Repository: knox Updated Branches: refs/heads/v1.2.0 09d78d41a -> 1270f7eac
KNOX-1637 - ant verify-stage should check knoxshell artifacts Signed-off-by: Kevin Risden <[email protected]> Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/1270f7ea Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/1270f7ea Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/1270f7ea Branch: refs/heads/v1.2.0 Commit: 1270f7eac08446d1f93ac90fa5fa29f33952336e Parents: 09d78d4 Author: Kevin Risden <[email protected]> Authored: Tue Nov 27 10:28:33 2018 -0500 Committer: Kevin Risden <[email protected]> Committed: Tue Nov 27 11:04:06 2018 -0500 ---------------------------------------------------------------------- CHANGES | 1 + build.xml | 32 ++++++++++++++++++++++++++------ 2 files changed, 27 insertions(+), 6 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/1270f7ea/CHANGES ---------------------------------------------------------------------- diff --git a/CHANGES b/CHANGES index c343635..9e5e13d 100644 --- a/CHANGES +++ b/CHANGES @@ -170,6 +170,7 @@ Release Notes - Apache Knox - Version 1.2.0 * [KNOX-1542] - Upgrade to EasyMock 4.0.1 * [KNOX-1543] - Update documentation for KNOX-1531 * [KNOX-1622] - Enable the secure processing feature on all XPathFactory instances + * [KNOX-1637] - ant verify-stage should check knoxshell artifacts ------------------------------------------------------------------------------ Release Notes - Apache Knox - Version 1.1.0 http://git-wip-us.apache.org/repos/asf/knox/blob/1270f7ea/build.xml ---------------------------------------------------------------------- diff --git a/build.xml b/build.xml index b031010..aa4d2f4 100644 --- a/build.xml +++ b/build.xml @@ -221,9 +221,9 @@ Release build file for the Apache Knox Gateway <arg value="--verify"/> <arg value="${gateway-artifact}-${gateway-version}.zip.asc"/> </exec> - <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-256" verifyproperty="zip.sha256.ok"/> + <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-256" fileext=".sha256" verifyproperty="zip.sha256.ok"/> <fail message="SHA-256 Invalid"><condition><isfalse value="${zip.sha256.ok}"/></condition></fail> - <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-512" verifyproperty="zip.sha512.ok"/> + <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-512" fileext=".sha512" verifyproperty="zip.sha512.ok"/> <fail message="SHA-512 Invalid"><condition><isfalse value="${zip.sha512.ok}"/></condition></fail> <echo>Verify ${gateway-artifact}-${gateway-version}-src.zip</echo> @@ -231,9 +231,9 @@ Release build file for the Apache Knox Gateway <arg value="--verify"/> <arg value="${gateway-artifact}-${gateway-version}-src.zip.asc"/> </exec> - <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-256" verifyproperty="src.sha256.ok"/> + <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-256" fileext=".sha256" verifyproperty="src.sha256.ok"/> <fail message="SHA-256 Invalid"><condition><isfalse value="${src.sha256.ok}"/></condition></fail> - <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-512" verifyproperty="src.sha512.ok"/> + <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-512" fileext=".sha512" verifyproperty="src.sha512.ok"/> <fail message="SHA-512 Invalid"><condition><isfalse value="${src.sha512.ok}"/></condition></fail> <echo>Verify ${gateway-artifact}-${gateway-version}.tar.gz</echo> @@ -241,10 +241,30 @@ Release build file for the Apache Knox Gateway <arg value="--verify"/> <arg value="${gateway-artifact}-${gateway-version}.tar.gz.asc"/> </exec> - <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-256" verifyproperty="tar.sha256.ok"/> + <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-256" fileext=".sha256" verifyproperty="tar.sha256.ok"/> <fail message="SHA-256 Invalid"><condition><isfalse value="${tar.sha256.ok}"/></condition></fail> - <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-512" verifyproperty="tar.sha512.ok"/> + <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-512" fileext=".sha512" verifyproperty="tar.sha512.ok"/> <fail message="SHA-512 Invalid"><condition><isfalse value="${tar.sha512.ok}"/></condition></fail> + + <echo>Verify ${knoxshell-artifact}-${gateway-version}.zip</echo> + <exec executable="gpg" dir="${install.dir}" failonerror="true"> + <arg value="--verify"/> + <arg value="${knoxshell-artifact}-${gateway-version}.zip.asc"/> + </exec> + <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.zip" algorithm="SHA-256" fileext=".sha256" verifyproperty="knoxshell.zip.sha256.ok"/> + <fail message="SHA-256 Invalid"><condition><isfalse value="${knoxshell.zip.sha256.ok}"/></condition></fail> + <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.zip" algorithm="SHA-512" fileext=".sha512" verifyproperty="knoxshell.zip.sha512.ok"/> + <fail message="SHA-512 Invalid"><condition><isfalse value="${knoxshell.zip.sha512.ok}"/></condition></fail> + + <echo>Verify ${knoxshell-artifact}-${gateway-version}.tar.gz</echo> + <exec executable="gpg" dir="${install.dir}" failonerror="true"> + <arg value="--verify"/> + <arg value="${knoxshell-artifact}-${gateway-version}.tar.gz.asc"/> + </exec> + <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.tar.gz" algorithm="SHA-256" fileext=".sha256" verifyproperty="knoxshell.tar.sha256.ok"/> + <fail message="SHA-256 Invalid"><condition><isfalse value="${knoxshell.tar.sha256.ok}"/></condition></fail> + <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.tar.gz" algorithm="SHA-512" fileext=".sha512" verifyproperty="knoxshell.tar.sha512.ok"/> + <fail message="SHA-512 Invalid"><condition><isfalse value="${knoxshell.tar.sha512.ok}"/></condition></fail> </target> <target name="sign-candidate" depends="_init,_passphrase" description="Sign a downloaded created release.">
