Hi Kaijie,
> Just curious, why does the sha512 file use an uncommon format?
We used gpg to generate sha512. It can be verified by
GZ=apache-ratis-2.4.0-src.tar.gz; gpg --print-md SHA512 $GZ | diff -
$GZ.sha512
Since gpg is required for generating the signatures, we use it as well to
generate sha512 instead of having an additional dependency.
Tsz-Wo
On Tue, Oct 11, 2022 at 3:25 PM Tsz Wo Sze <[email protected]> wrote:
> +1
> - Verified all checksums and signatures.
> - Checked LICENSE and NOTICE.
> - Compared the files in the src tarball with the files in git.
> - Built from source successfully.
> - Passed all unit tests.
> - Successfully ran examples and ratis shell.
>
> 2022-10-11 15:08:13 INFO StateMachine:176 - LEADER:s0-1: a = 3 = 3
>
> 2022-10-11 15:08:29 INFO StateMachine:176 - LEADER:s0-3: b = 4 = 4
>
> 2022-10-11 15:09:20 INFO StateMachine:176 - LEADER:s0-5: c = (a + b) = 7
>
> Thanks a lot!
> Tsz-Wo
>
>
> On Tue, Oct 11, 2022 at 2:56 PM Kaijie Chen <[email protected]> wrote:
>
>> Thanks Yaolong for working on this.
>>
>> Just curious, why does the sha512 file use an uncommon format?
>> The content itself is correct, btw.
>>
>> $ shasum -c apache-ratis-2.4.0-src.tar.gz.sha512
>> shasum: apache-ratis-2.4.0-src.tar.gz.sha512: no properly formatted SHA
>> checksum lines found
>>
>> Example of the conventional format:
>>
>>
>> https://dist.apache.org/repos/dist/release/spark/spark-3.3.0/SparkR_3.3.0.tar.gz.sha512
>>
>> https://dist.apache.org/repos/dist/release/hadoop/common/hadoop-3.3.4/hadoop-3.3.4-site.tar.gz.sha512
>>
>> $ shasum -c hadoop-3.3.4-site.tar.gz.sha512
>> hadoop-3.3.4-site.tar.gz: OK
>> $ shasum -c SparkR_3.3.0.tar.gz.sha512
>> SparkR_3.3.0.tar.gz: OK
>>
>> Thanks,
>> Kaijie
>>
>> ---- On Tue, 11 Oct 2022 13:40:02 +0800 William Song wrote ---
>> > Thanks for working on this.
>> >
>> > +1 (non-binding)
>> >
>> > * Verified git hash
>> > * Built Ratis from source locally
>> > * Updated Ratis version in IoTDB and ran tests
>> >
>> > William
>> >
>> > > 2022年10月10日 21:23,Yaolong Liu [email protected]> 写道:
>> > >
>> > > Hi all,
>> > >
>> > >
>> > > I am calling a vote for Apache Ratis Release 2.4.0 rc5. Compared to
>> rc4, this
>> > > round of release fix bin tarball LICENCE related issue.
>> > >
>> > >
>> > >
>> > > The git tag to be voted upon:
>> > >
>> > >
>> > > https://github.com/apache/ratis/tree/ratis-2.4.0-rc5
>> > >
>> > >
>> > > The git commit hash:
>> > >
>> > >
>> > > 48cba75f6458900ff7365dcdcc76242442b7b004
>> > >
>> > >
>> > > The source and binary tarballs can be found at:
>> > >
>> > >
>> > > https://dist.apache.org/repos/dist/dev/ratis/2.4.0/rc5
>> > >
>> > >
>> > > Fingerprint of the PGP key release artifacts are signed with:
>> > >
>> > >
>> > > 444D 29C9 DEEF A0E7 3D90 4BA5 2973 DD33 3371 E759
>> > >
>> > >
>> > > My public key to verify signatures can be found in:
>> > >
>> > >
>> > > https://dist.apache.org/repos/dist/dev/ratis/KEYS
>> > >
>> > >
>> > > Maven artifacts are staged at:
>> > >
>> > >
>> > >
>> https://repository.apache.org/content/repositories/orgapacheratis-1129/
>> > >
>> > >
>> > > This vote will remain open for 7 days.
>> > >
>> > >
>> > > [ ] +1 approve
>> > >
>> > >
>> > > [ ] +0 no opinion
>> > >
>> > >
>> > > [ ] -1 disapprove (and reason why)
>> > >
>> > >
>> > > Starting with my +1 (binding):
>> > >
>> > >
>> > > * Verified checksum, signature, git hash
>> > >
>> > >
>> > > * Checked LICENSE and NOTICE
>> > >
>> > >
>> > > * Compared source tarball to repo at the given tag
>> > >
>> > >
>> > > * Built from source
>> > >
>> > >
>> > > * Ran regular Ratis CI [1]
>> > >
>> > >
>> > > Please vote on releasing this RC. Thank you in advance.
>> > >
>> > >
>> > > -Yaolong
>> > >
>> > >
>> > > [1]
>> https://github.com/codings-dan/incubator-ratis/actions/runs/3219400787
>> >
>> >
>>
>
