THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
- Locate an empty directory to download the artifacts and build (e.g: ${RANGER_RELEASE_DIR})
- Download all artifacts specified in the release email (e.g: apache-ranger-${RANGER_RELEASE}.tar.gz )
- Download the PGP Signature file associated with the release artifact (eg: apache-ranger-${RANGER_RELEASE}.tar.gz.asc)
- Download the SHA256 Signature file associated with the release artifact (eg: apache-ranger-${RANGER_RELEASE}.tar.gz.sha256)
- Download the SHA512 Signature file associated with the release artifact (eg: apache-ranger-${RANGER_RELEASE}.tar.gz.asc.sha51)
- VALIDATION # 1 : Build the ranger binaries using the source downloaded
- VALIDATION # 2 : Ensure that the signature associated with the downloaded source is matching with the downloaded signature file(s).
Run the following commands to validate the ranger build#1 and #2:
Code Block language bash title Define Environment Variables RANGER_RELEASE_DIR="${HOME}/ranger-validation" # PLEASE define this variable depending on your needs RANGER_RELEASE="2.4.0" # PLEASE define your RELEASE number such as 2.2.0 .... RANGER_RC="rc2" # PLEASE define your Release Candidate Prefix
Code Block language bash title Download Artifacts RANGER_DOWNLOAD_URL_PREFIX="https://dist.apache.org/repos/dist/dev/ranger/${RANGER_RELEASE}-${RANGER_RC}" RANGER_KEYS_URL="https://dist.apache.org/repos/dist/release/ranger/KEYS" RANGER_RELEASE_SOURCE="apache-ranger-${RANGER_RELEASE}.tar.gz" # mkdir -p ${RANGER_RELEASE_DIR} cd ${RANGER_RELEASE_DIR} # Download all artifacts into this directory rm -f ${RANGER_RELEASE_SOURCE} rm -f ${RANGER_RELEASE_SOURCE}.asc ${RANGER_RELEASE_SOURCE}.sha256 ${RANGER_RELEASE_SOURCE}.sha512 curl -o ${RANGER_RELEASE_SOURCE} "${RANGER_DOWNLOAD_URL_PREFIX}/${RANGER_RELEASE_SOURCE}" curl -o ${RANGER_RELEASE_SOURCE}.asc "${RANGER_DOWNLOAD_URL_PREFIX}/${RANGER_RELEASE_SOURCE}.asc" curl -o ${RANGER_RELEASE_SOURCE}.sha256 "${RANGER_DOWNLOAD_URL_PREFIX}/${RANGER_RELEASE_SOURCE}.sha256" curl -o ${RANGER_RELEASE_SOURCE}.sha512 "${RANGER_DOWNLOAD_URL_PREFIX}/${RANGER_RELEASE_SOURCE}.sha512" curl -o KEYS "${RANGER_KEYS_URL}"
Code Block language bash firstline 1 title Apache build cd ${RANGER_RELEASE_DIR} rm -rf apache-ranger-${RANGER_RELEASE} tar xf ${RANGER_RELEASE_SOURCE} cd apache-ranger-${RANGER_RELEASE} # The following build command should successfully complete without any errors mvn -Pall -DskipTests=false clean compile package install
Run the following commands to validate the ranger release artifacts:
Code Block language bash firstline 1 title Validate Release Artifacts # Go to the directory where the artifact is downloaded cd ${RANGER_RELEASE_DIR} [ -f KEYS ] && gpg --import KEYS > /dev/null 2>&1 # # VALIDATE: GPG signatures # gpg --verify ${RANGER_RELEASE_SOURCE}.asc ${RANGER_RELEASE_SOURCE} if [ $? -ne 0 ] then echo "***** ERROR *****: Unable to validate GPG signature for ${RANGER_RELEASE_SOURCE}" else echo "+OK: validated GPG signature for ${RANGER_RELEASE_SOURCE}" fi # # VALIDATE: the SHA256 and SHA512 Signatures with the content of file below ... # for SIG_ALGO in sha256 sha512 do GEN_SIG="`gpg --print-md SHA256 ${RANGER_RELEASE_SOURCE}`" FILE_SIG="`cat ${RANGER_RELEASE_SOURCE}.sha256`" if [ "${GEN_SIG}x" != "${FILE_SIG}x" ] then echo "**** ERROR *****: Unable to validate ${SIG_ALGO} signature for ${RANGER_RELEASE_SOURCE}" else echo "+OK: validated ${SIG_ALGO} signature for ${RANGER_RELEASE_SOURCE}" fi unset GEN_SIG unset FILE_SIG done
- Once the validations are complete, please VOTE via email - replying to the original VOTE request using the process described in Apache VOTING Process.
...