You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@hbase.apache.org by Guangxu Cheng <gx...@apache.org> on 2021/12/20 06:15:06 UTC

[VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Please vote on this Apache hbase operator tools release candidate,
hbase-operator-tools-1.2.0RC1

The VOTE will remain open for at least 72 hours.

[ ] +1 Release this package as Apache hbase operator tools 1.2.0
[ ] -1 Do not release this package because ...

The tag to be voted on is 1.2.0RC1:

  https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1

This tag currently points to git reference

  478af00af79f82624264fd2bb447b97fecc8e790

The release files, including signatures, digests, as well as CHANGES.md
and RELEASENOTES.md included in this RC can be found at:

  https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1

Maven artifacts are available in a staging repository at:

  https://repository.apache.org/content/repositories/org apache hbase-1479
<https://repository.apache.org/content/repositories/orgapachehbase-1479>
Artifacts were signed with the 5EF3A66D57EC647A key which can be found in:

  https://downloads.apache.org/hbase/KEYS

hbase-operator-tools 1.2.0 contains a critical security fix for addressing
the log4j2
CVE-2021-44228 and CVE-2021-45105. All users who use hbase-operator-tools
should upgrade to hbase-operator-tools 1.2.0 ASAP.

To learn more about Apache hbase operator tools, please see

  http://hbase.apache.org/

Thanks,
Your HBase Release Manager
------
Best Regards,
Guangxu

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by "张铎(Duo Zhang)" <pa...@gmail.com>.

+1, just go ahead Nick.

Thanks.

Nick Dimiduk <nd...@apache.org> 于2023年2月15日周三 18:13写道：

> I observe the same omission. Any objections if I promote the existing RC
> tag?
>
> Thanks,
> Nick
>
> On 2022/01/06 19:47:30 Zach York wrote:
> > Hey Guangxu,
> >
> > I noticed recently that there is no rel/1.2.0 tag on github for
> > hbase-operator tools. Was that step missed while releasing?
> >
> > Thanks,
> > Zach
> >
> > On Thu, Dec 23, 2021 at 11:44 PM Guangxu Cheng <gx...@apache.org>
> wrote:
> >
> > > With 3 binding +1 votes, 1 non-binding +1 votes, and no 0 or -1 votes,
> the
> > > vote passes.
> > >
> > > Thanks to all who voted on the release candidate!
> > >
> > > Let me push the release out.
> > > ------
> > > Best Regards,
> > > Guangxu
> > >
> > >
> > > Guangxu Cheng <gx...@apache.org> 于2021年12月24日周五 15:39写道：
> > >
> > > > +1 from me
> > > > ------
> > > > Best Regards,
> > > > Guangxu
> > > >
> > > >
> > > > Josh Elser <el...@apache.org> 于2021年12月23日周四 05:00写道：
> > > >
> > > >> +1 (binding)
> > > >>
> > > >> * xsums/sigs OK
> > > >> * apache-rat:check OK
> > > >> * Can build from src
> > > >> * Ran all UT
> > > >> * Log4j 2.17 in use
> > > >>
> > > >> Looks great, Guangxu!
> > > >>
> > > >> On 12/20/21 1:15 AM, Guangxu Cheng wrote:
> > > >> > Please vote on this Apache hbase operator tools release candidate,
> > > >> > hbase-operator-tools-1.2.0RC1
> > > >> >
> > > >> > The VOTE will remain open for at least 72 hours.
> > > >> >
> > > >> > [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> > > >> > [ ] -1 Do not release this package because ...
> > > >> >
> > > >> > The tag to be voted on is 1.2.0RC1:
> > > >> >
> > > >> >    https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
> > > >> >
> > > >> > This tag currently points to git reference
> > > >> >
> > > >> >    478af00af79f82624264fd2bb447b97fecc8e790
> > > >> >
> > > >> > The release files, including signatures, digests, as well as
> > > CHANGES.md
> > > >> > and RELEASENOTES.md included in this RC can be found at:
> > > >> >
> > > >> >
> > > >>
> > >
> https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
> > > >> >
> > > >> > Maven artifacts are available in a staging repository at:
> > > >> >
> > > >> >    https://repository.apache.org/content/repositories/org apache
> > > >> hbase-1479
> > > >> > <
> > > https://repository.apache.org/content/repositories/orgapachehbase-1479
> > > >> >
> > > >> > Artifacts were signed with the 5EF3A66D57EC647A key which can be
> found
> > > >> in:
> > > >> >
> > > >> >    https://downloads.apache.org/hbase/KEYS
> > > >> >
> > > >> > hbase-operator-tools 1.2.0 contains a critical security fix for
> > > >> addressing
> > > >> > the log4j2
> > > >> > CVE-2021-44228 and CVE-2021-45105. All users who use
> > > >> hbase-operator-tools
> > > >> > should upgrade to hbase-operator-tools 1.2.0 ASAP.
> > > >> >
> > > >> > To learn more about Apache hbase operator tools, please see
> > > >> >
> > > >> >    http://hbase.apache.org/
> > > >> >
> > > >> > Thanks,
> > > >> > Your HBase Release Manager
> > > >> > ------
> > > >> > Best Regards,
> > > >> > Guangxu
> > > >> >
> > > >>
> > > >
> > >
> >
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by Nick Dimiduk <nd...@apache.org>.

