Hello Adam, I have followed these steps, step 2 and step 3 are OK. Step 1 (signature is not passing).
*************VALIDATION STEPS************* Step 1 version=1.12.1 svn checkout https://dist.apache.org/repos/dist/dev/fineract/$version/ cd $version sha512sum -c "apache-fineract-$version-src.tar.gz.sha512" gpg --verify "apache-fineract-$version-src.tar.gz.asc" sha512sum -c "apache-fineract-$version-binary.tar.gz.sha512" gpg --verify "apache-fineract-$version-binary.tar.gz.asc" Look for "Good signature from..." messages from gpg, and ignore a warning like "This key is not certified...". See below for details. Step 2 tar -xzf "apache-fineract-$version-src.tar.gz" cd "apache-fineract-src-$version" ./gradlew build -x test -x doc cd .. That should succeed and you should find binary and source tarballs in fineract-war/build/distributions/ . See below for details. Step 3 Before running this you must start a database server and ensure the fineract_default and fineract_tenant databases exist. Then: tar -xzf "apache-fineract-$version-binary.tar.gz" cd "apache-fineract-binary-$version" cat << 'EndOfRcenv' >> rcenv FINERACT_SERVER_SSL_ENABLED=false FINERACT_SERVER_PORT=8080 BACKEND_PROTOCOL=http BACKEND_PORT=$FINERACT_SERVER_PORT EndOfRcenv docker run --rm -it -v "$(pwd):/usr/local/tomcat/webapps" --net=host --env-file=rcenv tomcat:jre17 cd .. At that point http://localhost:8080/fineract-provider/actuator/health should work and you should be able to make API calls against http://localhost:8080/fineract-provider/api/v1 . ********************** I got signature errors (checksum format not valid and no public signature available) **************SIGNATURE ERRORS******************* apache/release/1.12.1 ❯ sha512sum -c "apache-fineract-$version-src.tar.gz.sha512" sha512sum: apache-fineract-1.12.1-src.tar.gz.sha512: no se encontraron líneas de suma de comprobación SHA512 con formato correcto apache/release/1.12.1 ❯ gpg --verify "apache-fineract-$version-src.tar.gz.asc" gpg: asumiendo que los datos firmados están en 'apache-fineract-1.12.1-src.tar.gz' gpg: Firmado el lun 21 jul 2025 13:37:01 CST gpg: usando EDDSA clave 250775BDB5FE7D53E4AF95C00E895A1A7A090CFC gpg: Imposible comprobar la firma: No hay clave pública apache/release/1.12.1 ❯ sha512sum -c "apache-fineract-$version-binary.tar.gz.sha512" sha512sum: apache-fineract-1.12.1-binary.tar.gz.sha512: no se encontraron líneas de suma de comprobación SHA512 con formato correcto apache/release/1.12.1 ❯ gpg --verify "apache-fineract-$version-binary.tar.gz.asc" gpg: asumiendo que los datos firmados están en 'apache-fineract-1.12.1-binary.tar.gz' gpg: Firmado el lun 21 jul 2025 13:37:12 CST gpg: usando EDDSA clave 250775BDB5FE7D53E4AF95C00E895A1A7A090CFC gpg: Imposible comprobar la firma: No hay clave pública **************SIGNATURE ERRORS******************* El jue, 24 jul 2025 a las 10:03, Adam Monsen (<meonk...@apache.org>) escribió: > Thanks everyone for your help so far. We're making progress but we're > not done yet. Please review > https://www.apache.org/legal/release-policy.html#release-approval and > https://www.apache.org/legal/release-policy.html#approving-a-release , > we need at least 3 binding votes, and that includes checking sigs & > checksums, download/build/test per instructions in my VOTE email. > > If you want live help just ping me in chat (the public channel please, > not 1:1). > >
