Thanks, all for the effort to verify and give feedback. Not to distract the release thread, but I opened a pull request for the glitches. Notably the git plugin that failed is unnecessary. I'll finish the release when the 72hrs expires if we keep at this rate of all +1s https://github.com/apache/incubator-zipkin-brave-karaf/pull/29
On Wed, Feb 13, 2019 at 5:32 AM Jorge Quilcate <[email protected]> wrote: > > +1 > > > I checked: > > - Naming convention and hashing (Steps 1,2,3) > > - To validate signature (Step 4) I had to trust gpg keys first[1] to > avoid this warning exception: > > ``` > > |gpg: WARNING: This key is not certified with a trusted signature! gpg: > There is no indication that the signature belongs to the owner.| > > ``` > > - Verified source content (Step 5), but last steps cause licensing > plugin warnings as it seems to rely on Git to get the year and this > steps are under the Subversion checkout. > > ``` > > Could not compute the year of the last git commit for file > /home/jeqo/src/dist.apache.org/repos/dist/dev/incubator > > ``` > > Might be worth it to mention that Maven commands should be executed > under a git repository and not svn. > > - Verified git tag (Step 6). > > - Verified content built from git tag is identical to released (Step 7) > > > Also fixed a typo on documentation related to step numbers. > > > Jorge. > > 1: https://www.gnupg.org/gph/en/manual.html#AEN84 > > On 2/11/19 9:08 PM, Zoltán Nagy wrote: > > +1 binding > > > > Checked: > > > > - sha512 is correct > > - GPG signature is correct, signature was generated with Adrian's key > > (which is in the relevant KEYS file) > > - git tag matches commit hash > > - Base dir in source package named as expected > > - Source package matches git repo except for DEPENDENCIES, NOTICE, .git / > > .gitignore > > - LICENSE is Apache 2.0, DISCLAIMER mentions incubation, NOTICE mentions ASF > > - No project binaries in source package > > - `./mvnw package` passes > > > > On Mon, Feb 11, 2019 at 6:24 PM Brian Devins-Suresh <[email protected]> > > wrote: > > > >> +1 binding > >> > >> I checked: > >> - sha512 of zip > >> - Source package compiles and tests (mvn test && mvn package) > >> - git tag matches commit hash (git show v0.1.2) > >> - Source package contents match git tree (exceptions: .gitignore, NOTICE, > >> DEPENDENCIES) > >> - LICENSE is Apache 2.0 > >> - DISCLAIMER mentions incubation > >> - Sources package does not include project binaries (maven-wrapper.jar is > >> included) > >> - gpg signature matches Adrian's key > >> > >> On Mon, Feb 11, 2019 at 2:48 AM Tommy Ludwig <[email protected]> > >> wrote: > >> > >>> +1 binding > >>> > >>> I checked the following: > >>> > >>> - shasum of zip > >>> - gpg signature > >>> - git tag matches mentioned commit id > >>> - Base directory with the convention PROJECT_NAME-VERSION > >>> - DISCLAIMER mentions it is an incubating project > >>> - LICENSE is the Apache License v2.0 > >>> - NOTICE mentions The Apache Software Foundation > >>> - There are source files (ex .java), build files (ex pom.xml), but no > >>> binaries (ex .jar) > >>> - Can compile from source (ex ./mvnw compile) > >>> - Can run unit tests (ex ./mvnw test) > >>> > >>> > >>> On Mon, Feb 11, 2019 at 3:58 PM Adrian Cole <[email protected]> > >>> wrote: > >>> > >>>> Hello Zipkin Community, > >>>> > >>>> This is a call for vote to release Apache Zipkin Brave Karaf > >>>> (incubating) version 0.1.2. > >>>> > >>>> The release candidates: > >>>> > >> https://dist.apache.org/repos/dist/dev/incubator/zipkin/brave-karaf/0.1.2/ > >>>> Git tag for the release: > >>>> https://github.com/apache/incubator-zipkin-brave-karaf/tree/v0.1.2 > >>>> > >>>> Hash for the release tag: > >>>> 31545805a55dbe5e495403d84172fc865a4935e0 > >>>> > >>>> Release Notes: > >>>> > >> https://github.com/apache/incubator-zipkin-brave-karaf/releases/tag/v0.1.2 > >>>> The artifacts have been signed with Key : BB67A050, which can be found > >>>> in the keys file: > >>>> https://dist.apache.org/repos/dist/dev/incubator/zipkin/KEYS > >>>> > >>>> Verification Hints: > >>>> For your convenience, the below includes detailed how-to on verifying > >>>> a source release. Please note that this document is a work-in-progress > >>>> > >>>> > >> https://cwiki.apache.org/confluence/display/ZIPKIN/Verifying+a+Source+Release > >>>> The vote will be open for at least 72 hours or until necessary number > >>>> of votes are reached. > >>>> > >>>> Please vote accordingly: > >>>> > >>>> [ ] +1 approve > >>>> [ ] +0 no opinion > >>>> [ ] -1 disapprove with the reason > >>>> > >>>> Thanks, > >>>> The Apache Zipkin (Incubating) Team > >>>> > >>>> --------------------------------------------------------------------- > >>>> To unsubscribe, e-mail: [email protected] > >>>> For additional commands, e-mail: [email protected] > >>>> > >>>> --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
