z.tar.gz cd grouper.apiBinary-2.0.0 cd bin java -cp ../lib/jdbcSamples/hsqldb.jar org.hsqldb.Server -port 9001 -database.0 file:grouper -dbname.0 grouper & ./gsh.sh -registry -runscript ./gsh.sh -test -all
Try the UI with a few different languages in the browser request (en without US, french, something not common)
Try checkConfig tests.
Upgrade from x.y-1 to x.y (e.g. 2.3 to 2.4).
Install the grouper installer
OS X (10.6)
MsSQL (NO LONGER SUPPORTED)
Web Service JUnit Tests (Grouper WS and Grouper Client) (DONE)
WS samples (DONE)
WS javadoc (generate, commit, test). Make sure new operations / args / etc are documented in the WS doc page (TODO?)
UI internationalization tests (TODO?)
# try to see if someone else is testing, look when process started, wait if so or email list... [appadmin@i2midev6 ~]$ ps -ef | grep gsh | grep test | grep all getGrouperSource.sh GROUPER_2_4_BRANCH cd /home/mchyzer/tmp/grouperDownload/build_mchyzer/grouper-GROUPER_2_4_BRANCH cd grouper ./start-hsql.sh cd /home/mchyzer/tmp/grouperDownload/build_mchyzer/grouper-GROUPER_2_4_BRANCH/grouper ant dist ./bin/gsh.sh -registry -runscript ./bin/gsh.sh -test -all
Just update the "NEW!!" message on this page. Maybe review the Background section to see if it could use some freshening. Maybe add a news item
The Maven step will package all the artifacts, gpg sign them (creating *.asc for all the objects) then upload them to the Sonatype staging repository
Go to https://oss.sonatype.org/#stagingRepositories and there should be a newly created grouper repository with the artifacts inside. The login and password for Sonatype can be found in ~/.m2/settings.xml.
Maven central is https://search.maven.org/search?q=grouper
Sonatype URL immediate repo:
If the objects are all there and look ok, click the close icon to freeze the repository. At that point, you should test the objects, by trying to building something, using the staging repository as if it were the release repository. In your .m2/settings.xml, add:
<profiles> <profile> <id>grouper-stage</id> <repositories> <repository> <id>grouper-stage</id> <url>https://oss.sonatype.org/service/local/repositories/eduinternet2middlewaregrouper-1014/content</url> <releases> <enabled>true</enabled> </releases> </repository> <!-- ... --> <activeProfiles> <activeProfile>grouper-stage</activeProfile> </activeProfiles>
If it builds ok, click the release icon for the repository, and then it will be moved to the official release repository. Within a few hours, it may be synchronized to other Maven repositories.
If something isn't right with the staging repository, just drop it and the Maven build will create a new one with a different increment number.
|Test||Owner||Status and date||Reason it was failing|