Thanks, let me review and add some note Thanks Seb
Sebastian Wagner Director Arrakeen Solutions, OM-Hosting.com http://arrakeen-solutions.co.nz/ https://om-hosting.com - Cloud & Server Hosting for HTML5 Video-Conferencing OpenMeetings <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> On Wed, 27 Oct 2021 at 20:29, Maxim Solodovnik <[email protected]> wrote: > > > On Wed, 27 Oct 2021 at 13:26, [email protected] <[email protected]> > wrote: > >> Sry I didn't notice you fixed any files. I did read your email that said >> ACK on the vote and thought that is it. >> >>> So it seems you did manual upload of _previous_ artifacts hashes >>> >> Yeah I did not pull them from the SVN. So subsequence copying the files >> to the release dir was not incorporating any updates to checksum files. >> >> If the SHA files need manual fixing for the formatting and you can't use >> the ones generated by the Maven tool, then it would be good if we update >> the steps in in the step1 section: >> https://openmeetings.apache.org/ReleaseGuide.html#step1---prepare-files >> >> Cause it's not obvious to me. The files are not wrong, they are just not >> formatted for easy consumption for the "shasum --check" tool. Which is not >> very handy I agree. >> >> So maybe let's add some simple script to re-generate the checksums? >> > > Actually, > - every PMC member should check hashes during the VOTE > - checking/creating signatures/hashes is documented here: > https://openmeetings.apache.org/ReleaseGuide.html#step3---sign-web-start-application > > :) > > checking/creating signatures/hashes is oneliner, so not sure it needs THE > script :) > > feel free to improve documentation :) > > >> Thanks >> Seb >> >> Sebastian Wagner >> Director Arrakeen Solutions, OM-Hosting.com >> http://arrakeen-solutions.co.nz/ >> https://om-hosting.com - Cloud & Server Hosting for HTML5 >> Video-Conferencing OpenMeetings >> >> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >> >> >> On Wed, 27 Oct 2021 at 17:39, Maxim Solodovnik <[email protected]> >> wrote: >> >>> these Maven generated hashes are correct >>> But to to check them user need to manually compare long meaningless >>> character sequence :((( >>> >>> I did update the hashes in the SVN for rc3, so they had correct format >>> Then I've notices >>> - there are 2 folders for 6.2.0 (in /dev/ and /release/ area) >>> - the hashes in /release/ area are wrong again >>> >>> So it seems you did manual upload of _previous_ artifacts hashes >>> >>> I'm usually do something like this: >>> >>> ``` >>> svn mv ../../dev/openmeetings/6.1.0/rc1 6.1.0 >>> svn rm ../../dev/openmeetings/6.1.0 >>> svn ci -m "Apache OpenMeetings 6.1.0 is released" ../../dev/openmeetings >>> . >>> ``` >>> >>> this way artifacts are not being reuploaded, but just change their >>> location in SVN >>> this should both save space in SVN and perform the release of the _same_ >>> artifacts being VOTED :))) >>> >>> just an advice for the future :)) >>> >>> >>> On Wed, 27 Oct 2021 at 11:32, [email protected] < >>> [email protected]> wrote: >>> >>>> I did generate those the same like before. They are generated via the >>>> Maven command. Not manually >>>> >>>> It seems the checksums match >>>> % shasum -a 512 6.2.0/bin/apache-openmeetings-6.2.0.tar.gz >>>> 37a42ce7b4ee954013c09820e6501f8996d357327cebeff1e8b125ba3dc74f86f961d2175c81ec7951ce30b255ec833f3118465b838aa543dac3b7a9f85452ca >>>> 6.2.0/bin/apache-openmeetings-6.2.0.tar.gz >>>> % cat 6.2.0/bin/apache-openmeetings-6.2.0.tar.gz.sha512 >>>> >>>> 37a42ce7b4ee954013c09820e6501f8996d357327cebeff1e8b125ba3dc74f86f961d2175c81ec7951ce30b255ec833f3118465b838aa543dac3b7a9f85452ca% >>>> >>>> same like: >>>> https://dist.apache.org/repos/dist/release/openmeetings/6.2.0/bin/apache-openmeetings-6.2.0.tar.gz.sha512 >>>> >>>> I don't see any discrepancy. Not sure what the formatting error in >>>> sha513 means. >>>> >>>> Thanks >>>> Seb >>>> >>>> Sebastian Wagner >>>> Director Arrakeen Solutions, OM-Hosting.com >>>> http://arrakeen-solutions.co.nz/ >>>> https://om-hosting.com - Cloud & Server Hosting for HTML5 >>>> Video-Conferencing OpenMeetings >>>> >>>> <https://www.youracclaim.com/badges/da4e8828-743d-4968-af6f-49033f10d60a/public_url> >>>> <https://www.youracclaim.com/badges/b7e709c6-aa87-4b02-9faf-099038475e36/public_url> >>>> >>>> >>>> On Wed, 27 Oct 2021 at 15:59, Maxim Solodovnik <[email protected]> >>>> wrote: >>>> >>>>> What I mean by "sha512 hashes are no more automatically testable" is: >>>>> >>>>> sha512sum --check >>>>> release/openmeetings/6.2.0/bin/apache-openmeetings-6.2.0.tar.gz.sha512 >>>>> sha512sum: >>>>> release/openmeetings/6.2.0/bin/apache-openmeetings-6.2.0.tar.gz.sha512: no >>>>> properly formatted SHA512 checksum lines found >>>>> >>>>> >>>>> On Wed, 27 Oct 2021 at 09:43, Maxim Solodovnik <[email protected]> >>>>> wrote: >>>>> >>>>>> (subject is fixed, mobile autocorrection) >>>>>> >>>>>> On Wed, 27 Oct 2021 at 09:37, Maxim Solodovnik <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hello Seb, >>>>>>> >>>>>>> Yesterday i've noticed >>>>>>> Both 'dev' and 'release' area has 6.2.0 >>>>>>> >>>>>>> And sha512 hashes are no more automatically testable (I've fixed >>>>>>> this for rc3) >>>>>>> >>>>>>> What were your steps? >>>>>>> >>>>>>> >>>>>>> from mobile (sorry for typos ;) >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Best regards, >>>>>> Maxim >>>>>> >>>>> >>>>> >>>>> -- >>>>> Best regards, >>>>> Maxim >>>>> >>>> >>> >>> -- >>> Best regards, >>> Maxim >>> >> > > -- > Best regards, > Maxim >
