You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@atlas.apache.org by Sidharth Mishra <si...@apache.org> on 2022/12/01 07:49:17 UTC
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Thank you Madhan for the release candidate.
Validated the following and faced some issues as mentioned below:
- Able to download source, signature, md5 and sha512 files and verify
the checksum hash
- I am not able to verify the signature of the source. Steps I followed:
curl -O https://downloads.apache.org/atlas/KEYS
gpg --import KEYS
gpg --list-sigs madhan # Gives the correct output
pub rsa4096 2020-06-10 [SC] [expires: 2024-06-09]
1B6007E9CDEC4913DFB5031B630E02BA8823016D
uid [ unknown] Madhan Neethiraj <ma...@apache.org>
sig 3 630E02BA8823016D 2020-06-10
Madhan Neethiraj <ma...@apache.org>
sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
sig 630E02BA8823016D 2020-06-10 Madhan
Neethiraj <ma...@apache.org>
pub rsa2048 2014-11-10 [SC] [expired: 2018-11-10]
4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
uid [ expired] Madhan Neethiraj <ma...@apache.org>
sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
Neethiraj <ma...@apache.org>
sig 9C0596B11E19B762 2014-11-10 [User ID not found]
sig 2C1CD6311ED05C4A 2016-02-16 [User ID not found]
sig 3 X EB4200BBD4393DE8 2016-04-30 [User ID not found]
gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
apache-atlas-2.3.0-sources.tar.gz
gpg: Signature made Mon Nov 28 13:14:22 2022 PST
gpg: using RSA key FED467D3B01179D4
gpg: Can't check signature: No public key
# Even tried this and no help as it didn't download any keys
gpg --keyserver
https://dist.apache.org/repos/dist/release/atlas/KEYS --recv-keys
FED467D3B01179D4
- Build failed for the source using embedded-hbase-solr profile -
[ERROR] Failed to execute goal on project atlas-testtools: Could not
resolve dependencies for project
org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
maven-restlet (https://maven.restlet.com): transfer failed for
https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom:
sun.security.validator.ValidatorException: PKIX path validation
failed: java.security.cert.CertPathValidatorException: validity check
failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with
the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible
solutions, please read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with
the command
[ERROR] mvn <args> -rf :atlas-testtools
By running the below command the above issue was resolved as it
ignored all ssl verifications (Similar issue -
https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval):
ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
default python3 gets installed when we upgrade to mac ventura and no
python symlink
mvn clean install
-Dmaven.wagon.http.ssl.ignore.validity.dates=true
-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true
mvn clean package -Pdist
-Dmaven.wagon.http.ssl.ignore.validity.dates=true
-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true
- started Atlas and ran quickstart script to preload sample types and
entities
- validated relation search, basic and advanced search
P.S. Recently I upgraded my mac to ventura and I'm not sure if these
issues are due to the upgrade. If someone else has a similar mac
version and it works for them then we are good to proceed.
Please check once if the signature is correct or else I will debug
further at my end.
Thanks,
Sid
On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <sa...@apache.org> wrote:
>
> Thank you Madhan for the release candidate.
>
> +1 for Apache Atlas 2.3.0 release candidate #1
>
> validated the following:
> - Able to download source, signature, md5 and sha512 files and verified
> checksum hash
> - validated signature of source from release manager (Madhan Neethiraj <
> madhan@apache.org>)
> - Build the source successfully using embedded-hbase-solr profile
> - started Atlas and ran quickstart script to preload sample types and
> entities
> - validated relation search, basic and advanced search
>
> Thanks,
> Sarath
>
>
>
>
>
> On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <ma...@apache.org> wrote:
>
> > Atlas team,
> >
> >
> >
> > Apache Atlas 2.3.0 release candidate #1 is now available for a vote within
> > dev community. Links to the release artifacts are given below. Please
> > review and vote.
> >
> >
> >
> > The vote will be open for at least 72 hours or until necessary votes are
> > reached.
> >
> > [ ] +1 approve
> >
> > [ ] +0 no opinion
> >
> > [ ] -1 disapprove (and reason why)
> >
> >
> >
> > Thanks,
> >
> > Madhan
> >
> >
> >
> >
> >
> > List of issues addressed in this release:
> > https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> >
> >
> >
> > Git tag for the release:
> > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> >
> > Sources for the release:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> >
> >
> >
> > Source release verification:
> >
> > PGP Signature:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> >
> > MD5 Hash:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> >
> > SHA512 Hash:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> >
> >
> >
> > Keys to verify the signature of the release artifacts are available at:
> > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> >
> >
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Posted by Madhan Neethiraj <ma...@apache.org>.
