[FEAT]Create Script to Automate Release

dev/README.md

@@ -0,0 +1,118 @@
+# Release Script for Apache Spark Connect Go
+
+This directory contains the release automation script for the Apache Spark Connect Go project.
+
+## Prerequisites
+
+1. **Python Environment**: Create a virtual environment and install dependencies:
+ ```bash
+ python -m venv venv
+ source venv/bin/activate # On Windows: venv\Scripts\activate
+ pip install -r requirements.txt
+ ```
+
+2. **GitHub Token**: Create a GitHub personal access token with the following permissions:
+ - `repo` (Full control of private repositories)
+ - `write:packages` (Upload packages to GitHub Package Registry)
+
+3. **GPG Key**: Ensure you have a GPG key set up for signing:
+ ```bash
+ # List available keys
+ gpg --list-secret-keys
+
+ # If you don't have a key, create one
+ gpg --gen-key
+ ```
+
+## Usage
+
+```bash
+./release.py --tag <new_tag> --prev-tag <previous_tag> --commit <commit_sha> --gpg-user <gpg_user_id> [options]
+```
+
+### Required Arguments
+
+- `--tag`: The new tag version (e.g., `v0.2.0`)
+- `--prev-tag`: The previous tag version for generating release notes (e.g., `v0.1.0`)
+- `--commit`: The commit SHA that the tag should point to
+- `--gpg-user`: Your GPG user ID for signing (email or key ID)
+
+### Optional Arguments
+
+- `--prerelease`: Mark the release as a pre-release
+- `--repo`: GitHub repository in format `owner/name` (default: `apache/spark-connect-go`)
+- `--token`: GitHub token (alternatively set `GITHUB_TOKEN` environment variable)
+
+### Environment Variables
+
+- `GITHUB_TOKEN`: GitHub personal access token
+
+## Example Usage
+
+```bash
+# Set GitHub token
+export GITHUB_TOKEN=ghp_your_token_here
+
+# Create a regular release
+./release.py \
+ --tag v0.2.0 \
+ --prev-tag v0.1.0 \
+ --commit abc123def456 \
+ --gpg-user your.email@example.com
+
+# Create a pre-release
+./release.py \
+ --tag v0.2.0-rc1 \
+ --prev-tag v0.1.0 \
+ --commit abc123def456 \
+ --gpg-user your.email@example.com \
+ --prerelease
+```
+
+## What the Script Does
+
+1. **Creates and pushes tag**: Creates a Git tag at the specified commit and pushes it to GitHub
+2. **Generates release notes**: Automatically creates initial release notes from commits between tags
+3. **Interactive input**: Prompts you to enter/modify the release description
+4. **Creates GitHub release**: Creates a draft release on GitHub
+5. **Downloads artifacts**: Downloads the automatically generated source archives (.tar.gz, .zip)
+6. **Signs artifacts**: Creates detached GPG signatures for each artifact
+7. **Verifies signatures**: Confirms that all signatures are valid
+8. **Uploads signatures**: Uploads the signature files to the GitHub release
+
+## Output
+
+The script creates:
+- A new Git tag pushed to GitHub
+- A draft GitHub release with:
+ - Source code archives (automatically generated by GitHub)
+ - Detached GPG signatures (.asc files)
+ - Release notes based on commits
+
+## Security Notes
+
+- All artifacts are signed with your GPG key
+- Signatures are verified before upload
+- The release is created as a draft first for review
+- Your GPG key must be available in your keyring
+
+## Troubleshooting
+
+### GPG Issues
+```bash
+# If GPG signing fails, check your key
+gpg --list-secret-keys
+
+# Test signing
+echo "test" | gpg --clearsign --local-user your.email@example.com
+```
+
+### GitHub API Issues
+- Ensure your token has the correct permissions
+- Check rate limits if requests fail
+- Verify repository access
+
+### Git Issues
+- Ensure you're in the correct repository directory
+- Check that the commit SHA exists
+- Verify you have push permissions to the repository