+1 (binding) Tested by running Svet's verify script.
Do a clean extract of source repo for next steps. ------------------------------------------- Checks successfully completed: [✓] Download links work. [✓] Checksums and PGP signatures are valid. [✓] Expanded source archive matches contents of RC tag. [✓] Expanded source archive builds and passes tests. [✓] LICENSE is present and correct. [✓] NOTICE is present and correct, including copyright date. [✓] No compiled archives bundled in source archive. Additional manual steps done (execute in source distribution folder apache-brooklyn-0.10.0-src: * Check for files with invalid headers in source distribution. There are already files excluded from RAT checks, do a sanity check. * Check for binary files in source distribution. Look for files which are created/compiled based on other source files in the distribution. "Primary" binary files like images are acceptable. Checks left to do manually with the help of above instructions: [✓] All files have license headers where appropriate: I relied on the rat check when running `mvn clean install` for checking that "all files have license headers where appropriate". [-] All dependencies have compatible licenses. On 19 December 2016 at 17:28, Svetoslav Neykov < [email protected]> wrote: > Geoff, > > > I checked the checksums with the release verification script. Is this in > > source control somewhere? I'll offer this to add to it: > > See https://github.com/apache/brooklyn-dist/pull/65 < > https://github.com/apache/brooklyn-dist/pull/65> and in particular > https://github.com/neykov/brooklyn-dist/blob/ > 9e43edd4f7d65b0553ce41a0405e1be4c8abc364/release/verify_brooklyn_rc.sh < > https://github.com/neykov/brooklyn-dist/blob/ > 9e43edd4f7d65b0553ce41a0405e1be4c8abc364/release/verify_brooklyn_rc.sh> > for an initial implementation of these kind of checks (obviously to be > expanded where possible). > > Svet. > > > > On 19.12.2016 г., at 18:17, Geoff Macartney <geoff.macartney@ > cloudsoftcorp.com> wrote: > > > > +1 > > > > [x] Download links work. > > [x] Binaries work. > > [x] Checksums and PGP signatures are valid. > > [x] Expanded source archive matches contents of RC tag. > > [x] Expanded source archive builds and passes tests. > > [x] LICENSE is present and correct. > > [x] NOTICE is present and correct, including copyright date. > > [x] All files have license headers where appropriate. > > [-] All dependencies have compatible licenses. > > [x] No compiled archives bundled in source archive. > > [x] I follow this project’s commits list. > > > > I deployed the classic tarball and karaf versions to Ubuntu using Java 8 > > and 7, > > and the RPM to Centos 7, and was able to deploy sample applications to > AWS > > and SL. > > > > I checked the checksums with the release verification script. Is this in > > source > > control somewhere? I'll offer this to add to it: > > > > function licenses_and_notices () { > > local filename=$1 > > local copyright='Copyright 2014-2016 The Apache Software > Foundation' > > for tarball in `ls *.tar.gz`; do > > container=$( tar tf $tarball | awk NR==1 ) > > tar tf $tarball | grep -q ${container}LICENSE > > tar tf $tarball | grep -q ${container}NOTICE > > tar xOf $tarball ${container}NOTICE | grep -q "${copyright}" > > done > > } > > > > licenses_and_notices > > > > Notes: > > > > I was able to deploy a WebServer + 3-node Riak demo app to Softlayer > > without