You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flink.apache.org by "Konstantin Knauf (Jira)" <ji...@apache.org> on 2022/03/02 12:52:00 UTC

[jira] [Updated] (FLINK-25682) Check in script to verify cheksums and signatures for Apache Flink Releases

     [ https://issues.apache.org/jira/browse/FLINK-25682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Konstantin Knauf updated FLINK-25682:
-------------------------------------
    Description: 
For each flink, flink-shaded and flink-ml release, multiple community memebers usually check the correctness of signatures and checksums. I propose to check in a script for this purpose.

What the script should do:
 * Verify Signatures for Java & Python Binaries and Maven Artifacts
 * Verify Checksums (MD5 & SHA1/512) for Java & Python Binaries

Where should this script be located:
 * flink: [https://github.com/apache/flink/tree/master/tools/releasing]
 * flink-shaded: [https://github.com/apache/flink-shaded/tree/master/tools/releasing]
 * flink-ml: [https://github.com/apache/flink-ml/tree/master/tools/releasing]

  was:
For each flink, flink-shaded and flink-ml release, multiple community memebers usually check the correctness of signatures and checksums. I propose to check in a script for this purpose. 

What the script should do:

* Verify Signatures for Java & Python Binaries and Maven Artifacts
* Verify Checksums (MD5 & SHA1/512) for Java & Python Binaries and Maven Artifacts

Where should this script be located: 
* flink: https://github.com/apache/flink/tree/master/tools/releasing
* flink-shaded: https://github.com/apache/flink-shaded/tree/master/tools/releasing
* flink-ml: https://github.com/apache/flink-ml/tree/master/tools/releasing


> Check in script to verify cheksums and signatures for Apache Flink Releases
> ---------------------------------------------------------------------------
>
>                 Key: FLINK-25682
>                 URL: https://issues.apache.org/jira/browse/FLINK-25682
>             Project: Flink
>          Issue Type: Improvement
>          Components: Build System
>            Reporter: Konstantin Knauf
>            Assignee: Konstantin Knauf
>            Priority: Major
>
> For each flink, flink-shaded and flink-ml release, multiple community memebers usually check the correctness of signatures and checksums. I propose to check in a script for this purpose.
> What the script should do:
>  * Verify Signatures for Java & Python Binaries and Maven Artifacts
>  * Verify Checksums (MD5 & SHA1/512) for Java & Python Binaries
> Where should this script be located:
>  * flink: [https://github.com/apache/flink/tree/master/tools/releasing]
>  * flink-shaded: [https://github.com/apache/flink-shaded/tree/master/tools/releasing]
>  * flink-ml: [https://github.com/apache/flink-ml/tree/master/tools/releasing]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)