Oops, of course. [email protected] <[email protected]> On Mon, Mar 11, 2019 at 3:53 AM Kenneth Knowles <[email protected]> wrote:
> Did you mean to reply-all to the dev@ list too? > > On Sun, Mar 10, 2019 at 6:50 PM Michael Luckey <[email protected]> > wrote: > >> Thanks, @Ahmet Altay <[email protected]> We need to look into those >> issues. >> >> Opened PR [1], which should enable releasing with gradle 5. Also stumbled >> upon usage of gradle release plugin [2] and version management [3]. Both of >> them were somehow part of discussion on mailing list [4]. Not sure about >> progress here, @Kenneth Knowles <[email protected]> >> >> [1] https://github.com/apache/beam/pull/8026 >> [2] https://issues.apache.org/jira/browse/BEAM-6798 >> [3] https://issues.apache.org/jira/browse/BEAM-6799 >> [4] >> https://lists.apache.org/thread.html/205472bdaf3c2c5876533750d417c19b0d1078131a3dc04916082ce8@%3Cdev.beam.apache.org%3E >> >> On Sat, Mar 9, 2019 at 2:23 AM Ahmet Altay <[email protected]> wrote: >> >>> >>> >>> On Fri, Mar 8, 2019 at 2:55 AM Robert Bradshaw <[email protected]> >>> wrote: >>> >>>> On Fri, Mar 8, 2019 at 2:42 AM Ahmet Altay <[email protected]> wrote: >>>> > >>>> > This sounds good to me. >>>> > >>>> > On Thu, Mar 7, 2019 at 3:32 PM Michael Luckey <[email protected]> >>>> wrote: >>>> >> >>>> >> Thanks for your comments. >>>> >> >>>> >> So to continue here, I ll prepare a PR implementing C: >>>> >> >>>> >> Pass the sign key to the relevant scripts and use that for signing. >>>> There is something similar already implemented [1] >>>> >> >>>> >> We might discuss on that, whether it will work for us or if we need >>>> to implement something different. >>>> >> >>>> >> This should affect at least 'build_release_candidate.sh' and >>>> 'sign_hash_python_wheels.sh'. The release manager is responsible for >>>> selecting the proper key. Currently there is no 'state passed between the >>>> scripts', so the release manager will have to specify this repeatedly. This >>>> could probably be improved later on. >>>> > >>>> > This might become a problem. Is it possible for us to tackle this >>>> sooner than later? >>>> >>>> Requiring a key seems to be a good first step. (Personally, I like to >>>> be very explicit about what I sign.) Supporting defaults (e.g. in a >>>> ~/.beam-release config file) is a nice to have. >>>> >>> >>> +1 >>> >>> >>>> >>>> >> @Ahmet Altay Could you elaborate which global state you are >>>> referring to? Is it only that git global configuration of the signing key? >>>> [2] >>>> > >>>> > I was referring to things not related to signing. I do not want to >>>> digress this thread but briefly I was referring to global installations of >>>> binaries with sudo and changes to bashrc file. We can work on those >>>> improvements separately. >>>> >>>> That's really bad. +1 to fixing these (as a separate bug). >>>> >>> >>> Filed https://issues.apache.org/jira/browse/BEAM-6795 with some >>> additional information. >>> >>
