Okay for this related to SHA512 files, which remains a mystery. Anyway I installed a cluster with Storm 2.5.0 RC2, and good news, I see a first improvement vs. Storm 2.5.0 RC1 : storm command no more complains because 'python' is not in PATH (I see now it seeks for python3, which is installed on my RedHat 8 VMs).
However, here's another mystery : with Storm 2.5.0 RC1, the "storm" command was not finding 'python' command, but it was just printing some garbage because python version check was failing without exiting storm shell. But then, no issue at running Storm 2.5.0 RC1 with 10+ topologies. So my question is: why "storm" shell command check for python version at all? Storm various processes don't seem to use python, so isn't it a "useless legacy check" that could be removed (not blocking 2.5.0 anyway, of course, but worth noting?) In the meantime, I'm continuing 2.5.0 RC2 with test at higher scale... stay tuned. Thanks, Alex Le mar. 25 juil. 2023 à 20:21, Bipin Prasad <bipinpra...@apache.org> a écrit : > > Thanks for pointing this out. I have reverted to using individual sha512 > files - generated via sha512sum command. These have been pushed to svn link. > > On 2023/07/25 18:03:06 Alexandre Vermeerbergen wrote: > > Thanks... but that's not quite usable unless one download *all artefacts*, > > see: > > > > wget > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/apache-storm-2.5.0.tar.gz > > wget > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/sha512sums.sha512 > > /usr/bin/sha512sum -c sha512sums.sha512 > > > > /usr/bin/sha512sum: RELEASE_NOTES.html: No such file or directory > > RELEASE_NOTES.html: FAILED open or read > > /usr/bin/sha512sum: RELEASE_NOTES.html.asc: No such file or directory > > RELEASE_NOTES.html.asc: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0-src.tar.gz: No such file or directory > > apache-storm-2.5.0-src.tar.gz: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0-src.tar.gz.asc: No such file or > > directory > > apache-storm-2.5.0-src.tar.gz.asc: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0-src.zip: No such file or directory > > apache-storm-2.5.0-src.zip: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0-src.zip.asc: No such file or > > directory > > apache-storm-2.5.0-src.zip.asc: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0.pom: No such file or directory > > apache-storm-2.5.0.pom: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0.pom.asc: No such file or directory > > apache-storm-2.5.0.pom.asc: FAILED open or read > > apache-storm-2.5.0.tar.gz: OK > > /usr/bin/sha512sum: apache-storm-2.5.0.tar.gz.asc: No such file or directory > > apache-storm-2.5.0.tar.gz.asc: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0.zip: No such file or directory > > apache-storm-2.5.0.zip: FAILED open or read > > /usr/bin/sha512sum: apache-storm-2.5.0.zip.asc: No such file or directory > > apache-storm-2.5.0.zip.asc: FAILED open or read > > /usr/bin/sha512sum: WARNING: 11 listed files could not be read > > > > I tried to "corrupt" apache-storm-2.5.0.tar.gz and run the same > > command, the corrupted file is detected, but that key information is a > > bit burried into the many lines of 'sha512sum -c sha512sums.sha512' > > output... > > > > Couldn't we have one .sha512 per file but with some sed or awk command > > that post-processes gpg's output to turn the hexadecimal into a > > one-liner compatible with sha512sum ? > > > > On a side note, the use of sha512sum is advertised on Apache > > Fundation's site to verify sha512's signatures: > > https://www.apache.org/info/verification.html > > > > Even more puzzling is the fact that Apache Kafka's recent signature > > are also multi-line, see at: https://kafka.apache.org/downloads and I > > test: > > > > wget https://downloads.apache.org/kafka/3.5.1/kafka-3.5.1-src.tgz > > wget https://downloads.apache.org/kafka/3.5.1/kafka-3.5.1-src.tgz.sha512 > > sha512sum -c kafka-3.5.1-src.tgz.sha512 > > sha512sum: kafka-3.5.1-src.tgz.sha512: no properly formatted SHA512 > > checksum lines found > > > > => So your .sha512 files initially published aren't worse than Apache > > Kafka's... but now I'm wondering why somebody seems to care?? > > > > Anyway, in parallel I'm running tests with this 2.5.0 RC2, I'll will > > provide feedbacks on that one too ASAP > > > > Thanks, > > Alex > > > > Le mar. 25 juil. 2023 à 19:40, Bipin Prasad <bipinpra...