This is an automated email from the ASF dual-hosted git repository.
lidavidm pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/arrow-adbc.git
The following commit(s) were added to refs/heads/main by this push:
new e5ff3d8 chore(dev/release): don't require sha256 hashes (#433)
e5ff3d8 is described below
commit e5ff3d85de10a06904cc9b94136dd3661e71b475
Author: David Li <li.david...@gmail.com>
AuthorDate: Wed Feb 8 07:30:13 2023 -0500
chore(dev/release): don't require sha256 hashes (#433)
Co-authored-by: Sutou Kouhei <k...@cozmixng.org>
---
ci/conda_env_dev.txt | 1 +
dev/release/verify-release-candidate.ps1 | 8 --------
dev/release/verify-release-candidate.sh | 11 +----------
3 files changed, 2 insertions(+), 18 deletions(-)
diff --git a/ci/conda_env_dev.txt b/ci/conda_env_dev.txt
index 48e6707..338bce8 100644
--- a/ci/conda_env_dev.txt
+++ b/ci/conda_env_dev.txt
@@ -17,5 +17,6 @@
commitizen
gh
+jq
pre-commit
twine
diff --git a/dev/release/verify-release-candidate.ps1
b/dev/release/verify-release-candidate.ps1
index 7e40ac1..ef3a399 100755
--- a/dev/release/verify-release-candidate.ps1
+++ b/dev/release/verify-release-candidate.ps1
@@ -77,26 +77,18 @@ if ($SourceKind -eq "local") {
$ArrowDistUrl = "https://dist.apache.org/repos/dist/dev/arrow";
$DistName = "apache-arrow-adbc-$($Version)"
$DistUrl = "$($ArrowDistUrl)/$($DistName)-rc$($RcNumber)/$DistName.tar.gz"
- $Sha256Url =
"$($ArrowDistUrl)/$($DistName)-rc$($RcNumber)/$DistName.tar.gz.sha256"
$Sha512Url =
"$($ArrowDistUrl)/$($DistName)-rc$($RcNumber)/$DistName.tar.gz.sha512"
$DistPath = Join-Path $ArrowTempDir "$($DistName).tar.gz"
- $Sha256Path = Join-Path $ArrowTempDir "$($DistName).tar.gz.sha256"
$Sha512Path = Join-Path $ArrowTempDir "$($DistName).tar.gz.sha512"
$ArrowSourceDir = Join-Path $ArrowTempDir $DistName
echo "Fetching $($DistUrl)"
New-Item -ItemType Directory -Path $ArrowSourceDir -Force
Invoke-WebRequest -Uri $DistUrl -OutFile $DistPath
- Invoke-WebRequest -Uri $Sha256Url -OutFile $Sha256Path
Invoke-WebRequest -Uri $Sha512Url -OutFile $Sha512Path
- $ExpectedSha256 = (Get-Content $Sha256Path).Split(" ")[0]
$ExpectedSha512 = (Get-Content $Sha512Path).Split(" ")[0]
- if (-not ((Get-FileHash -Algorithm SHA256 $DistPath).Hash -eq
$ExpectedSha256)) {
- echo "SHA256 hash mismatch"
- exit 1
- }
if (-not ((Get-FileHash -Algorithm SHA512 $DistPath).Hash -eq
$ExpectedSha512)) {
echo "SHA512 hash mismatch"
exit 1
diff --git a/dev/release/verify-release-candidate.sh
b/dev/release/verify-release-candidate.sh
index 2791ad2..2859df4 100755
--- a/dev/release/verify-release-candidate.sh
+++ b/dev/release/verify-release-candidate.sh
@@ -116,10 +116,8 @@ import_gpg_keys() {
}
if type shasum >/dev/null 2>&1; then
- sha256_verify="shasum -a 256 -c"
sha512_verify="shasum -a 512 -c"
else
- sha256_verify="sha256sum -c"
sha512_verify="sha512sum -c"
fi
@@ -129,10 +127,8 @@ fetch_archive() {
local dist_name=$1
download_rc_file ${dist_name}.tar.gz
download_rc_file ${dist_name}.tar.gz.asc
- download_rc_file ${dist_name}.tar.gz.sha256
download_rc_file ${dist_name}.tar.gz.sha512
gpg --verify ${dist_name}.tar.gz.asc ${dist_name}.tar.gz
- ${sha256_verify} ${dist_name}.tar.gz.sha256
${sha512_verify} ${dist_name}.tar.gz.sha512
}
@@ -148,12 +144,7 @@ verify_dir_artifact_signatures() {
# basename of the artifact
pushd $(dirname $artifact) >/dev/null
base_artifact=$(basename $artifact)
- if [ -f $base_artifact.sha256 ]; then
- ${sha256_verify} $base_artifact.sha256 || exit 1
- fi
- if [ -f $base_artifact.sha512 ]; then
- ${sha512_verify} $base_artifact.sha512 || exit 1
- fi
+ ${sha512_verify} $base_artifact.sha512 || exit 1
popd >/dev/null
done
}
