On 26 June 2012 21:39, Holly Cummins <[email protected]> wrote: > With some liberal borrowing from the Felix script Guillaume pointed us > to, I've converted Jeremy's release verification instructions > (http://aries.apache.org/development/verifyingrelease.html) into a > shell script. This should make it *much* easier for PMC members to > validate our releases - just point and go. The script is at > https://svn.apache.org/repos/asf/aries/scripts/verify_staged_release.sh. > I've tested on mac, and I believe it will also work on cygwin and > linux, although I'd love to know if it doesn't.
Great works for me on cygwin. Needed to use openssl to get md5sum and sha1sum checking as per the comments in the script. (I was using md5sum command line), > > It imports the Apache keys, downloads the staged artefacts, runs MD5 > and SHA1 checks, verifies the signature, builds the source, and runs > rat checks. A failure in any of those stages will give a FAIL message > in the log which can be grepped for. Doing these steps should be > sufficient to meet the Apache process and allow a PMC member to +1 a > release in clear conscience. > > For example, to verify the current test support release candidate, > just cut and paste: > > wget --no-check-certificate > https://svn.apache.org/repos/asf/aries/scripts/verify_staged_release.sh > chmod a+x verify_staged_release.sh > ./verify_staged_release.sh 256 mytempdirectory &> verifyresults.txt > grep FAIL verifyresults.txt > > To verify the small set of API bundles release candidate, cut and paste: > > wget --no-check-certificate > https://svn.apache.org/repos/asf/aries/scripts/verify_staged_release.sh > chmod a+x verify_staged_release.sh > ./verify_staged_release.sh 269 mytempdirectory &> verifyresults.txt > grep FAIL verifyresults.txt > > Feedback very welcome - hopefully this will make things easier for all of us. > > Holly