I observe the same omission. Any objections if I promote the existing RC tag?

Thanks,
Nick

On 2022/01/06 19:47:30 Zach York wrote:
> Hey Guangxu,
> 
> I noticed recently that there is no rel/1.2.0 tag on github for
> hbase-operator tools. Was that step missed while releasing?
> 
> Thanks,
> Zach
> 
> On Thu, Dec 23, 2021 at 11:44 PM Guangxu Cheng <gx...@apache.org> wrote:
> 
> > With 3 binding +1 votes, 1 non-binding +1 votes, and no 0 or -1 votes, the
> > vote passes.
> >
> > Thanks to all who voted on the release candidate!
> >
> > Let me push the release out.
> > ------
> > Best Regards,
> > Guangxu
> >
> >
> > Guangxu Cheng <gx...@apache.org> 于2021年12月24日周五 15:39写道：
> >
> > > +1 from me
> > > ------
> > > Best Regards,
> > > Guangxu
> > >
> > >
> > > Josh Elser <el...@apache.org> 于2021年12月23日周四 05:00写道：
> > >
> > >> +1 (binding)
> > >>
> > >> * xsums/sigs OK
> > >> * apache-rat:check OK
> > >> * Can build from src
> > >> * Ran all UT
> > >> * Log4j 2.17 in use
> > >>
> > >> Looks great, Guangxu!
> > >>
> > >> On 12/20/21 1:15 AM, Guangxu Cheng wrote:
> > >> > Please vote on this Apache hbase operator tools release candidate,
> > >> > hbase-operator-tools-1.2.0RC1
> > >> >
> > >> > The VOTE will remain open for at least 72 hours.
> > >> >
> > >> > [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> > >> > [ ] -1 Do not release this package because ...
> > >> >
> > >> > The tag to be voted on is 1.2.0RC1:
> > >> >
> > >> >    https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
> > >> >
> > >> > This tag currently points to git reference
> > >> >
> > >> >    478af00af79f82624264fd2bb447b97fecc8e790
> > >> >
> > >> > The release files, including signatures, digests, as well as
> > CHANGES.md
> > >> > and RELEASENOTES.md included in this RC can be found at:
> > >> >
> > >> >
> > >>
> > https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
> > >> >
> > >> > Maven artifacts are available in a staging repository at:
> > >> >
> > >> >    https://repository.apache.org/content/repositories/org apache
> > >> hbase-1479
> > >> > <
> > https://repository.apache.org/content/repositories/orgapachehbase-1479
> > >> >
> > >> > Artifacts were signed with the 5EF3A66D57EC647A key which can be found
> > >> in:
> > >> >
> > >> >    https://downloads.apache.org/hbase/KEYS
> > >> >
> > >> > hbase-operator-tools 1.2.0 contains a critical security fix for
> > >> addressing
> > >> > the log4j2
> > >> > CVE-2021-44228 and CVE-2021-45105. All users who use
> > >> hbase-operator-tools
> > >> > should upgrade to hbase-operator-tools 1.2.0 ASAP.
> > >> >
> > >> > To learn more about Apache hbase operator tools, please see
> > >> >
> > >> >    http://hbase.apache.org/
> > >> >
> > >> > Thanks,
> > >> > Your HBase Release Manager
> > >> > ------
> > >> > Best Regards,
> > >> > Guangxu
> > >> >
> > >>
> > >
> >
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by Zach York <zy...@gmail.com>.

Hey Guangxu,

I noticed recently that there is no rel/1.2.0 tag on github for
hbase-operator tools. Was that step missed while releasing?

