...

• Check if checksums and GPG files match the corresponding release files (required)
  A detailed description on how this is done can be found in the apache.org documentation about verifying releases.
  
  
• Verify that the source archives do not contains contain any binaries binaries (required)
  
  
• Build the source with Maven to ensure all source files have Apache headers (required)
  
  
• Check that all POM files point to the same version.
  That includes the quickstart artifact POM files
  • https://github.com/apache/flink/tree/master/flink-quickstart/flink-quickstart-java/src/main/resources/archetype-resources
  • https://github.com/apache/flink/tree/master/flink-quickstart/flink-quickstart-scala/src/main/resources/archetype-resources
    
    
• Read the README.md file to ensure there is nothing unexpected

...

Checks to be made include

• All Java artifacts must contain an Apache License file and a NOTICE file. Python artifacts only require an Apache License file.
• Non-Apache licenses of bundled dependencies must be forwarded
• The NOTICE files aggregate all copyright notices and list all bundled dependencies (except Apache licensed dependencies) 

A detailed explanation on the steps above is in https://cwiki.apache.org/confluence/display/FLINK/Licensing (see the bottom of the document for the actions to take)

Testing Functionality

This is not necessarily required for a release to be ASF compliant, but required to ensure a high quality release.

...

Check if the source release is building properly with Maven, including checkstyle and all tests (mvn clean verify)

• Build for Scala 2.11 and for Scala 2.12

Run the scripted nightly tests: https://github.com/apache/flink/tree/master/flink-end-to-end-tests

...