Yes, some of our code signing keys need a keysigning party.
On Mon, Jun 2, 2014 at 12:15 PM, Stack <[email protected]> wrote: > +1 > > Trying to follow new release policy sketch [1]: > > Downloaded src bundle. Hash is good. Checking signature I got this: > > unknown-10-87-5-x:hbase-0.98.3-hadoop2 stack$ gpg --verify > hbase-0.98.3-src.tar.gz.asc hbase-0.98.3-src.tar.gz > gpg: Signature made Sat May 31 23:05:47 2014 PDT using RSA key ID D5365CCD > gpg: Good signature from "Andrew Purtell (CODE SIGNING KEY) < > [email protected]>" > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner. > Primary key fingerprint: 50F1 E8BB 7C67 AB14 BDFC 0A21 8597 754D D536 5CCD > > Lets fix offline Andy. > > Ran RAT tool. Came back clean. > > Built the hadoop2 src bundle. > > Started it, loaded up some data. Verified it made it there. No mess in > logs... > > Started the -bin-hadoop2 over a dataset written by tip of master on small > cluster. It came up fine. Ran bunch of random read tests against it. > Works. > > St.Ack > 1. https://github.com/rectang/asfrelease/blob/master/release.md > > > On Sun, Jun 1, 2014 at 12:13 PM, Andrew Purtell <[email protected]> > wrote: > > > The 3rd HBase 0.98.3 release candidate (RC2) is available for download at > > http://people.apache.org/~apurtell/0.98.3RC2/ and Maven artifacts are > > also available in the temporary repository > > https://repository.apache.org/content/repositories/orgapachehbase-1024/ > > > > Signed with my code signing key D5365CCD. > > > > The issues resolved in this release can be found here: > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12310753&version=12326765 > > > > > > Please try out the candidate and vote +1/-1 by midnight Pacific Time > (00:00 > > -0800 GMT) on June 7 on whether or not we should release this as 0.98.3. > > Three +1 votes from PMC will be required to release. > > > > -- > > Best regards, > > > > - Andy > > > > Problems worthy of attack prove their worth by hitting back. - Piet Hein > > (via Tom White) > > > -- Best regards, - Andy Problems worthy of attack prove their worth by hitting back. - Piet Hein (via Tom White)
