-
Notifications
You must be signed in to change notification settings - Fork 907
BuildingReleases
Peter van Dijk edited this page May 5, 2021
·
59 revisions
Note: compared to 4.1.x and below a build can now take up to 5 or 6 hours! (and for Raspbian it's 5 to 6 hours per release!)
Mostly like below, but use these builders
- build-authoritative-pdns-builder
- build-authoritative-pdns-builder-armhf
- build-dnsdist-pdns-builder
- build-dnsdist-pdns-builder-armhf
- build-recursor-pdns-builder
- build-recursor-pdns-builder-armhf
- Write changelogs
- To get a list of all the merged PRs since the previous version do:
git log --merges --oneline «previous-version»..«current-version»
- example:
git log --merges --oneline rec-4.1.0..master
- Now create the changelog:
./build-scripts/changelog-from-pr.py PR# PR# PR#
- Or
for PR in (cat ~/merges.txt); echo $PR; ./build-scripts/changelog-from-pr.py --access_token «your GitHub API access token» $PR >> ~/changes.rst ; end
wheremerges
has one PR (without the#
prepended) per line - Don't forget to change the XXXX's
- To get a list of all the merged PRs since the previous version do:
- Update secpoll zonefile (do not forget to update the SOA serial!)
- Write draft blogpost
- After the last commit to be included, wait for the corresponding build to succeed before tagging, to avoid having to create a new tag if an error slipped in after all.
- Tag the commit
git tag -s -a dnsdist-X.Y.Z
(tag prereleases asdnsdist-X.Y.Z-{alpha,beta,rc}N
)- Do a
git tag -n
to see what the previous messages look like and make a similar one - Tag, build and publish the release before merging the changelog and secpoll update, otherwise users will get a secpoll upgrade notice while there's no release available yet
- Do a
- Push the tag with
git push <remote> <tagname>
- Login to the webinterface at
builder.powerdns.com
- "Builds >> Builders >> create-dnsdist-tar-bz2"
- (top right) "force-create-dnsdist-tar-bz2"
- Fill in the tag at "revision", check the "is_release"-checkbox (this enables special version name processing)
- Hit "Start build"
- wait for tarballs and packages to be created
- wait for all downstream tests to pass
- (on download1.powerdns.com) Copy the tarball to /releases. e.g.
cp /srv/www/downloads.powerdns.com/autobuilt/$PRODUCT/$VERSION/$PRODUCT-$VERSION.tar.bz2 /srv/www/downloads.powerdns.com/releases
- Copy the tarball to your local system for signing (e.g.
rsync download1.powerdns.com:/srv/www/downloads.powerdns.com/releases/$PRODUCT-$VERSION.tar.bz2 .
) - Sign the tarball with your gpg key with your powerdns.com address on it. Both
--detach-sign
and--detach-sign --armor
- Upload the signature files to the right place on
downloads.powerdns.com
(e.g.rsync *.tar.bz2.* download1.powerdns.com:/srv/www/downloads.powerdns.com/releases/
) - In the case of CVEs, move the minimal patches to
download1:/srv/www/downloads.powerdns.com/patches/
(the minimal patches are send in an e-mail by Remi to customers
- (on repo1.powerdns.com, in your homedir)
mkdir $PRODUCT-$VERSION
- (on download1.powerdns.com, use
ssh -A
)rsync -a --progress /srv/www/downloads.powerdns.com/autobuilt/$PRODUCT/$VERSION/ repo.powerdns.com:$PRODUCT-$VERSION
- (on repo1.powerdns.com) Extract all the tarballs with packages:
cd $PRODUCT-$VERSION; /home/pieter/move_pkgs.sh
- (on repo1.powerdns.com) Become the user
repo
:sudo -u repo -i
and start bash - (on repo1.powerdns.com, as
repo
) Copy the dir from your homedir.rsync -a ~YOU/$PRODUCT-$VERSION /srv/repo/upload
- (on repo1.powerdns.com, as
repo
) Publish the CentOS RPMs:for x in 6 7 8; do createrepo_wrapper centos $x $PRODUCT-$VERSION_REPO $PRODUCT-VERSION-centos-$x-x86_64/*.rpm; done
- (if auth < 4.2) (on repo1.powerdns.com, as
repo
) Publish the SLES RPMs:createrepo_wrapper sles 12.1 auth-40 sles-121-x86_64/*.rpm
- (on repo1.powerdns.com, as
repo
) Publish the Ubuntu debs:for x in trusty xenial bionic; do reprepro -b /srv/repo/ubuntu/ --ignore=extension includedeb $x-$PRODUCT-$VERSION_REPO $PRODUCT-$VERSION-ubuntu-$x-amd64/*.deb ; done
- (on repo1.powerdns.com, as
repo
) Publish the Debian debs:for x in jessie stretch; do reprepro -b /srv/repo/debian/ --ignore=extension includedeb $x-$PRODUCT-$VERSION_REPO $PRODUCT-$VERSION-debian-$x-amd64/*.deb; done
- (on repo1.powerdns.com, as
repo
) Publish the Raspbian debs:reprepro -b /srv/repo/raspbian/ includedeb jessie-$PRODUCT-$VERSION_REPO $PRODUCT-$VERSION-raspbian-jessie-armhf/*.deb
NOTE not yet updated!
All on download1.powerdns.com
mkdir pdns-recursor-4.0.5-rc1
cd pdns-recursor-4.0.5-rc1
find /srv/www/downloads.powerdns.com/autobuilt/recursor/ -name 'pdns-recursor*4.0.5*rc*' -exec cp {} . \;
~pieter/move_pkgs.sh
find . -type f -name 'pdns-recursor*4.0.5*rc*' | sort | xargs sha256sum > sha256sums
- Sign the sha256sums file (both
--detach-sign
and--detach-sign --armor
) cd ..
mv pdns-recursor-4.0.5-rc1 /srv/www/downloads.powerdns.com/releases/packages
Before testing, merge the changelog and secpoll PR, so that the test packages see the right secpoll DNS records.
dig @pdns-public-ns1.powerdns.com TXT $PRODUCT-$VERSION.security-status.secpoll.powerdns.com +norec +short
-
docker pull centos:$OS_VERSION
ordocker pull debian:$OS_VERSION
ordocker pull ubuntu:$OS_VERSION
docker run -it $OS_FROM_PREVIOUS_LINE:$VERSION /bin/bash
- Follow instructions on https://repo.powerdns.com/
For the Raspberry Pi packages there's a physical RPi in the office. (Docker can be tried but never worked for me.)
- post on blog - this will also announce to Twitter and Facebook
- send out SIGNED announcements to pdns-dev/pdns-announce/pdns-users
- please see internal OX wiki for whom else to notify by e-mail
- announce on LinkedIn: do this for RCs too
- for final releases:
- update www.powerdns.com
- update wikipedia and IRC topic
-
#dns
on freenode update (send a PR and ping Peter van Dijk)
Please also read the PowerDNS Documentation that is available from https://doc.powerdns.com/