Yeah, I didn't have write permission to SVN https://dist.apache.org/repos/dist/ which I assumed was because I'm a committer and not on the PMC. I've enlisted a PMC member's help to put the release up there if this vote passes.
On Mon, May 15, 2017 at 3:13 PM, Joe Witt <[email protected]> wrote: > just need to update that dist key file is all. I think mike did > update the git entry. > > On Mon, May 15, 2017 at 3:12 PM, James Wing <[email protected]> wrote: >> Michael, >> >> What's the plan for the PGP key distribution, or how do we get your key >> into the KEYS file? >> >> Thanks, >> >> James >> >> On Sun, May 14, 2017 at 5:36 PM, Michael Moser <[email protected]> wrote: >> >>> Hello Apache NiFi community, >>> >>> Please find the associated guidance to help those interested in >>> validating/verifying the 0.7.3 release so they can vote. >>> >>> # Download latest KEYS file: >>> https://dist.apache.org/repos/dist/dev/nifi/KEYS >>> >>> # Download the key used to sign this release: >>> https://people.apache.org/keys/committer/mosermw.asc >>> >>> # Import keys file: >>> gpg --import KEYS >>> >>> # Import key used to sign this release: >>> gpg --import mosermw.asc >>> >>> # [optional] Clear out local maven artifact repository >>> >>> # Pull down nifi-0.7.3 source release artifacts for review: >>> wget https://repository.apache.org/content/repositories/ >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3- >>> source-release.zip >>> wget https://repository.apache.org/content/repositories/ >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3- >>> source-release.zip.asc >>> wget https://repository.apache.org/content/repositories/ >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3- >>> source-release.zip.md5 >>> wget https://repository.apache.org/content/repositories/ >>> orgapachenifi-1105/org/apache/nifi/nifi/0.7.3/nifi-0.7.3- >>> source-release.zip.sha1 >>> >>> # Verify the signature >>> gpg --verify nifi-0.7.3-source-release.zip.asc >>> >>> # Verify the hashes (md5, sha1, sha256) match the source and what was >>> provided in the vote email thread >>> # NOTE: the repository does not have the >>> nifi-0.7.3-source-release.zip.sha256 file, please find that hash in >>> the vote email thread >>> md5sum nifi-0.7.3-source-release.zip >>> sha1sum nifi-0.7.3-source-release.zip >>> sha256sum nifi-0.7.3-source-release.zip >>> >>> # Unzip nifi-0.7.3-source-release.zip >>> >>> # Verify the build works including release audit tool (RAT) checks >>> cd nifi-0.7.3 >>> mvn clean install -Pcontrib-check >>> >>> # Verify the contents contain a good README, NOTICE, and LICENSE. >>> >>> # Verify the git commit ID is correct >>> >>> # Verify the RC was branched off the correct git commit ID >>> >>> # Look at the resulting convenience binary as found in nifi-assembly/target >>> >>> # Make sure the README, NOTICE, and LICENSE are present and correct >>> >>> # Run the resulting convenience binary and make sure it works as expected >>> >>> # Send a response to the vote thread indicating a +1, 0, -1 based on >>> your findings. >>> >>> Thank you for your time and effort to validate the release! >>>
