Hi Lahiru, I signed your key and pushed it - https://pgp.mit.edu/pks/lookup?op=vindex&search=0x33F4F7D7D7406083
Suresh > On Nov 25, 2024, at 9:39 PM, Lahiru Jayathilake <lahirujayathil...@gmail.com> > wrote: > > Thank you Suresh, for your guidance. I added my Apache email to my gpg key - > https://keyserver.ubuntu.com/pks/lookup?search=FEA3B727837F1FD607A9A4CB33F4F7D7D7406083&fingerprint=on&op=index > > Lahiru > > On Mon, Nov 25, 2024 at 9:07 PM Suresh Marru <sma...@apache.org > <mailto:sma...@apache.org>> wrote: >> Lahiru, >> >> Your key does not have your apache.org <http://apache.org/> email, can you >> add it? This is what I see - >> https://keyserver.ubuntu.com/pks/lookup?search=FEA3B727837F1FD607A9A4CB33F4F7D7D7406083&fingerprint=on&op=index >> >> Here is my key for reference - >> https://keyserver.ubuntu.com/pks/lookup?search=2477158D2F31E2858063346579B3F4FD617DDBAD&fingerprint=on&op=index >> >> You can follow these instructions - >> https://infra.apache.org/openpgp.html#generate-key it is a good practice to >> have your apache.org <http://apache.org/> email with a comment “CODE SIGNING >> KEY” >> >> Suresh >> >>> On Nov 25, 2024, at 8:57 PM, Lahiru Jayathilake >>> <lahirujayathil...@gmail.com <mailto:lahirujayathil...@gmail.com>> wrote: >>> >>> Hi Suresh, >>> >>> Yes, I need to get my key signed. I've had my GPG key signed by one Apache >>> committer and need two additional signatures to meet the recommended three. >>> My GPG Key ID is FEA3B727837F1FD607A9A4CB33F4F7D7D7406083. >>> >>> Thanks, >>> Lahiru >>> >>> On Mon, Nov 25, 2024 at 7:02 PM Suresh Marru <sma...@apache.org >>> <mailto:sma...@apache.org>> wrote: >>>> Hi Lahiru, >>>> >>>> Thanks for championing this release. Please let me know if you need help. >>>> >>>> Do you have your keys signed? Can you share your gpg key id? >>>> >>>> Suresh >>>> >>>>> On Nov 3, 2024, at 11:59 PM, Lahiru Jayathilake >>>>> <lahirujayathil...@gmail.com <mailto:lahirujayathil...@gmail.com>> wrote: >>>>> >>>>> Hi all, >>>>> >>>>> I would like to propose initiating the second release of Apache Airavata >>>>> Custos, version 1.1.0. >>>>> >>>>> Key Details: >>>>> >>>>> Current Version: 1.1-SNAPSHOT >>>>> Last Commit Hash: 19b6f5e06fb44007cdeaef2b1b2b2a6cd25ab1be >>>>> Initial Release: Custos Initial Code Base >>>>> Major Changes Since the Initial Release: >>>>> >>>>> Keycloak Upgrade: Upgraded from version 9.0.2 to 24.0.0 for improved >>>>> security and features. >>>>> Service-to-Service Communication: Simplified service interactions by >>>>> refactoring them into dependency-based communication. >>>>> OIDC Standards Implementation: Updated the authorization, token, and OIDC >>>>> endpoints to comply with OIDC standards, with changes to parameters and >>>>> response formats. >>>>> Nginx Proxy Removal: Removed Nginx as a reverse proxy; SSL termination is >>>>> now handled by the deployment architecture. >>>>> PKCE Flow: Introduced support for PKCE flow, suitable for Single Page >>>>> Applications (SPA). >>>>> JWKS Endpoint: Added a JWKS endpoint to enable public key verification. >>>>> Token Customization: Added group and scope injection for fine-grained >>>>> authorization. >>>>> New Module Architecture: >>>>> >>>>> custos-application: Entry point, configuration, and API integration. >>>>> custos-core: Core business logic, entities, and repositories. >>>>> custos-services: Service classes for implementing business logic. >>>>> custos-api: REST controllers to expose application functionality. >>>>> Infrastructure and Deployment Changes (for context): >>>>> >>>>> Terraform deployment scripts were added for AWS, including network layer >>>>> (VPC, private/public subnets, etc.), Keycloak deployment, and Vault >>>>> deployment. >>>>> >>>>> I would appreciate any feedback or suggestions on these changes. Once >>>>> we've gathered input and reached a consensus within the community, I'll >>>>> move forward with preparing the release candidate. >>>>> >>>>> Looking forward to your thoughts. >>>>> >>>>> Thanks, >>>>> Lahiru >>>>> >>>> >>
