On Tue, Jan 3, 2017 at 12:56 AM, Josh Elser <[email protected]> wrote:
> Obligatory: sorry, I didn't make the time to look at it today. Thanks, > Drew, for covering my butt! I will do this first thing in the morning, but > I wanted to comment on two things before I forget. > > Edward Capriolo wrote: > >> * The git commit ID is good to see (not just the tag), but linking to >> your personal github acct is a little out-of-the-normal to me. >> >> Yes. I plan on pushing that commit to apache git as the tag once the vote >> is complete. Normally the maven release WOULD push the tag but we are >> voting on the tag so I did not want to push it until it is +1ed. >> > > In the shortest way possible: this isn't how this works :) > > You *must* push the commit which is being voted on. The thing being voted > upon must exist in the VCS. It is very normal to avoid pushing a tag that > would imply a release (e.g. gossip-0.1.1-incubating), and it is common to > see an "RC" tag pushed instead (e.g. gossip-0.1.1-incubating-rc1). Yes, > this often requires a little bit of scripting or manual tag/push logic on > your part. It's pretty common to see a little bash script that encapsulates > this logic. > > I have pushed the tag as >> https://github.com/apache/incubator-gossip/tree/gossip-0.1. >> 1-incubating-rc1when >> the vote is complete I will re-tag as >> https://github.com/apache/incubator-gossip/tree/gossip-0.1.1-incubating >> >> *The manifest at the start of the KEYS file doesn't list you key although >> the it present at the end of the file. >> >> My manifest is after Taylors key (towards the middle of the file) >> >> * For the checksums, I'm guessing you copied the wrong filename. >> I assume you meant those are the checksums for >> gossip-0.1.1-incubating-source-release.zip as a gpg signature doesn't >> require >> a checksum to ensure it was not tampered with >> >> The maven process signed every artifact here: >> https://repository.apache.org/content/repositories/orgapache >> gossip-1001/org/apache/gossip/gossip/0.1.1-incubating/ >> I have verified these locally. >> >> The correct URL to the keys file is here: >> https://dist.apache.org/repos/dist/release/incubator/gossip/KEYS >> > > Please re-read what I wrote :). I did not state that the checksums or > signatures were bad/wrong. The URL in your VOTE email to the file which the > checksums and signatures are for was incorrect/nonsensical. > > You *must* push the commit which is being voted on. The thing being voted upon must exist in the VCS. It is very normal to avoid pushing a tag that would imply a release (e.g. gossip-0.1.1-incubating), and it is common to see an "RC" tag pushed instead (e.g. gossip-0.1.1-incubating-rc1). Yes, this often requires a little bit of scripting or manual tag/push logic on your part. It's pretty common to see a little bash script that encapsulates this logic. The tag is pushed from last email. I have pushed the tag as https://github.com/apache/incubator-gossip/tree/gossip-0.1.1-incubating-rc1 the vote is complete I will re-tag as https://github.com/apache/incubator-gossip/tree/gossip-0.1.1-incubating The checksums are verified. [edward@jackintosh train]$ wget https://repository.apache.org/content/repositories/orgapachegossip-1001/org/apache/gossip/gossip/0.1.1-incubating/gossip-0.1.1- [edward@jackintosh train]$ cat gossip-0.1.1-incubating-source-release.zip.md5 804b942e73a2b82c9b7a2ac6062e9e0d [edward@jackintosh train]$ md5sum gossip-0.1.1-incubating-source-release.zip 804b942e73a2b82c9b7a2ac6062e9e0d gossip-0.1.1-incubating-source-release.zip Is there any show stopper open left outside of typos in the vote email that will be an issue?
