You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@onami.apache.org by er...@apache.org on 2013/01/24 17:36:42 UTC
svn commit: r1438066 -
/incubator/onami/trunk/site/src/site/xdoc/committers/release-howto.xml
Author: eric
Date: Thu Jan 24 16:36:42 2013
New Revision: 1438066
URL: http://svn.apache.org/viewvc?rev=1438066&view=rev
Log:
Add more info in the doc on how to check a release
Modified:
incubator/onami/trunk/site/src/site/xdoc/committers/release-howto.xml
Modified: incubator/onami/trunk/site/src/site/xdoc/committers/release-howto.xml
URL: http://svn.apache.org/viewvc/incubator/onami/trunk/site/src/site/xdoc/committers/release-howto.xml?rev=1438066&r1=1438065&r2=1438066&view=diff
==============================================================================
--- incubator/onami/trunk/site/src/site/xdoc/committers/release-howto.xml (original)
+++ incubator/onami/trunk/site/src/site/xdoc/committers/release-howto.xml Thu Jan 24 16:36:42 2013
@@ -27,7 +27,9 @@
<body>
<section name="HowTo Release Apache Onami">
- <p>This short guide is for volunteers that intend to cover the role of Release Manager</p>
+ <p>This short guide is for volunteers that intend to cover the role of Release Manager. It also
+ contains a sections for voters with <a href="#Recommended_steps_before_casting_a_vote">recommended
+ steps before casting a vote</a>.</p>
</section>
<section name="Prerequisites">
@@ -344,6 +346,81 @@ Have Fun,
<li>Spin another release attempt!</li>
</ol>
</section>
+
+ <section name="Recommended steps before casting a vote">
+
+ <p>Making releases is a serious job at the ASF. And a time-eater.</p>
+ <p>The following gives you some ideas to check a release and cast your vote (as written by Christian Grobmeier on the Onami dev mailing list).</p>
+ <ol>
+
+ <li>Check out the source tag and test/package it.</li>
+ <li>Then take a look at the site to check the branding requirements (read more on <a href="http://www.apache.org/foundation/marks/pmcs">http://www.apache.org/foundation/marks/pmcs</a>).</li>
+ <li>The RAT plugin outputs license header issues (read more on <a href="http://creadur.apache.org/rat/apache-rat-plugin/index.html">http://creadur.apache.org/rat/apache-rat-plugin/index.html</a>).</li>
+ <li>This command helps to download artifacts from nexus to check them: <code>wget -e robots=off --cut-dirs=3 -r -p -np --no-check-certificate https://repository.apache.org/content/repositories/orgapacheonami-149/org/apache/onami/org.apache.onami.test/</code></li>
+ <li>Then we need to take care our code signing keys are in the KEYS file. MD5 checking i do with a scripts such as <code>[1]</code> or <code>[2]</code></li>
+ <li>Also try to open artifacts (avoid zip problems and such).</li>
+ </ol>
+
+<p>[1] <a href="https://gist.github.com/3504123">https://gist.github.com/3504123</a> from our mate Ivan (over from logging land)</p>
+
+<source>from os.path import join, splitext, basename
+import os
+import sys
+import hashlib
+
+def file_get_contents(path):
+ with open(path, 'rb') as file:
+ return file.read()
+
+for root, dirs, files in os.walk('.'):
+ for file in files:
+ file = join(root, file)
+ name, ext = splitext(file)
+
+ if ext == '.md5':
+ file_contents = file_get_contents(name)
+ md5_given = file_get_contents(file)
+ md5_actual = hashlib.md5(file_contents).hexdigest()
+
+ if (md5_given == md5_actual):
+ print "%s md5 OK" % basename(name)
+ else:
+ print "\nERROR: md5 mismatch\nfile : %s\ncalculated: %s\ngiven : %s\n" % (name, md5_actual, md5_given)
+
+ if ext == '.sha1':
+ file_contents = file_get_contents(name)
+ sha1_given = file_get_contents(file)
+ sha1_actual = hashlib.sha1(file_contents).hexdigest()
+
+ if (sha1_given == sha1_actual):
+ print "%s sha1 OK" % basename(name)
+ else:
+ print "\nERROR: sha1 mismatch\nfile : %s\ncalculated: %s\ngiven : %s\n" % (name, sha1_actual, sha1_given)</source>
+
+<p>[2] <a href="http://www.grobmeier.de/checking-md5-and-signatures-with-a-shell-script-29062011.html">http://www.grobmeier.de/checking-md5-and-signatures-with-a-shell-script-29062011.html</a></p>
+
+<source>#!/bin/bash
+
+file1=`md5 -q $1`
+file2=`cut -d* -f1 $1.md5`
+
+echo "Checking file: $1"
+echo "Using MD5 file: $1.md5"
+echo $file1
+echo $file2
+
+if [ $file1 != $file2 ]
+then
+ echo "md5 sums mismatch"
+else
+ echo "checksums OK"
+fi
+
+echo "GPG verification output"
+gpg --verify $1.asc $1</source>
+
+ </section>
+
</body>
</document>