Still couldn't figure out without locating the log on the Nexus machine. With help from several committers and PMCs, we didn't see anything wrong with my signing key.
I don't want to delay 3.1.2 more because of this. Is it allowed for me to publish artifacts (like tarball, source package, etc.) only and somebody else to push Maven bits to Nexus. I believe Apache bylaw should allow that because there're several releases have more than one release managers. If it is not allowed, please take over the RM role if you have the bandwidth, I think most works have been done except close the Nexus repo. Thanks, Wangda On Thu, Jan 17, 2019 at 11:18 AM Wangda Tan <wheele...@gmail.com> wrote: > Spent several more hours trying to figure out the issue, still no luck. > > I just filed https://issues.sonatype.org/browse/OSSRH-45646, really > appreciate if anybody could add some suggestions. > > Thanks, > Wangda > > On Tue, Jan 15, 2019 at 9:48 AM Wangda Tan <wheele...@gmail.com> wrote: > >> It seems the problem still exists for me: >> >> Now the error message only contains: >> >> failureMessage Failed to validate the pgp signature of >> '/org/apache/hadoop/hadoop-client-check-invariants/3.1.2/hadoop-client-check-invariants-3.1.2.pom', >> check the logs. >> failureMessage Failed to validate the pgp signature of >> '/org/apache/hadoop/hadoop-resourceestimator/3.1.2/hadoop-resourceestimator-3.1.2-javadoc.jar', >> check the logs. >> >> If anybody has access the Nexus node, could you please help to check what >> is the failure message? >> >> Thanks, >> Wangda >> >> >> On Tue, Jan 15, 2019 at 9:56 AM Brian Fox <bri...@infinity.nu> wrote: >> >>> Good to know. The pool has occasionally had sync issues, but we're >>> talking 3 times in the last 8-9 years. >>> >>> On Tue, Jan 15, 2019 at 10:39 AM Elek, Marton <e...@apache.org> wrote: >>> >>>> My key was pushed to the server with pgp about 1 year ago, and it worked >>>> well with the last Ratis release. So it should be synced between the key >>>> servers. >>>> >>>> But it seems that the INFRA solved the problem with shuffling the key >>>> server order (or it was an intermittent issue): see INFRA-17649 >>>> >>>> Seems to be working now... >>>> >>>> Marton >>>> >>>> >>>> On 1/15/19 5:19 AM, Wangda Tan wrote: >>>> > HI Brain, >>>> > Thanks for responding, could u share how to push to keys to Apache >>>> pgp pool? >>>> > >>>> > Best, >>>> > Wangda >>>> > >>>> > On Mon, Jan 14, 2019 at 10:44 AM Brian Fox <bri...@infinity.nu> >>>> wrote: >>>> > >>>> >> Did you push your key up to the pgp pool? That's what Nexus is >>>> validating >>>> >> against. It might take time to propagate if you just pushed it. >>>> >> >>>> >> On Mon, Jan 14, 2019 at 9:59 AM Elek, Marton <e...@apache.org> >>>> wrote: >>>> >> >>>> >>> Seems to be an INFRA issue for me: >>>> >>> >>>> >>> 1. I downloaded a sample jar file [1] + the signature from the >>>> >>> repository and it was ok, locally I verified it. >>>> >>> >>>> >>> 2. I tested it with an other Apache project (Ratis) and my key. I >>>> got >>>> >>> the same problem even if it worked at last year during the 0.3.0 >>>> >>> release. (I used exactly the same command) >>>> >>> >>>> >>> I opened an infra ticket to check the logs of the Nexus as it was >>>> >>> suggested in the error message: >>>> >>> >>>> >>> https://issues.apache.org/jira/browse/INFRA-17649 >>>> >>> >>>> >>> Marton >>>> >>> >>>> >>> >>>> >>> [1]: >>>> >>> >>>> >>> >>>> https://repository.apache.org/service/local/repositories/orgapachehadoop-1183/content/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2-javadoc.jar >>>> >>> >>>> >>> >>>> >>> On 1/13/19 6:27 AM, Wangda Tan wrote: >>>> >>>> Uploaded sample file and signature. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Sat, Jan 12, 2019 at 9:18 PM Wangda Tan <wheele...@gmail.com >>>> >>>> <mailto:wheele...@gmail.com>> wrote: >>>> >>>> >>>> >>>> Actually, among the hundreds of failed messages, the "No >>>> public key" >>>> >>>> issues still occurred several times: >>>> >>>> >>>> >>>> failureMessage No public key: Key with id: >>>> (b3fa653d57300d45) >>>> >>>> was not able to be located on http://gpg-keyserver.de/. >>>> Upload >>>> >>>> your public key and try the operation again. >>>> >>>> failureMessage No public key: Key with id: >>>> (b3fa653d57300d45) >>>> >>>> was not able to be located on >>>> >>>> http://pool.sks-keyservers.net:11371. Upload your public >>>> key >>>> >>> and >>>> >>>> try the operation again. >>>> >>>> failureMessage No public key: Key with id: >>>> (b3fa653d57300d45) >>>> >>>> was not able to be located on http://pgp.mit.edu:11371. >>>> Upload >>>> >>>> your public key and try the operation again. >>>> >>>> >>>> >>>> Once the close operation returned, I will upload sample files >>>> which >>>> >>>> may help troubleshoot the issue. >>>> >>>> >>>> >>>> Thanks, >>>> >>>> >>>> >>>> On Sat, Jan 12, 2019 at 9:04 PM Wangda Tan < >>>> wheele...@gmail.com >>>> >>>> <mailto:wheele...@gmail.com>> wrote: >>>> >>>> >>>> >>>> Thanks David for the quick response! >>>> >>>> >>>> >>>> I just retried, now the "No public key" issue is gone. >>>> However, >>>> >>>> the issue: >>>> >>>> >>>> >>>> failureMessage Failed to validate the pgp signature of >>>> >>>> >>>> >>> >>>> '/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2-tests.jar', >>>> >>>> check the logs. >>>> >>>> failureMessage Failed to validate the pgp signature of >>>> >>>> >>>> >>> >>>> '/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2-test-sources.jar', >>>> >>>> check the logs. >>>> >>>> failureMessage Failed to validate the pgp signature of >>>> >>>> >>>> >>> >>>> '/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2.pom', >>>> >>>> check the logs. >>>> >>>> >>>> >>>> >>>> >>>> Still exists and repeated hundreds of times. Do you know >>>> how to >>>> >>>> access the logs mentioned by above log? >>>> >>>> >>>> >>>> Best, >>>> >>>> Wangda >>>> >>>> >>>> >>>> On Sat, Jan 12, 2019 at 8:37 PM David Nalley < >>>> da...@gnsa.us >>>> >>>> <mailto:da...@gnsa.us>> wrote: >>>> >>>> >>>> >>>> On Sat, Jan 12, 2019 at 9:09 PM Wangda Tan >>>> >>>> <wheele...@gmail.com <mailto:wheele...@gmail.com>> >>>> wrote: >>>> >>>> > >>>> >>>> > Hi Devs, >>>> >>>> > >>>> >>>> > I'm currently rolling Hadoop 3.1.2 release candidate, >>>> >>>> however, I saw an issue when I try to close repo in >>>> Nexus. >>>> >>>> > >>>> >>>> > Logs of >>>> >>> https://repository.apache.org/#stagingRepositories >>>> >>>> (orgapachehadoop-1183) shows hundreds of lines of the >>>> >>>> following error: >>>> >>>> > >>>> >>>> > failureMessage No public key: Key with id: >>>> >>>> (b3fa653d57300d45) was not able to be located