Sid,
Can you please use keys from https://dist.apache.org/repos/dist/dev/atlas/KEYS?
Thanks,
Madhan
On 11/30/22, 11:49 PM, "Sidharth Mishra" <si...@apache.org> wrote:
Thank you Madhan for the release candidate.
Validated the following and faced some issues as mentioned below:
- Able to download source, signature, md5 and sha512 files and verify
the checksum hash
- I am not able to verify the signature of the source. Steps I followed:
curl -O https://downloads.apache.org/atlas/KEYS
gpg --import KEYS
gpg --list-sigs madhan # Gives the correct output
pub rsa4096 2020-06-10 [SC] [expires: 2024-06-09]
1B6007E9CDEC4913DFB5031B630E02BA8823016D
uid [ unknown] Madhan Neethiraj <ma...@apache.org>
sig 3 630E02BA8823016D 2020-06-10
Madhan Neethiraj <ma...@apache.org>
sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
sig 630E02BA8823016D 2020-06-10 Madhan
Neethiraj <ma...@apache.org>
pub rsa2048 2014-11-10 [SC] [expired: 2018-11-10]
4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
uid [ expired] Madhan Neethiraj <ma...@apache.org>
sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
Neethiraj <ma...@apache.org>
sig 9C0596B11E19B762 2014-11-10 [User ID not found]
sig 2C1CD6311ED05C4A 2016-02-16 [User ID not found]
sig 3 X EB4200BBD4393DE8 2016-04-30 [User ID not found]
gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
apache-atlas-2.3.0-sources.tar.gz
gpg: Signature made Mon Nov 28 13:14:22 2022 PST
gpg: using RSA key FED467D3B01179D4
gpg: Can't check signature: No public key
# Even tried this and no help as it didn't download any keys
gpg --keyserver
https://dist.apache.org/repos/dist/release/atlas/KEYS --recv-keys
FED467D3B01179D4
- Build failed for the source using embedded-hbase-solr profile -
[ERROR] Failed to execute goal on project atlas-testtools: Could not
resolve dependencies for project
org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
maven-restlet (https://maven.restlet.com): transfer failed for
https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom:
sun.security.validator.ValidatorException: PKIX path validation
failed: java.security.cert.CertPathValidatorException: validity check
failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with
the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible
solutions, please read the following articles:
[ERROR] [Help 1]
http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with
the command
[ERROR] mvn <args> -rf :atlas-testtools
By running the below command the above issue was resolved as it
ignored all ssl verifications (Similar issue -
https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval):
ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
default python3 gets installed when we upgrade to mac ventura and no
python symlink
mvn clean install
-Dmaven.wagon.http.ssl.ignore.validity.dates=true
-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true
mvn clean package -Pdist
-Dmaven.wagon.http.ssl.ignore.validity.dates=true
-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true
- started Atlas and ran quickstart script to preload sample types and
entities
- validated relation search, basic and advanced search
P.S. Recently I upgraded my mac to ventura and I'm not sure if these
issues are due to the upgrade. If someone else has a similar mac
version and it works for them then we are good to proceed.
Please check once if the signature is correct or else I will debug
further at my end.
Thanks,
Sid
On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <sa...@apache.org> wrote:
>
> Thank you Madhan for the release candidate.
>
> +1 for Apache Atlas 2.3.0 release candidate #1
>
> validated the following:
> - Able to download source, signature, md5 and sha512 files and verified
> checksum hash
> - validated signature of source from release manager (Madhan Neethiraj <
> madhan@apache.org>)
> - Build the source successfully using embedded-hbase-solr profile
> - started Atlas and ran quickstart script to preload sample types and
> entities
> - validated relation search, basic and advanced search
>
> Thanks,
> Sarath
>
>
>
>
>
> On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <ma...@apache.org> wrote:
>
> > Atlas team,
> >
> >
> >
> > Apache Atlas 2.3.0 release candidate #1 is now available for a vote within
> > dev community. Links to the release artifacts are given below. Please
> > review and vote.
> >
> >
> >
> > The vote will be open for at least 72 hours or until necessary votes are
> > reached.
> >
> > [ ] +1 approve
> >
> > [ ] +0 no opinion
> >
> > [ ] -1 disapprove (and reason why)
> >
> >
> >
> > Thanks,
> >
> > Madhan
> >
> >
> >
> >
> >
> > List of issues addressed in this release:
> > https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> >
> >
> >
> > Git tag for the release:
> > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> >
> > Sources for the release:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> >
> >
> >
> > Source release verification:
> >
> > PGP Signature:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> >
> > MD5 Hash:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> >
> > SHA512 Hash:
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> >
> >
> >
> > Keys to verify the signature of the release artifacts are available at:
> > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> >
> >
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Posted by Ismaël Mejía <ie...@gmail.com>.
