[jira] [Resolved] (JOSHUA-331) Address Apache Joshua 6.1 RC#3 Issues

2017-03-08 Thread Tommaso Teofili (JIRA) 

 [ 
https://issues.apache.org/jira/browse/JOSHUA-331?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Tommaso Teofili resolved JOSHUA-331.

Resolution: Fixed

> Address Apache Joshua 6.1 RC#3 Issues
> -
>
> Key: JOSHUA-331
> URL: https://issues.apache.org/jira/browse/JOSHUA-331
> Project: Joshua
>  Issue Type: Task
>  Components: release
>Reporter: Tommaso Teofili
>Assignee: Tommaso Teofili
> Fix For: 6.1
>
>
> Address the following issues:
> {quote}
> Every ASF release MUST contain one or more source packages, which MUST be
> sufficient for a user to build and test the release provided they have
> access to the appropriate platform and tools. - NO
> -Not building due to failing test (BerkleyLM failure).  I'm digging a
> bit more into this.
> {quote}
> {quote}
> Every artifact distributed to the public through Apache channels MUST be
> accompanied by one file containing an OpenPGP compatible ASCII armored
> detached signature and another file containing an MD5 checksum.
> - .asc - NO
> I get warning:
> "gpg --verify joshua-incubating-6.1-src.tar.gz.asc
> joshua-incubating-6.1-src.tar.gz
> gpg: Signature made Thu Feb 23 09:15:17 2017 CET using RSA key ID
> 891768A5
> gpg: Good signature from "Tommaso Teofili "
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:  There is no indication that the signature belongs to the
> owner."
> - .md5 - NO
> My md5 of joshua-incubating-6.1-src.tar.gz is
> 504976876b01294811293aa45b5400f5, the joshua-incubating-6.1-src.tar.gz.md5
> indicates it should be 22b738eeae45757715080702a5bd2789
> - .sha - NO
> My sha of joshua-incubating-6.1-src.tar.gz is
> 4AB5BA24301590F36AE6452DACC3F21CBD8B3FEC, the
> joshua-incubating-6.1-src.tar.gz.md5 indicates it should be
> 2a55b6d341dddc5369b22a4802a86ec40accd0a1
> - KEYS - YES
> {quote}



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Re: [jira] [Commented] (JOSHUA-331) Address Apache Joshua 6.1 RC#3 Issues

2017-03-08 Thread Tommaso Teofili 
Sure, I will proceed later today.
Tommaso
Il giorno mer 8 mar 2017 alle 19:27 Matt Post  ha scritto:

> Hi Tommaso,
>
> I'm afraid I'm not at all familiar with the release process and am not
> sure what to do here. Can you simply retrace these steps and do it again
> correctly?
>
> matt
>
>
> > On Mar 7, 2017, at 8:31 AM, Tommaso Teofili (JIRA) 
> wrote:
> >
> >
> >[
> https://issues.apache.org/jira/browse/JOSHUA-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15899440#comment-15899440
> ]
> >
> > Tommaso Teofili commented on JOSHUA-331:
> > 
> >
> > now all seems fine to me, one concern I have is that for RC3 I didn't
> have .MD5 checksums in my target directory after having done _mvn
> release:prepare_ and _mvn release:perform_ and therefore I took the ones
> from the staging repo and copied them to _/dist_ assuming that they got
> generated using my key, which of course was not the case.
> > How should we proceed there ?
> >
> >
> >> Address Apache Joshua 6.1 RC#3 Issues
> >> -
> >>
> >>Key: JOSHUA-331
> >>URL: https://issues.apache.org/jira/browse/JOSHUA-331
> >>Project: Joshua
> >> Issue Type: Task
> >> Components: release
> >>   Reporter: Tommaso Teofili
> >>   Assignee: Tommaso Teofili
> >>Fix For: 6.1
> >>
> >>
> >> Address the following issues:
> >> {quote}
> >> Every ASF release MUST contain one or more source packages, which MUST
> be
> >> sufficient for a user to build and test the release provided they have
> >> access to the appropriate platform and tools. - NO
> >>-Not building due to failing test (BerkleyLM failure).  I'm digging a
> >> bit more into this.
> >> {quote}
> >> {quote}
> >> Every artifact distributed to the public through Apache channels MUST be
> >> accompanied by one file containing an OpenPGP compatible ASCII armored
> >> detached signature and another file containing an MD5 checksum.
> >>- .asc - NO
> >>I get warning:
> >>"gpg --verify joshua-incubating-6.1-src.tar.gz.asc
> >> joshua-incubating-6.1-src.tar.gz
> >>gpg: Signature made Thu Feb 23 09:15:17 2017 CET using RSA key ID
> >> 891768A5
> >>gpg: Good signature from "Tommaso Teofili "
> >> [unknown]
> >>gpg: WARNING: This key is not certified with a trusted signature!
> >>gpg:  There is no indication that the signature belongs to
> the
> >> owner."
> >>- .md5 - NO
> >>My md5 of joshua-incubating-6.1-src.tar.gz is
> >> 504976876b01294811293aa45b5400f5, the
> joshua-incubating-6.1-src.tar.gz.md5
> >> indicates it should be 22b738eeae45757715080702a5bd2789
> >>- .sha - NO
> >>My sha of joshua-incubating-6.1-src.tar.gz is
> >> 4AB5BA24301590F36AE6452DACC3F21CBD8B3FEC, the
> >> joshua-incubating-6.1-src.tar.gz.md5 indicates it should be
> >> 2a55b6d341dddc5369b22a4802a86ec40accd0a1
> >>- KEYS - YES
> >> {quote}
> >
> >
> >
> > --
> > This message was sent by Atlassian JIRA
> > (v6.3.15#6346)
>
>

