Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

It was reported in the general incubator list that the sha files should be named sha1 or sha512 … a quick check of the man page of the sha-tool names 512 as algorithm version. So, I renamed the files to the sha512 dale suggested earlier. Chris Am 09.12.17, 22:43 schrieb "Christofer Dutz"

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Thanks for the clarifications. Is there any way to disable the changelog stuff - or some way to run the tests with code coverage and get aggregated html reports when building from a source release bundle? Re Nexus, restating just to be sure I understand: the release process’s “mvn deploy”

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

I was able to successfully perform almost all of the validation on the source bundle that I wanted to: - basically followed the non-RM, non-binary items in [6] downloaded, checked signatures/sums, checked identical tar.gz / zip contents verified LICENSE, NOTICE, DISCLAIMER, RELEASE_NOTES,

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Interesting re the sha. The updates regarding sha naming are pretty recent - last 6months or so. So, they’re just wrong / not compatible with the real world and/or nexus generated info? Actually, I suspect it’s OK to just ignore nexus with respect to this - i.e., it has it’s own naming scheme

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Ok … so I removed all the distribution and the „tests“-modules from the staging repo. Chris Am 07.12.17, 10:00 schrieb "Christofer Dutz" : Hi Dale, I added the zip and then noticed that the tag.gz did have some “next” and “current” pom copies inside.

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Hi Dale, I added the zip and then noticed that the tag.gz did have some “next” and “current” pom copies inside. So, I had a look at my original and they didn’t have them, so I updated the tar.gz and its hashes. Also, I did rename the sha512 back to sha as SHA is the algorithm … you usually

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Agreed on all points regarding the zip. Since you offered, I updated the scripts to require it and the sha512 noted below :-) The verification includes verifying the tar.gz and zip contents are the same. On another topic, [1] says the suffix MUST be sha512 for a SHA 512 sum (which in fact is

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Hi, > Regarding the pgp issue i guess you have to Import my Key somehow. But i'm No > expert on that. My key should be valid judging from the number of Apaches > that signed it. Eventually there is no path of trust and you need to import > it manually. The warning is fine - it just means that

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Subject: Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1 I’ll pull of that trust thread, thx. Another question re RC1: -Papache-release also generates a zip. I had expected we’d be releasing that too but it isn’t staged. At this time I’m fine if we just continue 1.2.0 with onl

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

uld be valid judging from the number of Apaches >> that signed it. Eventually there is no path of trust and you need to import >> it manually. >> >> Chris >> >> Outlook for Android<https://aka.ms/ghei36> herunterladen >> >> ___

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

017 5:31:03 PM To: dev@edgent.apache.org Subject: Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1 I hear your pain :-) FWIW, I did import your key using the (possibly incomplete?) directions reported by the script. That’s why I was wondering if you saw the same thing for 1.2.0 and 1.1.

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

tlook for Android<https://aka.ms/ghei36> herunterladen > > > From: Dale LaBossiere <dml.apa...@gmail.com> > Sent: Wednesday, December 6, 2017 5:08:27 PM > To: dev@edgent.apache.org > Subject: Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1 > &g

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

7 5:08:27 PM To: dev@edgent.apache.org Subject: Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1 Thx re the nexus content. I’m getting a gpg warning validating the 1.2.0RC1 bundle signature that I don’t get when downloading/validating 1.1.0. Might your KEY changes have an issue o

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Thx re the nexus content. I’m getting a gpg warning validating the 1.2.0RC1 bundle signature that I don’t get when downloading/validating 1.1.0. Might your KEY changes have an issue or you didn’t “published” your key or such? Or maybe it’s just that with 1.1.0 I’m just validating something that I

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Hi Dale, I guess I updated the KEY manually and it seems to be ok the way it is now. Regarding stuff in Nexus, we should remove before hitting the “release” button: - Intermediate poms are important as they are defined as “parent” of other artifacts. Maven downloads them in order to know the

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Re the KEYS, please update the file in the incubator-edgent source repo. FWI, the 1.0.0 and 1.1.0 staging areas are empty because the "publishing the release” process is supposed to *move* the exact staged/voted artifacts to the release area. I see the our buildTools/publish_release.sh script

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

Hi Dale, So, I updated the scripts, deployed the RC in the correct area (I wonder why the other 1.0.0 and 1.1.0 areas are empty. Unfortunately, I had to test myself to the right solution by running the scripts and fine tuning my deployment and the scripts. But now I think we have a working

Re: [DISCUSS] validating Apache Edgent (Incubating) 1.2.0 RC1

HI Dale, as I mentioned in the other DISCUSS thread I already noticed this shortcoming. I think the following path should be ok for us to follow: 1. I manually add my pgp key to the list in KEYS in SVN 2. I manually add the files created by the assembly plugin to SVN 3. We continue the voting