- - On my local machines, check out the release-tagged version of the
- sources. Do this in a _clean_ directory; don't depend on my usual
- source dir.
- + Make sure to run mkfiles.pl _after_ this checkout, just in
- case.
-
- - Build the source archives now, while the directory is still
- pristine.
- + run ./mksrcarc.sh to build the Windows source zip.
- + run `./mkunxarc.sh X.YZ' to build the Unix tarball.
-
- - Build the Windows/x86 release binaries. Don't forget to supply
- VER=/DRELEASE=<ver>. Run them, or at least one or two of them, to
- ensure that they really do report their version number correctly.
- + Save the release link maps. Currently I keep these on ixion,
- in src/putty/local/maps-<version>.
-
- - Acquire the Windows/alpha release binaries from Owen.
- + Verify the signatures on these, to ensure they're really the
- ones he built. If I'm going to sign a zip file I make out of
- these, I'm damn well going to make sure the binaries that go
- _into_ it are signed themselves.
- + Make sure Owen has kept the Alpha release link maps somewhere
- useful.
-
- - Run Halibut to build the docs.
-
- - Build the binary archives putty.zip (one for each architecture):
- each one just contains all the .exe files except PuTTYtel, and
- the .hlp and .cnt files.
- + zip -k putty.zip `ls *.exe | grep -v puttytel` putty.hlp putty.cnt
- + same again for Alpha.
-
- - Build the docs archive puttydoc.zip: it contains all the HTML
- files output from Halibut.
- + zip puttydoc.zip *.html
-
- - Build the installer.
-
- - Sign the release (gpg --detach-sign).
- + Sign the locally built x86 binaries, the locally built x86
- binary zipfile, and the locally built x86 installer, with the
- release keys.
- + The Alpha binaries should already have been signed with the
- release keys. Having checked that, sign the Alpha binary
- zipfile with the release keys too.
- + The source archive should be signed with the release keys.
- + Don't forget to sign with both DSA and RSA keys for absolutely
- everything.
- for i in <filenames>; do for t in DSA RSA; do gpg --load-extension=idea --detach-sign -u "Releases ($t)" -o $i.$t $i; done; done
-
- - Begin to pull together the release directory structure.
- + subdir `x86' containing the x86 binaries, x86 binary zip, x86
- installer, and all signatures on the above.
- + subdir `alpha' containing the Alpha binaries, Alpha binary
- zip, and all signatures on the above.
- + top-level dir contains the Windows source zip (plus
- signatures), the Unix source tarball (plus signatures),
- puttydoc.txt, the .hlp and .cnt files, and puttydoc.zip.
-
- - Create subdir `htmldoc' in the release directory, which should
- contain exactly the same set of HTML files that went into
- puttydoc.zip.
- + It also needs a copy of sitestyle.css, because the online
- versions of the HTML docs will link to this (although the
- zipped form should be self-contained).
-
- - Create and sign md5sums files: one in the x86 subdir, one in the
- alpha subdir, and one in the parent dir of both of those.
- + The md5sums files need not list the .DSA and .RSA signatures,
- and the top-level md5sums need not list the other two. Easiest
- thing is to run, in each directory, this command:
- md5sum `\find * -name '*SA' -o -type f -print` > md5sums
- + Sign the md5sums files (gpg --clearsign).
- for i in md5sums */md5sums; do for t in DSA RSA; do gpg --load-extension=idea --clearsign -u "Releases ($t)" -o $i.$t $i; done; done
-
- - Now double-check by verifying all the signatures on all the
- files, and running md5sum -c on all the md5sums files.
-
- - Now the whole release directory should be present and correct.
- Upload to ixion:www/putty/<ver>.
-
- - Do final checks on the release directory:
- + verify all the signatures. In each directory:
- for i in *.*SA; do case $i in md5sums*) gpg --verify $i;; *) gpg --verify $i `echo $i | sed 's/\..SA$//'`;; esac; done
- + check the md5sums. In each directory: