THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
provided in the vote email thread
Note: This document is a work in progress and heavily derived from the NiFi Release guide generated by the community. The idea is that with processes fully established for each project we can consolidate at a later point.
...
gpg -a -b --digest-algo=SHA512 ${artifact};
echo “ Generating sha1sha512 sum hash ”;
gsha1sum gsha512sum ${artifact} | cut -d" " -f1 > ${artifact}.sha1sha512
echo “ Generating sha25sha256 sum hash ”;
gsha256sum ${artifact} | cut -d" " -f1 > ${artifact}.sha256
...
- ASCII armored GPG signatures (--digest-algo=SHA512 select the SHA512 hash algorithm). Configure GPG to always prefer stronger hashes.
$ gpg -a -b --digest-algo=SHA512 nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz # produces nifi-minifi-cpp${MINIFI_VERSION}-source.tar.gz.asc
$ gpg -a -b --digest-algo=SHA512 nifi-minifi-cpp-${MINIFI_VERSION}-bin.tar.gz # produces nifi-minifi-cpp-${MINIFI_VERSION}-bin.tar.gz.asc
$ gpg -a -b --digest-algo=SHA512 nifi-minifi-cpp-${MINIFI_VERSION}-bin.tar.gz # produces nifi-minifi-cpp-${MINIFI_VERSION}-bin.tar.gz.asc - Generate SHA1 SHA256 hash summaries.
$ sha1sum shasum -a 256 nifi-${MINIFI_VERSION}-source-release.zip | cut -d" " -f1 > nifi-${RELEASAEMINIFI_VERSION}-source-release.zip.sha1sha256
$ sha1sum shasum -a 256 nifi-${MINIFI_VERSION}-bin.tar.gz | cut -d" " -f1 > nifi-${RELEASAEMINIFI_VERSION}-bin.tar.gz.sha1sha256
$ sha1sum shasum -a 256 nifi-${MINIFI_VERSION}-bin.zip | cut -d" " -f1 > nifi-${RELEASAEMINIFI_VERSION}-bin.zip.sha1sha256 - Generate SHA256 hash SHA512 hash summaries.
$ shasum -a 256 sha512sum nifi-${MINIFI_VERSION}-source-release.zip | cut -d" " -f1 > nifi-${MINIFI_VERSIONRELEASAE}-source-release.zip.sha256sha512
$ shasum -a 256 sha512sum nifi-${MINIFI_VERSION}-bin.tar.gz | cut -d" " -f1 > nifi-${MINIFI_VERSIONRELEASAE}-bin.tar.gz.sha256sha512
$ shasum -a 256 sha512sum nifi-${MINIFI_VERSION}-bin.zip | cut -d" " -f1 > nifi-${MINIFI_VERSIONRELEASAE}-bin.zip.sha256sha512
- ASCII armored GPG signatures (--digest-algo=SHA512 select the SHA512 hash algorithm). Configure GPG to always prefer stronger hashes.
- For reviewing of the release candidate, commit the source release and convenience binaries files along with their hashes and signatures to https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi-cpp/${VERSION}
...
- RM sends a vote request email to the NiFi Developers Mailing List.
- TO: dev@nifi.apache.org
- FROM: ${RM_USERID}@apache.org
- SUBJECT: [VOTE] Release Apache NiFi MiNiFi C++ ${MINIFI_VERSION}
Hello,
I am pleased to be calling this vote for the source release of Apache NiFi MiNiFi C++ ${MINIFI_VERSION}.
