almet/dangerzone
1
0
Fork 0
mirror of https://github.com/freedomofpress/dangerzone.git synced 2025-04-28 18:02:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

Add release instructions

Browse source
This commit is contained in:
Micah Lee 2020-02-24 16:45:09 -08:00
parent 75f4f828a2
commit 6fb8a35719
No known key found for this signature in database
GPG key ID: 403C2657CD994F73
1 changed files with 68 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

68
RELEASE.md Normal file
View file

@ -0,0 +1,68 @@
# Release instructions
This section documents the release process. Unless you're a dangerzone developer making a release, you'll probably never need to follow it.
## Changelog, version, and signed git tag
Before making a release, all of these should be complete:
* Update `dangerzone_version` in `dangerzone/__init__.py`
* Update `ProductVersion` in `install/windows/Dangerzone.wxs`
* CHANGELOG.md should be updated to include a list of all major changes since the last release
* There must be a PGP-signed git tag for the version, e.g. for dangerzone 0.1.0, the tag must be `v0.1.0`
Before making a release, verify the release git tag:
```
git fetch
git tag -v v$VERSION
```
If the tag verifies successfully, check it out, and also its submodules:
```
git checkout v$VERSION
git submodule init
git submodule update
```
## macOS release
To make a macOS release, go to macOS build machine:
- Build machine must have:
- macOS 10.14
- Apple-trusted `Developer ID Application: FIRST LOOK PRODUCTIONS, INC.` and `Developer ID Installer: FIRST LOOK PRODUCTIONS, INC.` code-signing certificates installed
- An app-specific Apple ID password saved in the login keychain called `flockagent-notarize`
- Verify and checkout the git tag for this release
- Run `poetry run ./install/macos/build_app.py --with-codesign`; this will make `dist/Dangerzone.dmg`
- Notarize it: `xcrun altool --notarize-app --primary-bundle-id "media.firstlook.dangerzone" -u "micah@firstlook.org" -p "@keychain:dangerzone-notarize" --file dist/Dangerzone.dmg`
- Wait for it to get approved, check status with: `xcrun altool --notarization-history 0 -u "micah@firstlook.org" -p "@keychain:dangerzone-notarize"`
- (If it gets rejected, you can see why with: `xcrun altool --notarization-info [RequestUUID] -u "micah@firstlook.org" -p "@keychain:dangerzone-notarize"`)
- After it's approved, staple the ticket: `xcrun stapler staple dist/Dangerzone.dmg`
This process ends up with the final file:
```
dist/Dangerzone.dmg
```
Rename it `Dangerzone-$VERSION.dmg` before publishing.
## Windows release
To make a Windows release, go to the Windows build machine:
- Build machine should be running Windows 10, and have the Windows codesigning certificate installed
- Verify and checkout the git tag for this release
- Run `install\windows\build.bat`; this will make a codesigned installer package called `dist\Dangerzone-$VERSION.msi`
## Linux release
Linux binaries are automatically built and deployed to repositories when a new tag is pushed.
## Publishing the release
To publish the release:
- Create a new release on GitHub, put the changelog in the description of the release, and upload the macOS and Windows installers