Re: [VOTE] Relase Apache APISIX Python Plugin Runner 0.1.0

YuanSheng Wang Mon, 30 Aug 2021 21:03:08 -0700

+1 binding

Check list:
    - Download links are fine
    - Checksums is fine
    - Signature is fine
    - LICENSE and NOTICE files




On Fri, Aug 27, 2021 at 3:29 PM Zexuan Luo <spacewan...@apache.org> wrote:

> Anyway,
> +1 binding
>
> I checked:
> - Download links are valid
> - Checksums is valid
> - Signature is valid
> - LICENSE and NOTICE files
> - make setup successfully
>
> Zexuan Luo <spacewan...@apache.org> 于2021年8月27日周五 下午3:28写道：
> >
> > I got:
> > gpg --verify apisix-python-plugin-runner-0.1.0-src.tgz.asc
> > gpg: assuming signed data in 'apisix-python-plugin-runner-0.1.0-src.tgz'
> > gpg: Signature made 2021年08月26日 星期四 20时00分35秒 CST
> > gpg:                using RSA key
> 147CD2ABFA330EC56E4BABF927263EFDC64AACA1
> > gpg: Good signature from "JinChao Shuai <shuaijinc...@apache.org>"
> [unknown]
> > gpg: WARNING: This key is not certified with a trusted signature!
> > gpg:          There is no indication that the signature belongs to the
> owner.
> > Primary key fingerprint: 147C D2AB FA33 0EC5 6E4B  ABF9 2726 3EFD C64A
> ACA1
> >
> > Look like we need to trust the new key: https://serverfault.com/a/569923
> >
> > JinChao Shuai <shuaijinc...@apache.org> 于2021年8月27日周五 下午1:17写道：
> > >
> > > 2. Checksums and signatures steps
> > > The KEYS file download address is from
> > > wget https://dist.apache.org/repos/dist/release/apisix/KEYS
> > > Change to
> > > wget https://dist.apache.org/repos/dist/dev/apisix/KEYS
> > > Reload the public key via `gpg --import KEYS`, and then verify it.
> > >
> > > JinChao Shuai <shuaijinc...@apache.org> 于2021年8月27日周五 下午12:04写道：
> > >
> > > > KEYS has been updated, please download the KEYS file again, and
> import and
> > > > verify it through `gpg --import KEYS`.
> > > >
> > > > Zhiyuan Ju <juzhiy...@apache.org> 于2021年8月27日周五 上午11:17写道：
> > > >
> > > >> Hi,
> > > >>
> > > >> When I try to import KEYS and trust it, GPG tells me `No public
> key`, do I
> > > >> miss something?
> > > >>
> > > >> Best Regards!
> > > >> @ Zhiyuan Ju <https://github.com/juzhiyuan>
> > > >>
> > > >>
> > > >> Zexuan Luo <spacewan...@apache.org> 于2021年8月27日周五 上午11:13写道：
> > > >>
> > > >> > BTW, I have run "gpg --import KEYS" and confirmed that the key
> from
> > > >> > Jinchao Shuai doesn't change.
> > > >> >
> > > >> > Zexuan Luo <spacewan...@apache.org> 于2021年8月27日周五 上午11:02写道：
> > > >> > >
> > > >> > > I checked:
> > > >> > > - Download links are valid
> > > >> > > - Checksums is valid
> > > >> > > - LICENSE and NOTICE files
> > > >> > > - make setup successfully
> > > >> > >
> > > >> > > When I run "gpg --verify
> > > >> apisix-python-plugin-runner-0.1.0-src.tgz.asc",
> > > >> > I got:
> > > >> > > gpg: assuming signed data in
> > > >> 'apisix-python-plugin-runner-0.1.0-src.tgz'
> > > >> > > gpg: Signature made 2021年08月26日 星期四 20时00分35秒 CST
> > > >> > > gpg:                using RSA key
> > > >> > 147CD2ABFA330EC56E4BABF927263EFDC64AACA1
> > > >> > > gpg: Can't check signature: No public key
> > > >> > >
> > > >> > > Maybe I miss something?
> > > >> >
> > > >>
> > > >
> > > >
> > > > --
> > > > Thanks,
> > > > Janko
> > > >
> > >
> > >
> > > --
> > > Thanks,
> > > Janko
>


-- 

*MembPhis*
My GitHub: https://github.com/membphis
Apache APISIX: https://github.com/apache/apisix

Re: [VOTE] Relase Apache APISIX Python Plugin Runner 0.1.0

Reply via email to