You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@rya.apache.org by "Aaron D. Mihalik" <aa...@gmail.com> on 2016/09/08 13:32:58 UTC
Understanding Apache Staging Repo Rules?
I built and pushed 3.2.10-RC1 last night and it appears that it failed
Staging Repo Validation.
You can see the staging repo artifacts here:
https://repository.apache.org/#stagingRepositories
and the repo is orgapacherya-1000
I closed the staging repo and Nexus notes that the "[Close] operation
failed with 3 notifications". I think that these "3 notifications"
represents only one error, the "Failed Signature Validation". We'll start
looking at that issue.
I can't find much information about the "Apache Ruleset" and Nexus doesn't
provide much feedback. Can a mentor double check this for me? Are we only
failing one rule? Are there more automated "Apache Rules" that may trigger
on the close, or is it just these two?
Thanks,
Aaron
Re: Understanding Apache Staging Repo Rules?
Posted by "Aaron D. Mihalik" <aa...@gmail.com>.
Thanks Josh. You caught me right as I was trying out a fix Eric
implemented.
I closed the Repo and it worked just fine. I'm doing some simple checks,
then I'm going to send out a "vote" email.
Is there a good template for that type of email?
--Aaron
On Thu, Sep 8, 2016 at 6:03 PM Josh Elser <jo...@gmail.com> wrote:
> I don't see orgapacherya-1000, only 1001 and that one is still open.
>
> Failed Signature Validation sounds like it could not verify the GPG
> signatures on the artifacts that we deployed. Is the KEYs file for Rya
> published and containing your public signature?
>
> I see http://pgp.mit.edu/pks/lookup?op=vindex&search=0xC3CC40CAF50EAE1A,
> is that they key you used to sign the artifacts?
>
> Aaron D. Mihalik wrote:
> > I built and pushed 3.2.10-RC1 last night and it appears that it failed
> > Staging Repo Validation.
> >
> > You can see the staging repo artifacts here:
> > https://repository.apache.org/#stagingRepositories
> >
> > and the repo is orgapacherya-1000
> >
> > I closed the staging repo and Nexus notes that the "[Close] operation
> > failed with 3 notifications". I think that these "3 notifications"
> > represents only one error, the "Failed Signature Validation". We'll
> start
> > looking at that issue.
> >
> > I can't find much information about the "Apache Ruleset" and Nexus
> doesn't
> > provide much feedback. Can a mentor double check this for me? Are we
> only
> > failing one rule? Are there more automated "Apache Rules" that may
> trigger
> > on the close, or is it just these two?
> >
> > Thanks,
> > Aaron
> >
>
Re: Understanding Apache Staging Repo Rules?
Posted by Josh Elser <jo...@gmail.com>.
I don't see orgapacherya-1000, only 1001 and that one is still open.
Failed Signature Validation sounds like it could not verify the GPG
signatures on the artifacts that we deployed. Is the KEYs file for Rya
published and containing your public signature?
I see http://pgp.mit.edu/pks/lookup?op=vindex&search=0xC3CC40CAF50EAE1A,
is that they key you used to sign the artifacts?
Aaron D. Mihalik wrote:
> I built and pushed 3.2.10-RC1 last night and it appears that it failed
> Staging Repo Validation.
>
> You can see the staging repo artifacts here:
> https://repository.apache.org/#stagingRepositories
>
> and the repo is orgapacherya-1000
>
> I closed the staging repo and Nexus notes that the "[Close] operation
> failed with 3 notifications". I think that these "3 notifications"
> represents only one error, the "Failed Signature Validation". We'll start
> looking at that issue.
>
> I can't find much information about the "Apache Ruleset" and Nexus doesn't
> provide much feedback. Can a mentor double check this for me? Are we only
> failing one rule? Are there more automated "Apache Rules" that may trigger
> on the close, or is it just these two?
>
> Thanks,
> Aaron
>