Hi, just for info I just pinged the people managing the restlet maven
repository. I hope this will get fixed soon.
On Fri, Dec 2, 2022 at 1:05 AM Sidharth Mishra <si...@apache.org> wrote:
> Sure. In that case +1 for Apache Atlas 2.3.0 release candidate #1
>
> Thanks,
> Sid
>
> On Thu, Dec 1, 2022 at 1:31 PM Madhan Neethiraj <ma...@apache.org> wrote:
> >
> > Sid,
> >
> > I see that the certificate in https://maven.restlet.com expired 19 days
> back. I guess this issue wouldn't be impact folks who have .m2 cache
> populated with org.restlet artifacts earlier (than the certificate expiry).
> Until this certificate is renewed, you can use the flags to build Atlas.
> >
> > Thanks,
> > Madhan
> >
> >
> >
> > On 12/1/22, 12:53 PM, "Sidharth Mishra" <si...@apache.org> wrote:
> >
> > Thanks Madhan and Sarath. I tried the below and the signature
> > verification worked with warning as shown below:
> > curl -O https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > gpg --import KEYS
> > gpg --list madhan # Checked it has FED467D3B01179D4
> > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > apache-atlas-2.3.0-sources.tar.gz
> > gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> > gpg: using RSA key FED467D3B01179D4
> > gpg: Good signature from "Madhan Neethiraj <ma...@apache.org>"
> [unknown]
> > gpg: WARNING: This key is not certified with a trusted
> signature!
> > gpg: There is no indication that the signature
> belongs
> > to the owner.
> > Primary key fingerprint: 0524 DD1F 7940 6654 6D61 0744 FED4
> > 67D3 B011 79D4
> >
> > Still I am getting below error when I run maven clean install. Adding
> > the -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > -Dmaven.wagon.http.ssl.insecure=true
> > -Dmaven.wagon.http.ssl.allowall=true is ignoring this issue. Do you
> > have any ideas on this?
> >
> > [ERROR] Failed to execute goal on project atlas-testtools:
> > Could not resolve dependencies for project
> > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> > maven-restlet (https://maven.restlet.com): transfer failed for
> >
> https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom
> :
> > sun.security.validator.ValidatorException: PKIX path validation
> > failed: java.security.cert.CertPathValidatorException: validity check
> > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
> >
> > Thanks,
> > Sid
> >
> > On Thu, Dec 1, 2022 at 10:04 AM Sarath Subramanian <
> sarath@apache.org> wrote:
> > >
> > > Sid,
> > >
> > > I followed the below steps to verify signature. I'm running on Mac
> OS
> > > Monterey.
> > >
> > > wget https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > > > gpg --import KEYS
> > > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > > > apache-atlas-2.3.0-sources.tar.gz
> > > >
> > >
> > > Thanks,
> > > Sarath
> > >
> > > On Wed, Nov 30, 2022 at 11:50 PM Sidharth Mishra <
> sidmishra@apache.org>
> > > wrote:
> > >
> > > > Thank you Madhan for the release candidate.
> > > >
> > > > Validated the following and faced some issues as mentioned below:
> > > >
> > > > - Able to download source, signature, md5 and sha512 files and
> verify
> > > > the checksum hash
> > > > - I am not able to verify the signature of the source. Steps I
> followed:
> > > > curl -O https://downloads.apache.org/atlas/KEYS
> > > > gpg --import KEYS
> > > > gpg --list-sigs madhan # Gives the correct output
> > > > pub rsa4096 2020-06-10 [SC] [expires:
> 2024-06-09]
> > > > 1B6007E9CDEC4913DFB5031B630E02BA8823016D
> > > > uid [ unknown] Madhan Neethiraj <
> > > > madhan@apache.org>
> > > > sig 3 630E02BA8823016D 2020-06-10
> > > > Madhan Neethiraj <ma...@apache.org>
> > > > sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
> > > > sig 630E02BA8823016D 2020-06-10 Madhan
> > > > Neethiraj <ma...@apache.org>
> > > >
> > > > pub rsa2048 2014-11-10 [SC] [expired:
> 2018-11-10]
> > > > 4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
> > > > uid [ expired] Madhan Neethiraj <
> > > > madhan@apache.org>
> > > > sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
> > > > Neethiraj <ma...@apache.org>
> > > > sig 9C0596B11E19B762 2014-11-10 [User
> ID not
> > > > found]
> > > > sig 2C1CD6311ED05C4A 2016-02-16 [User
> ID not
> > > > found]
> > > > sig 3 X EB4200BBD4393DE8 2016-04-30 [User
> ID not
> > > > found]
> > > >
> > > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > > > apache-atlas-2.3.0-sources.tar.gz
> > > > gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> > > > gpg: using RSA key FED467D3B01179D4
> > > > gpg: Can't check signature: No public key
> > > >
> > > > # Even tried this and no help as it didn't download any keys
> > > > gpg --keyserver
> > > > https://dist.apache.org/repos/dist/release/atlas/KEYS
> --recv-keys
> > > > FED467D3B01179D4
> > > >
> > > > - Build failed for the source using embedded-hbase-solr profile -
> > > >
> > > > [ERROR] Failed to execute goal on project atlas-testtools:
> Could not
> > > > resolve dependencies for project
> > > > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> > > > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> > > > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> > > > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> > > > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> > > > maven-restlet (https://maven.restlet.com): transfer failed for
> > > >
> > > >
> https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom
> > > > :
> > > > sun.security.validator.ValidatorException: PKIX path validation
> > > > failed: java.security.cert.CertPathValidatorException: validity
> check
> > > > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
> > > > [ERROR]
> > > > [ERROR] To see the full stack trace of the errors, re-run
> Maven with
> > > > the -e switch.
