Bharath, is your key set up correctly? Running the script on https://cwiki.apache.org/confluence/display/IMPALA/How+to+Release#HowtoRelease-HowtoVoteonaReleaseCandidate resulted in this warning indicating that your signature is not trusted:
gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Maybe someone who has RM'd before can comment on this. ... gpg: key 6850196C: public key "Jim Apple (CODE SIGNING KEY) <[email protected]>" imported gpg: key 9522D0F3: public key "Taras Bobrovytsky (CODE SIGNING KEY) <[email protected]>" imported gpg: key 64DAB27C: public key "Bharath Vissapragada <[email protected]>" imported gpg: Total number processed: 3 gpg: imported: 3 (RSA: 3) gpg: no ultimately trusted keys found + echo 'If in an interactive shell, At the prompt, enter '\''5'\'' for '\''I trust ultimately'\'', then '\''y'\'' for '\''yes'\'', then '\''q'\'' for '\''quit'\''' If in an interactive shell, At the prompt, enter '5' for 'I trust ultimately', then 'y' for 'yes', then 'q' for 'quit' + [[ ehuxB == *i* ]] + echo 'Download the release artifacts:' Download the release artifacts: + for SUFFIX in gz gz.asc gz.md5 gz.sha512 + wget -q https://dist.apache.org/repos/dist/dev/incubator/impala/2.10.0/RC1/apache-impala-incubating-2.10.0.tar.gz + for SUFFIX in gz gz.asc gz.md5 gz.sha512 + wget -q https://dist.apache.org/repos/dist/dev/incubator/impala/2.10.0/RC1/apache-impala-incubating-2.10.0.tar.gz.asc + for SUFFIX in gz gz.asc gz.md5 gz.sha512 + wget -q https://dist.apache.org/repos/dist/dev/incubator/impala/2.10.0/RC1/apache-impala-incubating-2.10.0.tar.gz.md5 + for SUFFIX in gz gz.asc gz.md5 gz.sha512 + wget -q https://dist.apache.org/repos/dist/dev/incubator/impala/2.10.0/RC1/apache-impala-incubating-2.10.0.tar.gz.sha512 + echo 'Check the checksums:' Check the checksums: + md5sum --check apache-impala-incubating-2.10.0.tar.gz.md5 apache-impala-incubating-2.10.0.tar.gz: OK + sha512sum --check apache-impala-incubating-2.10.0.tar.gz.sha512 apache-impala-incubating-2.10.0.tar.gz: OK + echo 'Check the signature:' Check the signature: + gpg --verify apache-impala-incubating-2.10.0.tar.gz.asc apache-impala-incubating-2.10.0.tar.gz gpg: Signature made Sun 27 Aug 2017 06:48:18 PM PDT using RSA key ID 64DAB27C gpg: Good signature from "Bharath Vissapragada <[email protected]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. On Sun, Aug 27, 2017 at 10:32 PM, Bharath Vissapragada <[email protected]> wrote: > This is a vote to release Impala 2.10.0. > > - The artefacts for testing can be downloaded from < > https://dist.apache.org/repos/dist/dev/incubator/impala/2.10.0/RC1/>. > > - The git tag for this release candidate is 2.10.0-rc1 and tree hash is > visible at > < > https://git-wip-us.apache.org/repos/asf?p=incubator-impala.git;a=tree;hb=2a7c8b9011905bfeb21b0610f0739f9df9daacef >> > > Please vote +1 or -1. -1 votes should be accompanied by an explanation of > the reason. Only PPMC members and mentors have binding votes, but other > community members are encouraged to cast non-binding votes. This vote will > pass if there are 3 binding +1 votes and more binding +1 votes than -1 > votes. > > This wiki page describes how to check the release before you vote: > *https://cwiki.apache.org/confluence/display/IMPALA/How+to+Release#HowtoRelease-HowtoVoteonaReleaseCandidate > <https://cwiki.apache.org/confluence/display/IMPALA/How+to+Release#HowtoRelease-HowtoVoteonaReleaseCandidate>* > > The vote will be open until the end of Wednesday, August 30, Pacific time > zone (UTC-08:00). > Once the vote passes the Impala PPMC vote, it still must pass the incubator > PMC vote before a release is made.