on >>>> >>>> http://gpg-keyserver.de/. Upload your public key and >>>> try >>>> >>> the >>>> >>>> operation again. >>>> >>>> > failureMessage No public key: Key with id: >>>> >>>> (b3fa653d57300d45) was not able to be located on >>>> >>>> http://pool.sks-keyservers.net:11371. Upload your >>>> public >>>> >>> key >>>> >>>> and try the operation again. >>>> >>>> > failureMessage No public key: Key with id: >>>> >>>> (b3fa653d57300d45) was not able to be located on >>>> >>>> http://pgp.mit.edu:11371. Upload your public key and >>>> try >>>> >>> the >>>> >>>> operation again. >>>> >>>> > ... >>>> >>>> > failureMessage Failed to validate the pgp signature >>>> of >>>> >>>> >>>> >>> >>>> '/org/apache/hadoop/hadoop-yarn-registry/3.1.2/hadoop-yarn-registry-3.1.2-tests.jar', >>>> >>>> check the logs. >>>> >>>> > failureMessage Failed to validate the pgp signature >>>> of >>>> >>>> >>>> >>> >>>> '/org/apache/hadoop/hadoop-yarn-registry/3.1.2/hadoop-yarn-registry-3.1.2-test-sources.jar', >>>> >>>> check the logs. >>>> >>>> > failureMessage Failed to validate the pgp signature >>>> of >>>> >>>> >>>> >>> >>>> '/org/apache/hadoop/hadoop-yarn-registry/3.1.2/hadoop-yarn-registry-3.1.2-sources.jar', >>>> >>>> check the logs. >>>> >>>> > >>>> >>>> > >>>> >>>> > This is the same key I used before (and finished two >>>> >>>> releases), the same environment I used before. >>>> >>>> > >>>> >>>> > I have tried more than 10 times in the last two >>>> days, no >>>> >>>> luck. And closing the repo takes almost one hour >>>> (Regular >>>> >>>> time is less than 1 min) and always fail at the last. >>>> >>>> > >>>> >>>> > I used following commands to validate key exists on >>>> key >>>> >>>> servers >>>> >>>> > >>>> >>>> > gpg --keyserver pgp.mit.edu <http://pgp.mit.edu> >>>> >>>> --recv-keys 57300D45 >>>> >>>> > gpg: WARNING: unsafe permissions on homedir >>>> >>>> '/Users/wtan/.gnupg' >>>> >>>> > gpg: key B3FA653D57300D45: 1 signature not checked >>>> due to >>>> >>>> a missing key >>>> >>>> > gpg: key B3FA653D57300D45: "Wangda tan < >>>> wan...@apache.org >>>> >>>> <mailto:wan...@apache.org>>" not changed >>>> >>>> > gpg: Total number processed: 1 >>>> >>>> > gpg: unchanged: 1 >>>> >>>> > >>>> >>>> > gpg --keyserver pool.sks-keyservers.net >>>> >>>> <http://pool.sks-keyservers.net> --recv-keys >>>> >>> B3FA653D57300D45 >>>> >>>> > gpg: WARNING: unsafe permissions on homedir >>>> >>>> '/Users/wtan/.gnupg' >>>> >>>> > gpg: key B3FA653D57300D45: 1 signature not checked >>>> due to >>>> >>>> a missing key >>>> >>>> > gpg: key B3FA653D57300D45: "Wangda tan < >>>> wan...@apache.org >>>> >>>> <mailto:wan...@apache.org>>" not changed >>>> >>>> > gpg: Total number processed: 1 >>>> >>>> > gpg: unchanged: 1 >>>> >>>> > >>>> >>>> >>>> >>>> Both of these report that your key was not found. >>>> >>>> I took the key from the KEYS file and uploaded it to >>>> both of >>>> >>>> those servers. >>>> >>>> >>>> >>>> You might try the release again and see if this >>>> resolves the >>>> >>>> issue. >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> --------------------------------------------------------------------- >>>> >>>> To unsubscribe, e-mail: hdfs-dev-unsubscr...@hadoop.apache.org >>>> >>>> For additional commands, e-mail: hdfs-dev-h...@hadoop.apache.org >>>> >>>> >>>> >>> >>>> >> >>>> > >>>> >>>
