This section documents the release process. Unless you're a dangerzone developer making a release, you'll probably never need to follow it.
Before making a release, all of these should be complete:
- Update
versioninpyproject.toml - Update
share/version.txt - Update version and download links in
README.md, and screenshot if necessary - CHANGELOG.md should be updated to include a list of all major changes since the last release
- In
.circleci/config.yml, add new platforms and remove obsolete platforms - Create a test build in Windows and make sure it works
- Create a test build in macOS and make sure it works
- There must be a PGP-signed git tag for the version, e.g. for dangerzone 0.1.0, the tag must be
v0.1.0
Before making a release, verify the release git tag:
git fetch
git tag -v v$VERSION
If the tag verifies successfully and check it out:
git checkout v$VERSION
To make a macOS release, go to macOS build machine:
- Build machine must have:
- macOS 10.14
- Apple-trusted
Developer ID Application: FIRST LOOK PRODUCTIONS, INC. (P24U45L8P5)code-signing certificates installed
- Verify and checkout the git tag for this release
- Run
poetry install - Run
poetry run ./install/macos/build-app.py --with-codesign; this will makedist/Dangerzone.dmg - Notarize it:
xcrun altool --notarize-app --primary-bundle-id "media.firstlook.dangerzone" -u "[email protected]" -p "$PASSWORD" --file dist/Dangerzone.dmg - Wait for it to get approved, check status with:
xcrun altool --notarization-history 0 -u "[email protected]" -p "$PASSWORD" - (If it gets rejected, you can see why with:
xcrun altool --notarization-info $REQUEST_UUID -u "[email protected]" -p "$PASSWORD") - After it's approved, staple the ticket:
xcrun stapler staple dist/Dangerzone.dmg
This process ends up with the final file:
dist/Dangerzone.dmg
Rename Dangerzone.dmg to Dangerzone-$VERSION.dmg.
- Download a VirtualBox VM image for Windows from here: https://developer.microsoft.com/en-us/windows/downloads/virtual-machines/ and import it into VirtualBox. Also install the Oracle VM VirtualBox Extension Pack.
- Install updates
- Install git for Windows from https://git-scm.com/download/win, and clone the dangerzone repo
- Follow the Windows build instructions in
BUILD.md, except:- Don't install Docker Desktop (it won't work without nested virtualization)
- Install the Windows SDK from here: https://developer.microsoft.com/en-us/windows/downloads/windows-sdk/ and add
C:\Program Files (x86)\Microsoft SDKs\ClickOnce\SignToolto the path (you'll need it forsigntool.exe) - You'll also need the Windows codesigning certificate installed on the VM
Instead of running python .\install\windows\build-image.py in the VM, run the build image script on the host (making sure to build for linux/amd64). Copy share/container.tar.gz and share/image-id.txt from the host into the share folder in the VM
- Verify and checkout the git tag for this release
- Run
poetry install - Run
poetry run .\install\windows\build-app.bat - When you're done you will have
dist\Dangerzone.msi
Rename Dangerzone.msi to Dangerzone-$VERSION.msi.
Linux binaries are automatically built and deployed to repositories when a new tag is pushed.
To publish the release:
- Create a new release on GitHub, put the changelog in the description of the release, and upload the macOS and Windows installers
- Update the Installing Dangerzone wiki page
- Update the Dangerzone website to link to the new installers
- Update the brew cask release of Dangerzone with a PR like this one