> > > > [ERROR] Re-run Maven using the -X switch to enable full debug
> logging.
> > > > [ERROR]
> > > > [ERROR] For more information about the errors and possible
> > > > solutions, please read the following articles:
> > > > [ERROR] [Help 1]
> > > >
> > > >
> http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
> > > > [ERROR]
> > > > [ERROR] After correcting the problems, you can resume the
> build with
> > > > the command
> > > > [ERROR] mvn <args> -rf :atlas-testtools
> > > >
> > > > By running the below command the above issue was resolved as
> it
> > > > ignored all ssl verifications (Similar issue -
> > > >
> > > >
> https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval
> > > > ):
> > > > ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
> > > > default python3 gets installed when we upgrade to mac ventura
> and no
> > > > python symlink
> > > > mvn clean install
> > > > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > > > -Dmaven.wagon.http.ssl.insecure=true
> > > > -Dmaven.wagon.http.ssl.allowall=true
> > > > mvn clean package -Pdist
> > > > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > > > -Dmaven.wagon.http.ssl.insecure=true
> > > > -Dmaven.wagon.http.ssl.allowall=true
> > > >
> > > > - started Atlas and ran quickstart script to preload sample
> types and
> > > > entities
> > > > - validated relation search, basic and advanced search
> > > >
> > > > P.S. Recently I upgraded my mac to ventura and I'm not sure if
> these
> > > > issues are due to the upgrade. If someone else has a similar mac
> > > > version and it works for them then we are good to proceed.
> > > > Please check once if the signature is correct or else I will
> debug
> > > > further at my end.
> > > >
> > > > Thanks,
> > > > Sid
> > > >
> > > >
> > > >
> > > > On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <
> sarath@apache.org>
> > > > wrote:
> > > > >
> > > > > Thank you Madhan for the release candidate.
> > > > >
> > > > > +1 for Apache Atlas 2.3.0 release candidate #1
> > > > >
> > > > > validated the following:
> > > > > - Able to download source, signature, md5 and sha512 files and
> verified
> > > > > checksum hash
> > > > > - validated signature of source from release manager (Madhan
> Neethiraj <
> > > > > madhan@apache.org>)
> > > > > - Build the source successfully using embedded-hbase-solr
> profile
> > > > > - started Atlas and ran quickstart script to preload sample
> types and
> > > > > entities
> > > > > - validated relation search, basic and advanced search
> > > > >
> > > > > Thanks,
> > > > > Sarath
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <
> madhan@apache.org>
> > > > wrote:
> > > > >
> > > > > > Atlas team,
> > > > > >
> > > > > >
> > > > > >
> > > > > > Apache Atlas 2.3.0 release candidate #1 is now available for
> a vote
> > > > within
> > > > > > dev community. Links to the release artifacts are given
> below. Please
> > > > > > review and vote.
> > > > > >
> > > > > >
> > > > > >
> > > > > > The vote will be open for at least 72 hours or until
> necessary votes
> > > > are
> > > > > > reached.