@apache.org> a > > écrit : > > > > > > I have removed the .sha512 files generated via gpg and created one single > > > sha512 file with all the checksums. Please check again. Thanks > > > > > > On 2023/07/25 17:27:14 Bipin Prasad wrote: > > > > Looks like gpg does not generate checksum in the format expected by > > > > sha512sum. > > > > sha512sum expects one line of the format: > > > > <not-space-separated-checksum> space <filemame> > > > > > > > > gpg generates: > > > > <filemame> : <multiline-space-separated-checksum-words> > > > > > > > > So when I take the checksum file: > > > > apache-storm-2.5.0-src.zip: 8ABE6595 4C51B310 BA226021 29253788 0201BF9D > > > > 92DC24D7 A00FEBAE 809D0F91 EC772FAC C433F16B > > > > B56F958E 2D2EDF21 0814A02B 58819949 E26B574B > > > > A75BF1B9 > > > > and change it to: > > > > 8ABE65954C51B310BA226021292537880201BF9D92DC24D7A00FEBAE809D0F91EC772FACC433F16BB56F958E2D2EDF210814A02B58819949E26B574BA75BF1B9 > > > > apache-storm-2.5.0-src.zip > > > > > > > > and run sha512sum it works. > > > > > > > > On 2023/07/25 17:13:15 Bipin Prasad wrote: > > > > > The sha512 files were generated by "gpg --print-md SHA512" command. > > > > > Will check why sha512sum does not think it is valid file. > > > > > > > > > > On 2023/07/25 16:50:50 Alexandre Vermeerbergen wrote: > > > > > > Hello, > > > > > > > > > > > > Great ! > > > > > > But I'm facing again an issue with SHA512 validation of the source > > > > > > archive: > > > > > > > > > > > > wget > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/apache-storm-2.5.0-src.tar.gz > > > > > > wget > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/apache-storm-2.5.0-src.tar.gz.sha512 > > > > > > sha512sum -c apache-storm-2.5.0-src.tar.gz.sha512 > > > > > > sha512sum: apache-storm-2.5.0-src.tar.gz.sha512: no properly > > > > > > formatted > > > > > > SHA512 checksum lines found > > > > > > > > > > > > same issue with this binary artifact: > > > > > > > > > > > > wget > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/apache-storm-2.5.0.tar.gz > > > > > > wget > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/apache-storm-2.5.0.tar.gz.sha512 > > > > > > sha512sum -c apache-storm-2.5.0.tar.gz.sha512 > > > > > > sha512sum: apache-storm-2.5.0.tar.gz.sha512: no properly formatted > > > > > > SHA512 checksum lines found > > > > > > > > > > > > So I guess that's not good for a final 2.5.0 release isn't it ? > > > > > > > > > > > > Thanks, > > > > > > Alex > > > > > > > > > > > > Le mar. 25 juil. 2023 à 17:29, Bipin Prasad > > > > > > <bipinpra...@apache.org> a écrit : > > > > > > > > > > > > > > Storm Release candidate version 2.5.0 rc2 is here: > > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2 > > > > > > > Please vote on this release. > > > > > > > > > > > > > > 1. How to vote is described here: > > > > > > > > > > > > > > https://github.com/apache/storm/blob/master/RELEASING.md#how-to-vote-on-a-release-candidate > > > > > > > 2. Release notes are here: > > > > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/RELEASE_NOTES.html > > > > > > > . > > > > > > > 3. The tag/commit to be voted upon is v2.5.0: > > > > > > > 4. The source archive being votes upon is here: > > > > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc2/apache-storm-2.5.0-src.tar.gz > > > > > > > 5. The release artifacts are signed with the following key: > > > > > > > > > > > > > > https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x134716af768d9b6e > > > > > > > in > > > > > > > this file https://www.apache.org/dist/storm/KEYS > > > > > > > > > > > > > > > > > > > > > When voting, please list the actions taken to verify the release. > > > > > > > This vote will be open for at least 72 hours. > > > > > > > > > > > > > > [ ] +1 Release this package as Apache Storm 2.5.0 > > > > > > > [ ] 0 No opinion > > > > > > > [ ] -1 Do not release this package because... > > > > > > > > > > > > > > Thanks to everyone who contributed to this release. > > > > > > > > > > > > > > --Bipin Prasad > > > > > > > > > > > > > > On Mon, Jun 26, 2023 at 4:15 PM Bipin Prasad > > > > > > > <bipinpra...@apache.org> wrote: > > > > > > > > > > > > > > > Storm Release candidate version 2.5.0 rc1 is here: > > > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc1 > > > > > > > > Please vote on this release. > > > > > > > > > > > > > > > > 1. How to vote is described here: > > > > > > > > > > > > > > > > https://github.com/apache/storm/blob/master/RELEASING.md#how-to-vote-on-a-release-candidate > > > > > > > > 2. Release notes are here: > > > > > > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc1/RELEASE_NOTES.html > > > > > > > > . > > > > > > > > 3. The tag/commit to be voted upon is v2.5.0: > > > > > > > > 4. The source archive being votes upon is here: > > > > > > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/storm/apache-storm-2.5.0-rc1/apache-storm-2.5.0-src.tar.gz > > > > > > > > 5. The release artifacts are signed with the following key: > > > > > > > > > > > > > > > > https://keyserver.ubuntu.com/pks/lookup?op=get&search=0x134716af768d9b6e > > > > > > > > in this file https://www.apache.org/dist/storm/KEYS > > > > > > > > > > > > > > > > > > > > > > > > When voting, please list the actions taken to verify the > > > > > > > > release. > > > > > > > > This vote will be open for at least 72 hours. > > > > > > > > > > > > > > > > [ ] +1 Release this package as Apache Storm 2.5.0 > > > > > > > > [ ] 0 No opinion > > > > > > > > [ ] -1 Do not release this package because... > > > > > > > > > > > > > > > > Thanks to everyone who contributed to this release. > > > > > > > > > > > > > > > > --Bipin Prasad > > > > > > > > > > > > > > > > > > > > > > > > >
