csantanapr commented on issue #41: Can we anonymize the PGP key configuration? URL: https://github.com/apache/incubator-openwhisk-release/issues/41#issuecomment-367549932 I gave the following feedback: Do the testing of the release in Travis. (deploy openwhis, run some tests) Do the zip/tar, md5 and sign on Apache Jenkins. Apache Jenkins nodes are already configure with svn Here is an example of a Job https://builds.apache.org/view/Incubator%20Projects/job/incubator-netbeans-html4j-release I suggest to create a jenkins job, where release manager for the week can enter some form fields if necessary and start jenkins job, this will kick Travis to run testing, then when done, continue with tar/zip, sign, md5, and copy to svn. Or have release manager tag the repo, and this kicks Travis, and then Travis kicks jenkins to do zip/tar, sign, md5, and copy to svn The PGP key can be generated with apache id of one of the PPMC member ([email protected]) like Like netbean project ``` Signed with my [email protected] key approved for NetBeans project with command: $ gpg -u f4c8f51d -ab incubating-netbeans-html4j-1.5.1.zip $ cat incubating-netbeans-html4j-1.5.1.zip.asc ``` 
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