> > > > > >
> > > > > > [ ] +1 approve
> > > > > >
> > > > > > [ ] +0 no opinion
> > > > > >
> > > > > > [ ] -1 disapprove (and reason why)
> > > > > >
> > > > > >
> > > > > >
> > > > > > Thanks,
> > > > > >
> > > > > > Madhan
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > List of issues addressed in this release:
> > > > > >
> > > >
> https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> > > > > >
> > > > > >
> > > > > >
> > > > > > Git tag for the release:
> > > > > > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> > > > > >
> > > > > > Sources for the release:
> > > > > >
> > > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> > > > > >
> > > > > >
> > > > > >
> > > > > > Source release verification:
> > > > > >
> > > > > > PGP Signature:
> > > > > >
> > > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> > > > > >
> > > > > > MD5 Hash:
> > > > > >
> > > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> > > > > >
> > > > > > SHA512 Hash:
> > > > > >
> > > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> > > > > >
> > > > > >
> > > > > >
> > > > > > Keys to verify the signature of the release artifacts are
> available at:
> > > > > > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > > > > >
> > > > > >
> > > >
> >
> >
>
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Posted by Sidharth Mishra <si...@apache.org>.
Sure. In that case +1 for Apache Atlas 2.3.0 release candidate #1
Thanks,
Sid
On Thu, Dec 1, 2022 at 1:31 PM Madhan Neethiraj <ma...@apache.org> wrote:
>
> Sid,
>
> I see that the certificate in https://maven.restlet.com expired 19 days back. I guess this issue wouldn't be impact folks who have .m2 cache populated with org.restlet artifacts earlier (than the certificate expiry). Until this certificate is renewed, you can use the flags to build Atlas.
>
> Thanks,
> Madhan
>
>
>
> On 12/1/22, 12:53 PM, "Sidharth Mishra" <si...@apache.org> wrote:
>
> Thanks Madhan and Sarath. I tried the below and the signature
> verification worked with warning as shown below:
> curl -O https://dist.apache.org/repos/dist/dev/atlas/KEYS
> gpg --import KEYS
> gpg --list madhan # Checked it has FED467D3B01179D4
> gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> apache-atlas-2.3.0-sources.tar.gz
> gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> gpg: using RSA key FED467D3B01179D4
> gpg: Good signature from "Madhan Neethiraj <ma...@apache.org>" [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs
> to the owner.
> Primary key fingerprint: 0524 DD1F 7940 6654 6D61 0744 FED4
> 67D3 B011 79D4
>
> Still I am getting below error when I run maven clean install. Adding
> the -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> -Dmaven.wagon.http.ssl.insecure=true
> -Dmaven.wagon.http.ssl.allowall=true is ignoring this issue. Do you
> have any ideas on this?
>
> [ERROR] Failed to execute goal on project atlas-testtools:
> Could not resolve dependencies for project
> org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> maven-restlet (https://maven.restlet.com): transfer failed for
> https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom:
> sun.security.validator.ValidatorException: PKIX path validation
> failed: java.security.cert.CertPathValidatorException: validity check
> failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
>
> Thanks,
> Sid
>
> On Thu, Dec 1, 2022 at 10:04 AM Sarath Subramanian <sa...@apache.org> wrote:
> >
> > Sid,
> >
> > I followed the below steps to verify signature. I'm running on Mac OS
> > Monterey.
> >
> > wget https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > > gpg --import KEYS
> > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > > apache-atlas-2.3.0-sources.tar.gz
> > >
> >
> > Thanks,
> > Sarath
> >
> > On Wed, Nov 30, 2022 at 11:50 PM Sidharth Mishra <si...@apache.org>
> > wrote:
> >
> > > Thank you Madhan for the release candidate.