The source tarball, some binary builds, plus signatures and digests can be found at:
https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi-cpp/${MINIFI_VERSION}/
The Git tag is minifi-cpp-${MINIFI_VERSION}-RC${RC}
The Git commit ID is <40-BYTE-COMMIT-HASH>
https://git-wip-us.apache.org/repos/asf?p=nifi-minifi-cpp.git;a=commit;h= <40-BYTE-COMMIT-HASH>
Checksums of nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz:
SHA256: <64-BYTE-SHA1SUMSHA256SUM-HASH>
SHA512: <128-BYTE-SHA1SUMSHA512SUM-HASH>
Release artifacts are signed with the following key:
https://people.apache.org/keys/committer/${RM_USERID}.asc
KEYS file available here:
https://dist.apache.org/repos/dist/release/nifi/KEYS
8 issues were closed/resolved for this release:
https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316020&version=12329307
Release note highlights can be found here:
https://cwiki.apache.org/confluence/display/NIFI/Release+Notes#ReleaseNotes-Version${MINIFI_VERSION}
The vote will be open for 72 hours.
Please download the release candidate and evaluate the necessary items including checking hashes, signatures, build
from source, and test. Then please vote:
[ ] +1 Release this package as nifi-minifi-cpp-${MINIFI_VERSION}
[ ] +0 no opinion
[ ] -1 Do not release this package because...
- RM sends the following helper email to the NiFi Developers Mailing List.
- TO: dev@nifi.apache.org
- FROM: ${RM_USERID}@apache.org
- SUBJECT: Apache NiFi MiNiFi C++ ${MINIFI_VERSION} RC${RC} Release Helper Guide
Hello Apache NiFi community,
Please find the associated guidance to help those interested in validating/verifying the release so they can vote.
# Download latest KEYS file:
https://dist.apache.org/repos/dist/release/nifi/KEYS
# Import keys file:
gpg --import KEYS
# Pull down nifi-minifi-cpp-${MINIFI_VERSION} source release artifacts for review:
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi-cpp/${MINIFI_VERSION}/nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi-cpp/${MINIFI_VERSION}/nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz.asc
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi-cpp/${MINIFI_VERSION}/nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz.sha1 sha256
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi-cpp/${MINIFI_VERSION}/nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz.sha256 sha512
# Verify the signature
gpg --verify nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz.asc
# Verify the hashes (sha1sha256, sha256sha512) match the source and what was provided in the vote email thread
sha1sum sha256sum nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz
sha256sum sha512sum nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz
# Extract nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz
tar xvzf nifi-minifi-cpp-${MINIFI_VERSION}-source.tar.gz
# Verify the build works including tests and linter checks
cd nifi-minifi-cpp-${MINIFI_VERSION}-source
mkdir build && cd build && cmake .. && make package && make test && make linter# or:# ./bootstrap.sh && cd build && make package && make test && make linter
# On Windows:
# Install dependencies as documented: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=139627733
# cd nifi-minifi-cpp-${MINIFI_VERSION}-source
# win_build_vs.bat build /P
# Verify the contents contain a good README, NOTICE, and LICENSE.
# Verify the git commit ID is correct
# Verify the RC was branched off the correct git commit ID
# Look at the resulting convenience binary as found in build/nifi-minifi-cpp-${MINIFI_VERSION}-bin.tar.gz
# Make sure the README, NOTICE, and LICENSE are present and correct
# Run the resulting convenience binary and make sure it works as expected
# Send a response to the vote thread indicating a +1, 0, -1 based on your findings.
Thank you for your time and effort to validate the release!
- Developers in the community review the release candiate and reply to the vote email with their vote.
- After 72 hours if
- at least 3 binding (PMC members) cast +1 votes, and
- the positive binding votes out number any negative binding votes
- the vote passes and the release candidate is officially released. If the vote does not pass, corrections are made on the release branch and a new release candidate is put forward for a new vote.
- RM sends vote result email.
- TO: dev@nifi.apache.org
- FROM: ${RM_USERID}@apache.org
- SUBJECT: [RESULT][VOTE] Release Apache NiFi MiNiFi C++ ${NIFI_VERSION}
Apache NiFi Community,
I am pleased to announce that the ${MINIFI_VERSION} release of Apache NiFi MiNiFi C++ passes with
X +1 (binding) votes
Y -1 (binding) votes
0 0 votes
0 -1 votes
Thanks to all who helped make this release possible.
Here is the PMC vote thread: ${VOTE_THREAD_URL}
...