nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Wing <jvw...@gmail.com>
Subject Re: Apache NiFi 0.7.3 RC1 Release Helper Guide
Date Mon, 15 May 2017 22:08:25 GMT
I think we're good.  We need his signing key is in the KEYS file at the
time we publish the release.  It sounds like we're on track for that - his
key is checked into the git KEYS file, and someone has been enlisted to
publish the KEYS file.  I'm sorry to promote confusion, I wasn't sure what
the process for that was, or if it had been started.

Thanks,

James

On Mon, May 15, 2017 at 2:53 PM, Tony Kurc <trkurc@gmail.com> wrote:

> Joe, James, Mike,
> I think I got confused. Do we need to get Mike's gpg public key which he
> used to sign in that KEYS file, or is the key Mike put in the helper
> sufficient? If it isn't sufficient, we need someone with access to svn to
> add Mike, correct?
>
> Tony
>
> On Mon, May 15, 2017 at 4:34 PM, Michael Moser <moser.mw@gmail.com> wrote:
>
> > Yeah, I didn't have write permission to SVN
> > https://dist.apache.org/repos/dist/ which I assumed was because I'm a
> > committer and not on the PMC.  I've enlisted a PMC member's help to
> > put the release up there if this vote passes.
> >
> >
> > On Mon, May 15, 2017 at 3:13 PM, Joe Witt <joe.witt@gmail.com> wrote:
> > > just need to update that dist key file is all.  I think mike did
> > > update the git entry.
> > >
> > > On Mon, May 15, 2017 at 3:12 PM, James Wing <jvwing@gmail.com> wrote:
> > >> Michael,
> > >>
> > >> What's the plan for the PGP key distribution, or how do we get your
> key
> > >> into the KEYS file?
> > >>
> > >> Thanks,
> > >>
> > >> James
> > >>
> > >> On Sun, May 14, 2017 at 5:36 PM, Michael Moser <mosermw@apache.org>
> > wrote:
> > >>
> > >>> Hello Apache NiFi community,
> > >>>
> > >>> Please find the associated guidance to help those interested in
> > >>> validating/verifying the 0.7.3 release so they can vote.
> > >>>
> > >>> # Download latest KEYS file:
> > >>> https://dist.apache.org/repos/dist/dev/nifi/KEYS
> > >>>
> > >>> # Download the key used to sign this release:
> > >>> https://people.apache.org/keys/committer/mosermw.asc
> > >>>
> > >>> # Import keys file:
> > >>> gpg --import KEYS
> > >>>
> > >>> # Import key used to sign this release:
> > >>> gpg --import mosermw.asc
> > >>>
> > >>> # [optional] Clear out local maven artifact repository
> > >>>
> > >>> # Pull down nifi-0.7.3 source release artifacts for review:
> > >>> wget https://repository.apache.org/content/repositories/
> > >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3-
> > >>> source-release.zip
> > >>> wget https://repository.apache.org/content/repositories/
> > >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3-
> > >>> source-release.zip.asc
> > >>> wget https://repository.apache.org/content/repositories/
> > >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3-
> > >>> source-release.zip.md5
> > >>> wget https://repository.apache.org/content/repositories/
> > >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3-
> > >>> source-release.zip.sha1
> > >>>
> > >>> # Verify the signature
> > >>> gpg --verify nifi-0.7.3-source-release.zip.asc
> > >>>
> > >>> # Verify the hashes (md5, sha1, sha256) match the source and what was
> > >>> provided in the vote email thread
> > >>> # NOTE: the repository does not have the
> > >>> nifi-0.7.3-source-release.zip.sha256 file, please find that hash in
> > >>> the vote email thread
> > >>> md5sum nifi-0.7.3-source-release.zip
> > >>> sha1sum nifi-0.7.3-source-release.zip
> > >>> sha256sum nifi-0.7.3-source-release.zip
> > >>>
> > >>> # Unzip nifi-0.7.3-source-release.zip
> > >>>
> > >>> # Verify the build works including release audit tool (RAT) checks
> > >>> cd nifi-0.7.3
> > >>> mvn clean install -Pcontrib-check
> > >>>
> > >>> # Verify the contents contain a good README, NOTICE, and LICENSE.
> > >>>
> > >>> # Verify the git commit ID is correct
> > >>>
> > >>> # Verify the RC was branched off the correct git commit ID
> > >>>
> > >>> # Look at the resulting convenience binary as found in
> > nifi-assembly/target
> > >>>
> > >>> # Make sure the README, NOTICE, and LICENSE are present and correct
> > >>>
> > >>> # Run the resulting convenience binary and make sure it works as
> > expected
> > >>>
> > >>> # Send a response to the vote thread indicating a +1, 0, -1 based on
> > >>> your findings.
> > >>>
> > >>> Thank you for your time and effort to validate the release!
> > >>>
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message