> > >
> > > Validated the following and faced some issues as mentioned below:
> > >
> > > - Able to download source, signature, md5 and sha512 files and verify
> > > the checksum hash
> > > - I am not able to verify the signature of the source. Steps I followed:
> > > curl -O https://downloads.apache.org/atlas/KEYS
> > > gpg --import KEYS
> > > gpg --list-sigs madhan # Gives the correct output
> > > pub rsa4096 2020-06-10 [SC] [expires: 2024-06-09]
> > > 1B6007E9CDEC4913DFB5031B630E02BA8823016D
> > > uid [ unknown] Madhan Neethiraj <
> > > madhan@apache.org>
> > > sig 3 630E02BA8823016D 2020-06-10
> > > Madhan Neethiraj <ma...@apache.org>
> > > sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
> > > sig 630E02BA8823016D 2020-06-10 Madhan
> > > Neethiraj <ma...@apache.org>
> > >
> > > pub rsa2048 2014-11-10 [SC] [expired: 2018-11-10]
> > > 4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
> > > uid [ expired] Madhan Neethiraj <
> > > madhan@apache.org>
> > > sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
> > > Neethiraj <ma...@apache.org>
> > > sig 9C0596B11E19B762 2014-11-10 [User ID not
> > > found]
> > > sig 2C1CD6311ED05C4A 2016-02-16 [User ID not
> > > found]
> > > sig 3 X EB4200BBD4393DE8 2016-04-30 [User ID not
> > > found]
> > >
> > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > > apache-atlas-2.3.0-sources.tar.gz
> > > gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> > > gpg: using RSA key FED467D3B01179D4
> > > gpg: Can't check signature: No public key
> > >
> > > # Even tried this and no help as it didn't download any keys
> > > gpg --keyserver
> > > https://dist.apache.org/repos/dist/release/atlas/KEYS --recv-keys
> > > FED467D3B01179D4
> > >
> > > - Build failed for the source using embedded-hbase-solr profile -
> > >
> > > [ERROR] Failed to execute goal on project atlas-testtools: Could not
> > > resolve dependencies for project
> > > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> > > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> > > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> > > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> > > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> > > maven-restlet (https://maven.restlet.com): transfer failed for
> > >
> > > https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom
> > > :
> > > sun.security.validator.ValidatorException: PKIX path validation
> > > failed: java.security.cert.CertPathValidatorException: validity check
> > > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
> > > [ERROR]
> > > [ERROR] To see the full stack trace of the errors, re-run Maven with
> > > the -e switch.
> > > [ERROR] Re-run Maven using the -X switch to enable full debug logging.
> > > [ERROR]
> > > [ERROR] For more information about the errors and possible
> > > solutions, please read the following articles:
> > > [ERROR] [Help 1]
> > >
> > > http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
> > > [ERROR]
> > > [ERROR] After correcting the problems, you can resume the build with
> > > the command
> > > [ERROR] mvn <args> -rf :atlas-testtools
> > >
> > > By running the below command the above issue was resolved as it
> > > ignored all ssl verifications (Similar issue -
> > >
> > > https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval
> > > ):
> > > ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
> > > default python3 gets installed when we upgrade to mac ventura and no
> > > python symlink
> > > mvn clean install
> > > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > > -Dmaven.wagon.http.ssl.insecure=true
> > > -Dmaven.wagon.http.ssl.allowall=true
> > > mvn clean package -Pdist
> > > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > > -Dmaven.wagon.http.ssl.insecure=true
> > > -Dmaven.wagon.http.ssl.allowall=true
> > >
> > > - started Atlas and ran quickstart script to preload sample types and
> > > entities
> > > - validated relation search, basic and advanced search
> > >
> > > P.S. Recently I upgraded my mac to ventura and I'm not sure if these
> > > issues are due to the upgrade. If someone else has a similar mac
> > > version and it works for them then we are good to proceed.
> > > Please check once if the signature is correct or else I will debug
> > > further at my end.
> > >
> > > Thanks,
> > > Sid
> > >
> > >
> > >
> > > On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <sa...@apache.org>
> > > wrote:
> > > >
> > > > Thank you Madhan for the release candidate.
> > > >
> > > > +1 for Apache Atlas 2.3.0 release candidate #1
> > > >
> > > > validated the following:
> > > > - Able to download source, signature, md5 and sha512 files and verified
> > > > checksum hash
> > > > - validated signature of source from release manager (Madhan Neethiraj <
> > > > madhan@apache.org>)
> > > > - Build the source successfully using embedded-hbase-solr profile
> > > > - started Atlas and ran quickstart script to preload sample types and
> > > > entities
> > > > - validated relation search, basic and advanced search
> > > >
> > > > Thanks,
> > > > Sarath
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <ma...@apache.org>
> > > wrote:
> > > >
> > > > > Atlas team,
> > > > >
> > > > >
> > > > >
> > > > > Apache Atlas 2.3.0 release candidate #1 is now available for a vote
> > > within
> > > > > dev community. Links to the release artifacts are given below. Please
> > > > > review and vote.
> > > > >
> > > > >
> > > > >
> > > > > The vote will be open for at least 72 hours or until necessary votes
> > > are
> > > > > reached.
> > > > >
> > > > > [ ] +1 approve
> > > > >
> > > > > [ ] +0 no opinion
> > > > >
> > > > > [ ] -1 disapprove (and reason why)
> > > > >
> > > > >
> > > > >
> > > > > Thanks,
> > > > >
> > > > > Madhan
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > List of issues addressed in this release:
> > > > >
> > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> > > > >
> > > > >
> > > > >
> > > > > Git tag for the release:
> > > > > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> > > > >
> > > > > Sources for the release:
> > > > >
> > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> > > > >
> > > > >
> > > > >
> > > > > Source release verification:
> > > > >
> > > > > PGP Signature:
> > > > >
> > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> > > > >
> > > > > MD5 Hash:
> > > > >
> > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> > > > >
> > > > > SHA512 Hash:
> > > > >
> > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> > > > >
> > > > >
> > > > >
> > > > > Keys to verify the signature of the release artifacts are available at:
> > > > > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > > > >
> > > > >
> > >
>
>
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Posted by Madhan Neethiraj <ma...@apache.org>.
