Release: binaries and release process
dexX7 opened this issue · comments
Ideally binaries would be created deterministically via Gitian, which is feasible to some degree.
Due to the rebranding from Bitcoin Core to Master/Omni Core, some adjustments need to be made though.
I basically see three options in general:
- fully rebrand the whole project, use Gitian
- temporarily revert the rebrand, create binaries via Gitian and rename the files manually
- just build the binaries somehow and distribute them as done with earlier releases
Option 1 would be anything but trivial (#50), and I really don't like option 3 for a lot of reasons, so I'm going to focus on 2, and how the release could be handled:
- Finalize 0.0.9.1
- Merge into upstream (mastercoin-MSC/mastercore or OmniLayer/omnicore?)
- Tag the release
- Setup build environment in a VM (see: slightly outdated tutorial, which I could update)
- Locally revert the file name changes (see: 419045f8a022b9dfd482cd3245331fbe34aa6a24)
- Create binaries for Unix, Windows, and ideally Mac
- Rename binaries back to mastercored, mastercore-qt, ...
- Check that at least two parties come up with identical results
- Create file checksums and ideally GPG sign the files
- Publish binaries, checksums and signatures
- Announce release (blog, forums, mailing lists, ...)
I'd prefer a release based on Bitcoin Core 0.9.4, especially because 0.9.3 misses the BIP 66 switch over logic etc. for the upcoming soft-fork, but this seems to be out of the scope of this issue.
Going this route would provide at least deterministically build binaries for Unix and Windows, and given that the UI release seems to target the end user base instead of integrators, stepping up here seems reasonable and justified to me.
I agree that option 2 is the most expedient/reasonable (and let’s use mastercoin-MSC/mastercore for this).
Not sure where my notes ended up here - perhaps wrong thread or a missed click on comment :(
TL:DR; option 2 sounds most viable for me also. Had a few other comments, most not terribly important but one thing I was interested in is trust related to GPG keys - eg I have a GPG key I setup with Faiz a while ago, but how does Joe Q end user know it's my key?