Thanks,
Zach

On Thu, Dec 23, 2021 at 11:44 PM Guangxu Cheng <gx...@apache.org> wrote:

> With 3 binding +1 votes, 1 non-binding +1 votes, and no 0 or -1 votes, the
> vote passes.
>
> Thanks to all who voted on the release candidate!
>
> Let me push the release out.
> ------
> Best Regards,
> Guangxu
>
>
> Guangxu Cheng <gx...@apache.org> 于2021年12月24日周五 15:39写道：
>
> > +1 from me
> > ------
> > Best Regards,
> > Guangxu
> >
> >
> > Josh Elser <el...@apache.org> 于2021年12月23日周四 05:00写道：
> >
> >> +1 (binding)
> >>
> >> * xsums/sigs OK
> >> * apache-rat:check OK
> >> * Can build from src
> >> * Ran all UT
> >> * Log4j 2.17 in use
> >>
> >> Looks great, Guangxu!
> >>
> >> On 12/20/21 1:15 AM, Guangxu Cheng wrote:
> >> > Please vote on this Apache hbase operator tools release candidate,
> >> > hbase-operator-tools-1.2.0RC1
> >> >
> >> > The VOTE will remain open for at least 72 hours.
> >> >
> >> > [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> >> > [ ] -1 Do not release this package because ...
> >> >
> >> > The tag to be voted on is 1.2.0RC1:
> >> >
> >> >    https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
> >> >
> >> > This tag currently points to git reference
> >> >
> >> >    478af00af79f82624264fd2bb447b97fecc8e790
> >> >
> >> > The release files, including signatures, digests, as well as
> CHANGES.md
> >> > and RELEASENOTES.md included in this RC can be found at:
> >> >
> >> >
> >>
> https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
> >> >
> >> > Maven artifacts are available in a staging repository at:
> >> >
> >> >    https://repository.apache.org/content/repositories/org apache
> >> hbase-1479
> >> > <
> https://repository.apache.org/content/repositories/orgapachehbase-1479
> >> >
> >> > Artifacts were signed with the 5EF3A66D57EC647A key which can be found
> >> in:
> >> >
> >> >    https://downloads.apache.org/hbase/KEYS
> >> >
> >> > hbase-operator-tools 1.2.0 contains a critical security fix for
> >> addressing
> >> > the log4j2
> >> > CVE-2021-44228 and CVE-2021-45105. All users who use
> >> hbase-operator-tools
> >> > should upgrade to hbase-operator-tools 1.2.0 ASAP.
> >> >
> >> > To learn more about Apache hbase operator tools, please see
> >> >
> >> >    http://hbase.apache.org/
> >> >
> >> > Thanks,
> >> > Your HBase Release Manager
> >> > ------
> >> > Best Regards,
> >> > Guangxu
> >> >
> >>
> >
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by Guangxu Cheng <gx...@apache.org>.

With 3 binding +1 votes, 1 non-binding +1 votes, and no 0 or -1 votes, the
vote passes.

Thanks to all who voted on the release candidate!

Let me push the release out.
------
Best Regards,
Guangxu


Guangxu Cheng <gx...@apache.org> 于2021年12月24日周五 15:39写道：

> +1 from me
> ------
> Best Regards,
> Guangxu
>
>
> Josh Elser <el...@apache.org> 于2021年12月23日周四 05:00写道：
>
>> +1 (binding)
>>
>> * xsums/sigs OK
>> * apache-rat:check OK
>> * Can build from src
>> * Ran all UT
>> * Log4j 2.17 in use
>>
>> Looks great, Guangxu!
>>
>> On 12/20/21 1:15 AM, Guangxu Cheng wrote:
>> > Please vote on this Apache hbase operator tools release candidate,
>> > hbase-operator-tools-1.2.0RC1
>> >
>> > The VOTE will remain open for at least 72 hours.
>> >
>> > [ ] +1 Release this package as Apache hbase operator tools 1.2.0
>> > [ ] -1 Do not release this package because ...
>> >
>> > The tag to be voted on is 1.2.0RC1:
>> >
>> >    https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
>> >
>> > This tag currently points to git reference
>> >
>> >    478af00af79f82624264fd2bb447b97fecc8e790
>> >
>> > The release files, including signatures, digests, as well as CHANGES.md
>> > and RELEASENOTES.md included in this RC can be found at:
>> >
>> >
>> https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
>> >
>> > Maven artifacts are available in a staging repository at:
>> >
>> >    https://repository.apache.org/content/repositories/org apache
>> hbase-1479
>> > <https://repository.apache.org/content/repositories/orgapachehbase-1479
>> >
>> > Artifacts were signed with the 5EF3A66D57EC647A key which can be found
>> in:
>> >
>> >    https://downloads.apache.org/hbase/KEYS
>> >
>> > hbase-operator-tools 1.2.0 contains a critical security fix for
>> addressing
>> > the log4j2
>> > CVE-2021-44228 and CVE-2021-45105. All users who use
>> hbase-operator-tools
>> > should upgrade to hbase-operator-tools 1.2.0 ASAP.
>> >
>> > To learn more about Apache hbase operator tools, please see
>> >
>> >    http://hbase.apache.org/
>> >
>> > Thanks,
>> > Your HBase Release Manager
>> > ------
>> > Best Regards,
>> > Guangxu
>> >
>>
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by Guangxu Cheng <gx...@apache.org>.