Sid,
I see that the certificate in https://maven.restlet.com expired 19 days back. I guess this issue wouldn't be impact folks who have .m2 cache populated with org.restlet artifacts earlier (than the certificate expiry). Until this certificate is renewed, you can use the flags to build Atlas.
Thanks,
Madhan
On 12/1/22, 12:53 PM, "Sidharth Mishra" <si...@apache.org> wrote:
Thanks Madhan and Sarath. I tried the below and the signature
verification worked with warning as shown below:
curl -O https://dist.apache.org/repos/dist/dev/atlas/KEYS
gpg --import KEYS
gpg --list madhan # Checked it has FED467D3B01179D4
gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
apache-atlas-2.3.0-sources.tar.gz
gpg: Signature made Mon Nov 28 13:14:22 2022 PST
gpg: using RSA key FED467D3B01179D4
gpg: Good signature from "Madhan Neethiraj <ma...@apache.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs
to the owner.
Primary key fingerprint: 0524 DD1F 7940 6654 6D61 0744 FED4
67D3 B011 79D4
Still I am getting below error when I run maven clean install. Adding
the -Dmaven.wagon.http.ssl.ignore.validity.dates=true
-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true is ignoring this issue. Do you
have any ideas on this?
[ERROR] Failed to execute goal on project atlas-testtools:
Could not resolve dependencies for project
org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
maven-restlet (https://maven.restlet.com): transfer failed for
https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom:
sun.security.validator.ValidatorException: PKIX path validation
failed: java.security.cert.CertPathValidatorException: validity check
failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
Thanks,
Sid
On Thu, Dec 1, 2022 at 10:04 AM Sarath Subramanian <sa...@apache.org> wrote:
>
> Sid,
>
> I followed the below steps to verify signature. I'm running on Mac OS
> Monterey.
>
> wget https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > gpg --import KEYS
> > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > apache-atlas-2.3.0-sources.tar.gz
> >
>
> Thanks,
> Sarath
>
> On Wed, Nov 30, 2022 at 11:50 PM Sidharth Mishra <si...@apache.org>
> wrote:
>
> > Thank you Madhan for the release candidate.
> >
> > Validated the following and faced some issues as mentioned below:
> >
> > - Able to download source, signature, md5 and sha512 files and verify
> > the checksum hash
> > - I am not able to verify the signature of the source. Steps I followed:
> > curl -O https://downloads.apache.org/atlas/KEYS
> > gpg --import KEYS
> > gpg --list-sigs madhan # Gives the correct output
> > pub rsa4096 2020-06-10 [SC] [expires: 2024-06-09]
> > 1B6007E9CDEC4913DFB5031B630E02BA8823016D
> > uid [ unknown] Madhan Neethiraj <
> > madhan@apache.org>
> > sig 3 630E02BA8823016D 2020-06-10
> > Madhan Neethiraj <ma...@apache.org>
> > sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
> > sig 630E02BA8823016D 2020-06-10 Madhan
> > Neethiraj <ma...@apache.org>
> >
> > pub rsa2048 2014-11-10 [SC] [expired: 2018-11-10]
> > 4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
> > uid [ expired] Madhan Neethiraj <
> > madhan@apache.org>
> > sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
> > Neethiraj <ma...@apache.org>
> > sig 9C0596B11E19B762 2014-11-10 [User ID not
> > found]
> > sig 2C1CD6311ED05C4A 2016-02-16 [User ID not
> > found]
> > sig 3 X EB4200BBD4393DE8 2016-04-30 [User ID not
> > found]
> >
> > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > apache-atlas-2.3.0-sources.tar.gz
> > gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> > gpg: using RSA key FED467D3B01179D4
> > gpg: Can't check signature: No public key
> >
> > # Even tried this and no help as it didn't download any keys
> > gpg --keyserver
> > https://dist.apache.org/repos/dist/release/atlas/KEYS --recv-keys
> > FED467D3B01179D4
> >
> > - Build failed for the source using embedded-hbase-solr profile -
> >
> > [ERROR] Failed to execute goal on project atlas-testtools: Could not
> > resolve dependencies for project
> > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> > maven-restlet (https://maven.restlet.com): transfer failed for
> >
> > https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom
> > :
> > sun.security.validator.ValidatorException: PKIX path validation
> > failed: java.security.cert.CertPathValidatorException: validity check
> > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
> > [ERROR]
> > [ERROR] To see the full stack trace of the errors, re-run Maven with
> > the -e switch.
