You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@rocketmq.apache.org by di...@apache.org on 2019/03/28 12:44:29 UTC

[rocketmq-site] branch master updated: Update release manual

This is an automated email from the ASF dual-hosted git repository.

dinglei pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/rocketmq-site.git


The following commit(s) were added to refs/heads/master by this push:
     new fd4178d  Update release manual
     new b0b3423  Merge branch 'master' of github.com:apache/rocketmq-site
fd4178d is described below

commit fd4178d225324c92b839df85c40dda2cd19c799b
Author: ShannonDing <li...@163.com>
AuthorDate: Thu Mar 28 20:43:28 2019 +0800

    Update release manual
---
 _docs/08-release-manual.md | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/_docs/08-release-manual.md b/_docs/08-release-manual.md
index 8102588..0d6479e 100644
--- a/_docs/08-release-manual.md
+++ b/_docs/08-release-manual.md
@@ -112,7 +112,7 @@ Be aware of the os version, for some dependency is os sensitive, such as netty t
 * Make sure that all the unit tests can pass via `mvn clean install`.
 * Make sure that all the integration tests can pass via `mvn clean test -Pit-test`.
 
-After the successful building, remember to sign the artifact, and copy them to the svn repository, you could refer to [svn repository](https://dist.apache.org/repos/dist/release/rocketmq/4.2.0) .
+After the successful building, remember to sign the artifact(GPG and SHA512 signatures are required), and copy them to the svn repository, you could refer to [svn repository](https://dist.apache.org/repos/dist/release/rocketmq/4.2.0) .
 
 
 ## 4. Validate the Release Candidate
@@ -139,9 +139,9 @@ After the successful building, remember to sign the artifact, and copy them to t
 
 
 #### 4.3 verify tools
-Please follow the steps below to verify the checksums and PGP signatures:
+Please follow the steps below to verify the checksums and GPG signatures:
 
-1. Download the release artifacts, PGP signature file, MD5/SHA hash files.
+1. Download the release artifacts, GPG signature file, SHA512 hash files.
 2. On unix platforms the following command can be executed:
   
   ```shell
@@ -154,7 +154,7 @@ Please follow the steps below to verify the checksums and PGP signatures:
   or
   
   ```shell
-  gpg --verify rocketmq-all-%version-number%-source-release.zip.asc rocketmq-all-%version-number%-source-release.zip
+  gpg --verify rocketmq-all-%version-number%-source-release.zip.asc rocketmq-all-%version-number%-bin-release.zip
   ```
   Check the output to ensure it only contains good signatures:
   
@@ -162,10 +162,11 @@ Please follow the steps below to verify the checksums and PGP signatures:
   gpg: Good signature from ... gpg: Signature made ...
   ```
 
-3. Compare MD5, SHA hash generated by the below command with the downloaded hash files.
+3. Compare SHA512 hash generated by the below command with the downloaded hash files.
 
   ```shell
   gpg --print-mds rocketmq-all-%version-number%-source-release.zip 
+  gpg --print-mds rocketmq-all-%version-number%-bin-release.zip 
   ```
 
 ## 5. Release the Staging Artifacts