Thank you Colm. Good finding. I have filed https://issues.apache.org/jira/browse/RANGER-2028 to address this.
My suggestion is to proceed with 1.0.0 release since digests are already there as you pointed out. Thanks, Vel From: Colm O hEigeartaigh <[email protected]> Reply-To: "[email protected]" <[email protected]>, "[email protected]" <[email protected]> Date: Friday, March 16, 2018 at 11:35 AM To: "[email protected]" <[email protected]> Subject: Re: [VOTE] Apache Ranger Release 1.0.0-rc1 We are not conforming to the Apache release guidelines surrounding hashes: http://www.apache.org/dev/release-distribution#sigs-and-sums The names of signature and checksum files MUST be formed by adding to the name of the artifact the following suffixes: - .asc for a (ASCII armored) PGP signature - .sha1 for a SHA-1 checksum - .sha256 for a SHA-256 checksum - .sha512 for a SHA-512 checksum - .md5 for a MD5 checksum Is there time to fix it and call another vote? I don't really feel like -1'ing it as the digests are already there, but we are violating the "MUST" in the release policy. Colm. On Thu, Mar 15, 2018 at 2:40 PM, Ramesh Mani <[email protected]> wrote: > +1 for Apache Ranger 1.0.0 rc1 release > > - verified the build > - verified some source files > - verified MD5/SHA and PGP signature. > > > Thanks, > Ramesh > > On 3/14/18, 6:27 PM, "Sailaja Polavarapu" <[email protected]> > wrote: > >> >Rangers: >> >Thank you for your contribution to Apache Ranger community. Apache Ranger >> >1.0.0 release candidate #1 is now available for a vote within dev >> >community. Links to release artifacts are given below. I kindly request >> >all of the Rangers (dev & PMC members) to review and vote on this release. >> > >> >Git tag for the release: >> > >> >https://github.com/apache/ranger/tree/release-1.0.0-rc1 (last commit id: >> >c79aad4362b6f806da47462ec84e35108ba8eb1f) >> > >> > >> >Sources for the release: >> >https://dist.apache.org/repos/dist/dev/ranger/1.0.0-rc1/apache-ranger-1.0 > . >> >0.tar.gz >> > >> > >> >Source release verification: >> > >> >PGP Signature: >> > >> >https://dist.apache.org/repos/dist/dev/ranger/1.0.0-rc1/apache-ranger-1.0 > . >> >0.tar.gz.asc >> > >> > >> >MD5/SHA Hash: >> > >> >https://dist.apache.org/repos/dist/dev/ranger/1.0.0-rc1/apache-ranger-1.0 > . >> >0.tar.gz.mds >> > >> > >> >Keys to verify the signature of the release artifact are available at: >> > >> >https://dist.apache.org/repos/dist/release/ranger/KEYS >> > >> > >> >Release Notes: >> > >> > >> >https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=75975356 >> > >> > >> >Build verification steps can be found at: >> > >> > http://ranger.apache.org/quick_start_guide.html >> > >> > >> >The vote will be open for at least 72 hours or until necessary number of >> >votes are reached. >> >[ ] +1 approve >> >[ ] +0 no opinion >> >[ ] -1 disapprove (and reason why) >> > >> >Here is my +1 >> > >> >Thanks, >> >Sailaja. >> > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