Re: [jira] [Commented] (JOSHUA-331) Address Apache Joshua 6.1 RC#3 Issues

2017-03-08 Thread Matt Post 
Hi Tommaso,

I'm afraid I'm not at all familiar with the release process and am not sure 
what to do here. Can you simply retrace these steps and do it again correctly?

matt


> On Mar 7, 2017, at 8:31 AM, Tommaso Teofili (JIRA)  wrote:
> 
> 
>[ 
> https://issues.apache.org/jira/browse/JOSHUA-331?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15899440#comment-15899440
>  ] 
> 
> Tommaso Teofili commented on JOSHUA-331:
> 
> 
> now all seems fine to me, one concern I have is that for RC3 I didn't have 
> .MD5 checksums in my target directory after having done _mvn release:prepare_ 
> and _mvn release:perform_ and therefore I took the ones from the staging repo 
> and copied them to _/dist_ assuming that they got generated using my key, 
> which of course was not the case.
> How should we proceed there ?
> 
> 
>> Address Apache Joshua 6.1 RC#3 Issues
>> -
>> 
>>Key: JOSHUA-331
>>URL: https://issues.apache.org/jira/browse/JOSHUA-331
>>Project: Joshua
>> Issue Type: Task
>> Components: release
>>   Reporter: Tommaso Teofili
>>   Assignee: Tommaso Teofili
>>Fix For: 6.1
>> 
>> 
>> Address the following issues:
>> {quote}
>> Every ASF release MUST contain one or more source packages, which MUST be
>> sufficient for a user to build and test the release provided they have
>> access to the appropriate platform and tools. - NO
>>-Not building due to failing test (BerkleyLM failure).  I'm digging a
>> bit more into this.
>> {quote}
>> {quote}
>> Every artifact distributed to the public through Apache channels MUST be
>> accompanied by one file containing an OpenPGP compatible ASCII armored
>> detached signature and another file containing an MD5 checksum.
>>- .asc - NO
>>I get warning:
>>"gpg --verify joshua-incubating-6.1-src.tar.gz.asc
>> joshua-incubating-6.1-src.tar.gz
>>gpg: Signature made Thu Feb 23 09:15:17 2017 CET using RSA key ID
>> 891768A5
>>gpg: Good signature from "Tommaso Teofili "
>> [unknown]
>>gpg: WARNING: This key is not certified with a trusted signature!
>>gpg:  There is no indication that the signature belongs to the
>> owner."
>>- .md5 - NO
>>My md5 of joshua-incubating-6.1-src.tar.gz is
>> 504976876b01294811293aa45b5400f5, the joshua-incubating-6.1-src.tar.gz.md5
>> indicates it should be 22b738eeae45757715080702a5bd2789
>>- .sha - NO
>>My sha of joshua-incubating-6.1-src.tar.gz is
>> 4AB5BA24301590F36AE6452DACC3F21CBD8B3FEC, the
>> joshua-incubating-6.1-src.tar.gz.md5 indicates it should be
>> 2a55b6d341dddc5369b22a4802a86ec40accd0a1
>>- KEYS - YES
>> {quote}
> 
> 
> 
> --
> This message was sent by Atlassian JIRA
> (v6.3.15#6346)