apex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhupeshchawda <...@git.apache.org>
Subject [GitHub] incubator-apex-site pull request: APEXCORE-215 #comment Added Apac...
Date Mon, 01 Feb 2016 11:26:17 GMT
Github user bhupeshchawda commented on a diff in the pull request:

    https://github.com/apache/incubator-apex-site/pull/11#discussion_r51406907
  
    --- Diff: src/md/verification.md ---
    @@ -0,0 +1,82 @@
    +# How to verify Apache Apex (incubating) release candidate builds
    +
    +## Prerequisites
    +1. *gpg* program should be installed on your system.
    +2. Download the KEYS file and import it. This is one time activity.
    +```bash
    +wget https://dist.apache.org/repos/dist/release/incubator/apex/KEYS
    +gpg --import KEYS
    +```
    +3. You can also created your own key which is required if you would like to sign the
build. This step is optional.
    +```bash
    +gpg --gen-key
    +```
    +Please provide 4096 as keysize while generating the key.
    +
    +## File integrity check
    +Download all files present in staging directory of the RC build. Staging directory link
is shared in VOTE thread of the release candidate.
    +
    +```bash
    +wget -r -np -nd <staging-area-link>/
    +```
    +Note the link should end with "/".
    +
    +Define the apex release candidate variable. We will set it up *apex-3.3.0-incubating*
as an example.
    +```bash
    +APEX_RELEASE_CANDIDATE=apex-3.3.0-incubating
    +```
    +
    +Verify integrity of tar.gz file:
    +```bash
    +gpg --verify $APEX_RELEASE_CANDIDATE-source-release.tar.gz.asc
    +md5sum --check $APEX_RELEASE_CANDIDATE-source-release.tar.gz.md5
    +sha512sum --check $APEX_RELEASE_CANDIDATE-source-release.tar.gz.sha
    +```
    +
    +Verify integrity of .zip file:
    +```bash
    +gpg --verify $APEX_RELEASE_CANDIDATE-source-release.zip.asc
    +md5sum --check $APEX_RELEASE_CANDIDATE-source-release.zip.md5
    +sha512sum --check $APEX_RELEASE_CANDIDATE-source-release.zip.sha
    +```
    +## Source code verification
    +You can extract source either using .tar.gz file or .zip file.
    +
    +### Using .tar.gz source
    +Extract source using .tar.gz:
    +```bash
    +tar -zxvf $APEX_RELEASE_CANDIDATE-source-release.tar.gz
    +```
    +### Using .tar.gz source
    --- End diff --
    
    Using .zip* source 


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

Mime
View raw message