problem, > > and didn't see the "hostname is (none)" problem mentioned previously by > > Svet. > > > > I tested https access (with Karaf version) and access to it using "br" > > (from Mac) without > > observing the crash Svet saw: > > > > ./br login https://10.10.10.102:8443 geoff password > > Get https://10.10.10.102:8443/v1/server/version: x509: cannot > validate > > certificate for 10.10.10.102 because it doesn't contain any IP SANs > > > > ./br --skipSslChecks login https://10.10.10.102:8443 geoff password > > Connected to Brooklyn version 0.10.0 at https://10.10.10.102:8443 > > > > ./br app > > Id | Name | Status | Location > > > > > > Tested the above on Linux and Mac. I also tried 1000 consecutive logins > > and didn't see the > > segfault as mentioned in the comment on BROOKLYN-416. I don't know why > Svet > > is seeing these > > problems; my own tests would indicate that br is working ok. Anyone else > > able to say what > > they are seeing? > > > > Caveat: > > > > I did see the behaviour that Svet describes on the main.uri on the sample > > applications. > > I thought hard about whether this should prevent us releasing. On the one > > hand, there > > is a possible risk of a poor impression on users trying Brooklyn for the > > first time if > > its own sample apps appear not to work well. On the other hand it's > fairly > > clear just from > > looking at the URL what network it is on, so it shouldn't really be too > > confusing. In > > the end what persuaded me was checking back to 0.9.0, and this behaviour > > was already > > there, so this is not a regression. Not that that matters as such, but as > > far as I recall > > there was no feedback on the mailing list about this, so it does not seem > > to have actually > > caused a problem for anyone in practice. I'm therefore happy enough to > say > > +1. > > At the same time I think it is something that we should tidy up for the > > future. > > > > Geoff > > > > > > > > > > > > On Mon, 19 Dec 2016 at 11:51 Svetoslav Neykov < > > [email protected]> wrote: > > > >> +1 (binding) > >> > >> Caveats: > >> * hostname on Softlayer-provisioned machines is "(none)" > >> * On Softlayer App Wizard examples "Template 2: Python Web Server", > >> "Template 3: Bash Web Server and Riak Cluster" list the private IP for > >> "main.uri" (with no "xxx.public/private" alternatives). It's easy to > think > >> that it's not working. If public IP is used it's reachable. Some of the > >> items have the sensor propagated to top, but it's still the private IP > >> * "main.uri" is not propagated to root app (for most examples), need > to > >> drill down to first child to get the sensors > >> * br - getting fatal error sometimes ( > >> https://issues.apache.org/jira/browse/BROOKLYN-416 < > >> https://issues.apache.org/jira/browse/BROOKLYN-416>). Not a new problem > >> it seems. > >> * br - can't use --skipSslChecks, still getting "Get > >> https://localhost:8443/v1/server/version: x509: certificate is valid > for > >> web-console, not localhost" from Karaf dist. > >> * If I log in into two localhost ports at the same time I get CSRF > Token > >> errors from the page that got loaded first. Using them one by one works > >> fine. > >> > >> Could be easily convinced that item 2 from above doesn't deserve a +1, > >> thoughts? > >> > >> > >> ------------------- > >> > >> > >> Tested by running the verify script from > >> https://github.com/neykov/brooklyn-dist/blob/ > 9e43edd4f7d65b0553ce41a0405e1be4c8abc364/release/verify_brooklyn_rc.sh > >> < > >> https://github.com/neykov/brooklyn-dist/blob/ > 9e43edd4f7d65b0553ce41a0405e1be4c8abc364/release/verify_brooklyn_rc.sh> > >> (https://github.com/apache/brooklyn-dist/pull/65 < > >> https://github.com/apache/brooklyn-dist/pull/65>). > >> Expanded the -bin & -karaf, running with local brooklyn.properties. > >> Deployed the example apps to AWS & Softlayer (with preconfigured > locations). > >> Expanded the OS X br client and tried it against Classic (https) & Karaf > >> (non-https); > >> > >> [✓] Download links work. > >> [✓] Binaries work. > >> [✓] Checksums and PGP signatures are valid. > >> [✓] Expanded source archive matches contents of RC tag. > >> [✓] Expanded source archive builds and passes tests. > >> [✓] LICENSE is present and correct. > >> [✓] NOTICE is present and correct, including copyright date. > >> [✓] All files have license headers where appropriate. > >> [✓] All dependencies have compatible licenses. > >> [✓] No compiled archives bundled in source archive. > >> [-] I follow this project’s commits list. > >> > >> > >> Svet. > >> > >> > >>> On 18.12.2016 г., at 19:14, Aled Sage <[email protected]> wrote: > >>> > >>> +1 (binding) > >>> > >>> I downloaded the tar.gz, and ran it on OS X. I deployed TomcatServer to > >> AWS, Softlayer, Openstack (bluebox-london) and Google Compute Engine. > >>> > >>> I ran the verify_brooklyn_rc.sh script (see attachment in rc1 vote). > >>> > >>> I relied on the rat check when running `mvn clean install` for checking > >> that "all files have license headers where appropriate". > >>> > >>> I checked that each tar.gz in [1] contained a top-level LICENSE and > >> NOTICE file (including the text "Copyright 2014-2016 The Apache Software > >> Foundation"). > >>> > >>> [-] Download links work. > >>> [-] Binaries work. > >>> [x] Checksums and PGP signatures are valid. > >>> [-] Expanded source archive matches contents of RC tag. > >>> [x] Expanded source archive builds and passes tests. > >>> [x] LICENSE is present and correct. > >>> [x] NOTICE is present and correct, including copyright date. > >>> [x] All files have license headers where appropriate. > >>> [-] All dependencies have compatible licenses. > >>> [x] No compiled archives bundled in source archive. > >>> [x] I follow this project’s commits list. > >>> > >>> Aled > >>> > >>> [1] > >> https://dist.apache.org/repos/dist/dev/brooklyn/apache- > brooklyn-0.10.0-rc3 > >>> > >>> > >>> On 16/12/2016 12:34, Svetoslav Neykov wrote: > >>>> This is to call for a vote for the release of Apache Brooklyn 0.10.0. > >>>> > >>>> This release comprises of a source code distribution, and a > >> corresponding > >>>> binary distribution, and Maven artifacts. > >>>> > >>>> The source and binary distributions, including signatures, digests, > >> etc. can > >>>> be found at: > >>>> > >>>> > >> https://dist.apache.org/repos/dist/dev/brooklyn/apache- > brooklyn-0.10.0-rc3 > >>>> > >>>> The artifact SHA-256 checksums are as follows: > >>>> > >>>> 9ae6ec9f6e2356264fd2032d224965d191e5eab5a5346f8a9de5b05271650157 > >> *apache-brooklyn-0.10.0-rc3-1.noarch.rpm > >>>> b43c1fc20409594d17151d68b550bb17d8ea5a5592e0b7fbdcf489a81ca2118e > >> *apache-brooklyn-0.10.0-rc3-bin.tar.gz > >>>> cb7df99f024e918c5517097d904a68d9976c5bf913c9dd64edebb6b5b6e5a89e > >> *apache-brooklyn-0.10.0-rc3-bin.zip > >>>> d65d2525507d40fa0b554b13a57190a724213610a7615082d53137b7bab4b5d5 > >> *apache-brooklyn-0.10.0-rc3-client-cli-linux.tar.gz > >>>> 4d13118fca8e02aaf5b4ab3b3f305d139450bcf64d290781609643c4622b8cb5 > >> *apache-brooklyn-0.10.0-rc3-client-cli-linux.zip > >>>> 375eb6a4944a7758dc790a75bd4a0abc782a4ba66af754b4162bbb66a33902d8 > >> *apache-brooklyn-0.10.0-rc3-client-cli-macosx.tar.gz > >>>> 9d95e0679e603a9184ada88b63b0c4e8f8503eb51677e04ae59f4aa05f454860 > >> *apache-brooklyn-0.10.0-rc3-client-cli-macosx.zip > >>>> 502e0999d3612f0eb4027d24312da67a67183fc127074ec815b3c72f5de41d87 > >> *apache-brooklyn-0.10.0-rc3-client-cli-windows.tar.gz > >>>> 1e1ec0210e53faaf9ef1d8907275535a197b341df80e0832067967f4075db191 > >> *apache-brooklyn-0.10.0-rc3-client-cli-windows.zip > >>>> a32c65628bf897c66ed8bd820a2ce5268bba52815b46f805795e9b51ac836912 > >> *apache-brooklyn-0.10.0-rc3-karaf.tar.gz > >>>> 4b840de7ab986ba64ffba4b98748ca87818718ac3e386bb2d978533e4fa35f62 > >> *apache-brooklyn-0.10.0-rc3-karaf.zip > >>>> 7906b3dba2278c9648f2b340a532d3030536a6a8f1c920311bdcd585a42111e8 > >> *apache-brooklyn-0.10.0-rc3-src.tar.gz > >>>> 4579e5e27c2751b5e8b57bab126ae683aa34aa42d6e13eb6c922951df6947b4c > >> *apache-brooklyn-0.10.0-rc3-src.zip > >>>> b361ada2d4cc1334e72b44986b96e6302aaa24464252c3782f7b679bfa5da858 > >> *apache-brooklyn-0.10.0-rc3-vagrant.tar.gz > >>>> 393df963f6b952ec8c05c1aa0ab0d459037e0972798f17ba7d0221f7e3570440 > >> *apache-brooklyn-0.10.0-rc3-vagrant.zip > >>>> > >>>> The Nexus staging repository for the Maven artifacts is located at: > >>>> > >>>> > >> https://repository.apache.org/content/repositories/ > orgapachebrooklyn-1034 > >>>> > >>>> All release artifacts are signed with the following key: > >>>> > >>>> https://people.apache.org/keys/committer/svet.asc > >>>> > >>>> KEYS file available here: > >>>> > >>>> https://dist.apache.org/repos/dist/release/brooklyn/KEYS > >>>> > >>>> > >>>> The artifacts were built from git commit IDs: > >>>> > >>>> brooklyn: 1d7ab19ffba2c87e9ad1b037fb217dc7d39506c9 > >>>> brooklyn-client: 0e870fa15714c5a050bb67d6fa0429ff90a8fa4c > >>>> brooklyn-dist: dda655c45abab34601a5e62250431ea93fdf1755 > >>>> brooklyn-docs: d75752725ef6683a0f52e3059ed475dc69872f9e > >>>> brooklyn-library: 9fbc78cb4a9d1dccdbdbb70a1ee48f2afddfe067 > >>>> brooklyn-server: 41561635e3bbb0524dbeaae516a26c793174fd93 > >>>> brooklyn-ui: a6e2e8bccfdd98b4f7155b5be86f5b85149e0f33 > >>>> All of the above have been tagged as "apache-brooklyn-0.10.0-rc3" > >>>> > >>>> Please vote on releasing this package as Apache Brooklyn 0.10.0. > >>>> > >>>> The vote will be open for at least 72 hours. > >>>> [ ] +1 Release this package as Apache Brooklyn 0.10.0 > >>>> [ ] +0 no opinion > >>>> [ ] -1 Do not release this package because ... > >>>> > >>>> > >>>> Thanks! > >>>> Svet. > >>>> > >>>> > >>>> CHECKLIST for reference > >>>> > >>>> [ ] Download links work. > >>>> [ ] Binaries work. > >>>> [ ] Checksums and PGP signatures are valid. > >>>> [ ] Expanded source archive matches contents of RC tag. > >>>> [ ] Expanded source archive builds and passes tests. > >>>> [ ] LICENSE is present and correct. > >>>> [ ] NOTICE is present and correct, including copyright date. > >>>> [ ] All files have license headers where appropriate. > >>>> [ ] All dependencies have compatible licenses. > >>>> [ ] No compiled archives bundled in source archive. > >>>> [ ] I follow this project’s commits list. > >>> > >>> > >> > >> > >
