nifi-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Thomsen <mikerthom...@gmail.com>
Subject Re: Apache NiFi 1.7.0 RC1 Release Helper Guide
Date Wed, 20 Jun 2018 14:48:33 GMT
I took your suggestion and got this:

Only in nifi: .git

Only in nifi: .gitignore

Only in temp/nifi-1.7.0/: DEPENDENCIES

Only in
nifi/nifi-nar-bundles/nifi-standard-services/nifi-kerberos-credentials-service-api:
.gitignore

Only in
nifi/nifi-nar-bundles/nifi-standard-services/nifi-kerberos-credentials-service-bundle/nifi-kerberos-credentials-service:
.gitignore

Only in
nifi/nifi-nar-bundles/nifi-standard-services/nifi-lookup-services-bundle/nifi-lookup-services:
.gitignore


So that looks fine to me because I'd expect those to be excluded from an
official source release that doesn't have the git artifacts (and I don't
think DEPENDENCIES matters either unless I'm missing something)

On Wed, Jun 20, 2018 at 10:11 AM Bryan Bende <bbende@gmail.com> wrote:

> Others may know a better way to do this, but the only way I know to
> truly verify the commit id is something like the following:
>
> git clone https://git-wip-us.apache.org/repos/asf/nifi.git
> git -C nifi checkout <commit id from vote email>
> diff --brief -r <source dir from unzipped release artifacts> <clone
> dir from above>
>
> For verifying the RC was branched off the correct git commit id, you
> look at the branch that was used to create the RC...
>
> So looking at the commit from the release email shows the JIRA was
> NIFI-5323 so there should be a branch like NIFI-5323-RC#:
>
> https://github.com/apache/nifi/commits/NIFI-5323-RC1
>
> The "prepare" commit in there should line up with the commit
> referenced in the vote email, and should also be the commit referenced
> in the release tag:
>
> https://github.com/apache/nifi/commits/nifi-1.7.0-RC1
>
>
> On Wed, Jun 20, 2018 at 9:59 AM, Kevin Doran <kdoran.apache@gmail.com>
> wrote:
> >
> >
> >
> >
> >
> >
> >
> >                 Hi Mike,
> > These values are in the VOTE email:
> https://lists.apache.org/thread.html/d8bfef873317c5f681a5deb226d9dd9483aec56a7abc9a72090cb570@
> <dev.nifi.apache.org>
> > Cheers,Kevin
> >
> >
> >
> >
> >
> >
> > On Wed, Jun 20, 2018 at 6:55 AM -0700, "Mike Thomsen" <
> mikerthomsen@gmail.com> wrote:
> >
> >
> >
> >
> >
> >
> >
> >
> >
> >
> > Do we store these values somewhere in the zip?
> >
> > # Verify the git commit ID is correct
> >
> > # Verify the RC was branched off the correct git commit ID
> >
> > On Wed, Jun 20, 2018 at 3:16 AM Andy LoPresto  wrote:
> >
> >> Hello Apache NiFi community,
> >>
> >> Please find the associated guidance to help those interested in
> >> validating/verifying the release so they can vote.
> >>
> >> # Download latest KEYS file:
> >> https://dist.apache.org/repos/dist/dev/nifi/KEYS
> >>
> >> # Import keys file:
> >> gpg --import KEYS
> >>
> >> # [optional] Clear out local maven artifact repository
> >>
> >> # Pull down nifi-1.7.0 source release artifacts for review:
> >> wget
> >>
> https://dist.apache.org/repos/dist/dev/nifi/nifi-1.7.0/nifi-1.7.0-source-release.zip
> >> wget
> >>
> https://dist.apache.org/repos/dist/dev/nifi/nifi-1.7.0/nifi-1.7.0-source-release.zip.asc
> >> wget
> >>
> https://dist.apache.org/repos/dist/dev/nifi/nifi-1.7.0/nifi-1.7.0-source-release.zip.sha1
> >> wget
> >>
> https://dist.apache.org/repos/dist/dev/nifi/nifi-1.7.0/nifi-1.7.0-source-release.zip.sha256
> >> wget
> >>
> https://dist.apache.org/repos/dist/dev/nifi/nifi-1.7.0/nifi-1.7.0-source-release.zip.sha512
> >>
> >> # Verify the signature
> >> gpg --verify nifi-1.7.0-source-release.zip.asc
> >>
> >> # Verify the hashes (sha1, sha256, sha512) match the source and what was
> >> provided in the vote email thread
> >> shasum -a 1 nifi-1.7.0-source-release.zip
> >> shasum -a 256 nifi-1.7.0-source-release.zip
> >> shasum -a 512 nifi-1.7.0-source-release.zip
> >>
> >> # Unzip nifi-1.7.0-source-release.zip
> >>
> >> # Verify the build works including release audit tool (RAT) checks
> >> cd nifi-1.7.0
> >> mvn clean install -Pcontrib-check,include-grpc
> >>
> >> # Verify the contents contain a good README, NOTICE, and LICENSE.
> >>
> >> # Verify the git commit ID is correct
> >>
> >> # Verify the RC was branched off the correct git commit ID
> >>
> >> # Look at the resulting convenience binary as found in
> nifi-assembly/target
> >>
> >> # Make sure the README, NOTICE, and LICENSE are present and correct
> >>
> >> # Run the resulting convenience binary and make sure it works as
> expected
> >>
> >> # Send a response to the vote thread indicating a +1, 0, -1 based on
> your
> >> findings.
> >>
> >> Thank you for your time and effort to validate the release!
> >> Andy LoPresto
> >> alopresto@apache.org
> >> *alopresto.apache@gmail.com *
> >> PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4  BACE 3C6E F65B 2F7D EF69
> >>
> >>
> >
> >
> >
> >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message