+1 from me
------
Best Regards,
Guangxu


Josh Elser <el...@apache.org> 于2021年12月23日周四 05:00写道：

> +1 (binding)
>
> * xsums/sigs OK
> * apache-rat:check OK
> * Can build from src
> * Ran all UT
> * Log4j 2.17 in use
>
> Looks great, Guangxu!
>
> On 12/20/21 1:15 AM, Guangxu Cheng wrote:
> > Please vote on this Apache hbase operator tools release candidate,
> > hbase-operator-tools-1.2.0RC1
> >
> > The VOTE will remain open for at least 72 hours.
> >
> > [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> > [ ] -1 Do not release this package because ...
> >
> > The tag to be voted on is 1.2.0RC1:
> >
> >    https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
> >
> > This tag currently points to git reference
> >
> >    478af00af79f82624264fd2bb447b97fecc8e790
> >
> > The release files, including signatures, digests, as well as CHANGES.md
> > and RELEASENOTES.md included in this RC can be found at:
> >
> >
> https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
> >
> > Maven artifacts are available in a staging repository at:
> >
> >    https://repository.apache.org/content/repositories/org apache
> hbase-1479
> > <https://repository.apache.org/content/repositories/orgapachehbase-1479>
> > Artifacts were signed with the 5EF3A66D57EC647A key which can be found
> in:
> >
> >    https://downloads.apache.org/hbase/KEYS
> >
> > hbase-operator-tools 1.2.0 contains a critical security fix for
> addressing
> > the log4j2
> > CVE-2021-44228 and CVE-2021-45105. All users who use hbase-operator-tools
> > should upgrade to hbase-operator-tools 1.2.0 ASAP.
> >
> > To learn more about Apache hbase operator tools, please see
> >
> >    http://hbase.apache.org/
> >
> > Thanks,
> > Your HBase Release Manager
> > ------
> > Best Regards,
> > Guangxu
> >
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by Josh Elser <el...@apache.org>.

+1 (binding)

* xsums/sigs OK
* apache-rat:check OK
* Can build from src
* Ran all UT
* Log4j 2.17 in use

Looks great, Guangxu!

On 12/20/21 1:15 AM, Guangxu Cheng wrote:
> Please vote on this Apache hbase operator tools release candidate,
> hbase-operator-tools-1.2.0RC1
> 
> The VOTE will remain open for at least 72 hours.
> 
> [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> [ ] -1 Do not release this package because ...
> 
> The tag to be voted on is 1.2.0RC1:
> 
>    https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
> 
> This tag currently points to git reference
> 
>    478af00af79f82624264fd2bb447b97fecc8e790
> 
> The release files, including signatures, digests, as well as CHANGES.md
> and RELEASENOTES.md included in this RC can be found at:
> 
>    https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
> 
> Maven artifacts are available in a staging repository at:
> 
>    https://repository.apache.org/content/repositories/org apache hbase-1479
> <https://repository.apache.org/content/repositories/orgapachehbase-1479>
> Artifacts were signed with the 5EF3A66D57EC647A key which can be found in:
> 
>    https://downloads.apache.org/hbase/KEYS
> 
> hbase-operator-tools 1.2.0 contains a critical security fix for addressing
> the log4j2
> CVE-2021-44228 and CVE-2021-45105. All users who use hbase-operator-tools
> should upgrade to hbase-operator-tools 1.2.0 ASAP.
> 
> To learn more about Apache hbase operator tools, please see
> 
>    http://hbase.apache.org/
> 
> Thanks,
> Your HBase Release Manager
> ------
> Best Regards,
> Guangxu
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by "张铎(Duo Zhang)" <pa...@gmail.com>.

+1 binding

Since there is only one new commit since RC0, I have just done some simple
verification before carrying the +1 from RC0

Checked sigs and sums: Matched
Log4j2 2.17.0 in tarball: Confirmed

Thanks.

Tak Lon (Stephen) Wu <ta...@apache.org> 于2021年12月21日周二 01:47写道：

> +1 (non-binding)
>
>         * Signature: ok
>         * Checksum : ok
>         * Rat check (1.8.0_292): ok
>          - mvn clean apache-rat:check
>         * Built from source (1.8.0_292): ok
>          - mvn clean install  -DskipTests
>         * Unit tests pass (1.8.0_292): ok
>          - mvn package   -Dsurefire.rerunFailingTestsCount=3
>         * confirmed log4j2 2.17.0 is part of the dependency tree
>
> -Stephen
>
> On Sun, Dec 19, 2021 at 10:15 PM Guangxu Cheng <gx...@apache.org> wrote:
>
> > Please vote on this Apache hbase operator tools release candidate,
> > hbase-operator-tools-1.2.0RC1
> >
> > The VOTE will remain open for at least 72 hours.
> >
> > [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> > [ ] -1 Do not release this package because ...
> >
> > The tag to be voted on is 1.2.0RC1:
> >
> >   https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
> >
> > This tag currently points to git reference
> >
> >   478af00af79f82624264fd2bb447b97fecc8e790
> >
> > The release files, including signatures, digests, as well as CHANGES.md
> > and RELEASENOTES.md included in this RC can be found at:
> >
> >
> >
> https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
> >
> > Maven artifacts are available in a staging repository at:
> >
> >   https://repository.apache.org/content/repositories/org apache
> hbase-1479
> > <https://repository.apache.org/content/repositories/orgapachehbase-1479>
> > Artifacts were signed with the 5EF3A66D57EC647A key which can be found
> in:
> >
> >   https://downloads.apache.org/hbase/KEYS
> >
> > hbase-operator-tools 1.2.0 contains a critical security fix for
> addressing
> > the log4j2
> > CVE-2021-44228 and CVE-2021-45105. All users who use hbase-operator-tools
> > should upgrade to hbase-operator-tools 1.2.0 ASAP.
> >
> > To learn more about Apache hbase operator tools, please see
> >
> >   http://hbase.apache.org/
> >
> > Thanks,
> > Your HBase Release Manager
> > ------
> > Best Regards,
> > Guangxu
> >
>

Re: [VOTE] Second release candidate for hbase-operator-tools 1.2.0 is available for download

Posted by "Tak Lon (Stephen) Wu" <ta...@apache.org>.

+1 (non-binding)

        * Signature: ok
        * Checksum : ok
        * Rat check (1.8.0_292): ok
         - mvn clean apache-rat:check
        * Built from source (1.8.0_292): ok
         - mvn clean install  -DskipTests
        * Unit tests pass (1.8.0_292): ok
         - mvn package   -Dsurefire.rerunFailingTestsCount=3
        * confirmed log4j2 2.17.0 is part of the dependency tree

-Stephen

On Sun, Dec 19, 2021 at 10:15 PM Guangxu Cheng <gx...@apache.org> wrote:

> Please vote on this Apache hbase operator tools release candidate,
> hbase-operator-tools-1.2.0RC1
>
> The VOTE will remain open for at least 72 hours.
>
> [ ] +1 Release this package as Apache hbase operator tools 1.2.0
> [ ] -1 Do not release this package because ...
>
> The tag to be voted on is 1.2.0RC1:
>
>   https://github.com/apache/hbase-operator-tools/tree/1.2.0RC1
>
> This tag currently points to git reference
>
>   478af00af79f82624264fd2bb447b97fecc8e790
>
> The release files, including signatures, digests, as well as CHANGES.md
> and RELEASENOTES.md included in this RC can be found at:
>
>
> https://dist.apache.org/repos/dist/dev/hbase/hbase-operator-tools-1.2.0RC1
>
> Maven artifacts are available in a staging repository at:
>
>   https://repository.apache.org/content/repositories/org apache hbase-1479
> <https://repository.apache.org/content/repositories/orgapachehbase-1479>
> Artifacts were signed with the 5EF3A66D57EC647A key which can be found in:
>
>   https://downloads.apache.org/hbase/KEYS
>
> hbase-operator-tools 1.2.0 contains a critical security fix for addressing
> the log4j2
> CVE-2021-44228 and CVE-2021-45105. All users who use hbase-operator-tools
> should upgrade to hbase-operator-tools 1.2.0 ASAP.
>
> To learn more about Apache hbase operator tools, please see
>
>   http://hbase.apache.org/
>
> Thanks,
> Your HBase Release Manager
> ------
> Best Regards,
> Guangxu
>