> > [ERROR] Re-run Maven using the -X switch to enable full debug logging.
> > [ERROR]
> > [ERROR] For more information about the errors and possible
> > solutions, please read the following articles:
> > [ERROR] [Help 1]
> >
> > http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
> > [ERROR]
> > [ERROR] After correcting the problems, you can resume the build with
> > the command
> > [ERROR] mvn <args> -rf :atlas-testtools
> >
> > By running the below command the above issue was resolved as it
> > ignored all ssl verifications (Similar issue -
> >
> > https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval
> > ):
> > ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
> > default python3 gets installed when we upgrade to mac ventura and no
> > python symlink
> > mvn clean install
> > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > -Dmaven.wagon.http.ssl.insecure=true
> > -Dmaven.wagon.http.ssl.allowall=true
> > mvn clean package -Pdist
> > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > -Dmaven.wagon.http.ssl.insecure=true
> > -Dmaven.wagon.http.ssl.allowall=true
> >
> > - started Atlas and ran quickstart script to preload sample types and
> > entities
> > - validated relation search, basic and advanced search
> >
> > P.S. Recently I upgraded my mac to ventura and I'm not sure if these
> > issues are due to the upgrade. If someone else has a similar mac
> > version and it works for them then we are good to proceed.
> > Please check once if the signature is correct or else I will debug
> > further at my end.
> >
> > Thanks,
> > Sid
> >
> >
> >
> > On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <sa...@apache.org>
> > wrote:
> > >
> > > Thank you Madhan for the release candidate.
> > >
> > > +1 for Apache Atlas 2.3.0 release candidate #1
> > >
> > > validated the following:
> > > - Able to download source, signature, md5 and sha512 files and verified
> > > checksum hash
> > > - validated signature of source from release manager (Madhan Neethiraj <
> > > madhan@apache.org>)
> > > - Build the source successfully using embedded-hbase-solr profile
> > > - started Atlas and ran quickstart script to preload sample types and
> > > entities
> > > - validated relation search, basic and advanced search
> > >
> > > Thanks,
> > > Sarath
> > >
> > >
> > >
> > >
> > >
> > > On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <ma...@apache.org>
> > wrote:
> > >
> > > > Atlas team,
> > > >
> > > >
> > > >
> > > > Apache Atlas 2.3.0 release candidate #1 is now available for a vote
> > within
> > > > dev community. Links to the release artifacts are given below. Please
> > > > review and vote.
> > > >
> > > >
> > > >
> > > > The vote will be open for at least 72 hours or until necessary votes
> > are
> > > > reached.
> > > >
> > > > [ ] +1 approve
> > > >
> > > > [ ] +0 no opinion
> > > >
> > > > [ ] -1 disapprove (and reason why)
> > > >
> > > >
> > > >
> > > > Thanks,
> > > >
> > > > Madhan
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > List of issues addressed in this release:
> > > >
> > https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> > > >
> > > >
> > > >
> > > > Git tag for the release:
> > > > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> > > >
> > > > Sources for the release:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> > > >
> > > >
> > > >
> > > > Source release verification:
> > > >
> > > > PGP Signature:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> > > >
> > > > MD5 Hash:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> > > >
> > > > SHA512 Hash:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> > > >
> > > >
> > > >
> > > > Keys to verify the signature of the release artifacts are available at:
> > > > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > > >
> > > >
> >
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Posted by Sidharth Mishra <si...@apache.org>.
Thanks Madhan and Sarath. I tried the below and the signature
verification worked with warning as shown below:
curl -O https://dist.apache.org/repos/dist/dev/atlas/KEYS
gpg --import KEYS
gpg --list madhan # Checked it has FED467D3B01179D4
gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
apache-atlas-2.3.0-sources.tar.gz
gpg: Signature made Mon Nov 28 13:14:22 2022 PST
gpg: using RSA key FED467D3B01179D4
gpg: Good signature from "Madhan Neethiraj <ma...@apache.org>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs
to the owner.
Primary key fingerprint: 0524 DD1F 7940 6654 6D61 0744 FED4
67D3 B011 79D4
Still I am getting below error when I run maven clean install. Adding
the -Dmaven.wagon.http.ssl.ignore.validity.dates=true
-Dmaven.wagon.http.ssl.insecure=true
-Dmaven.wagon.http.ssl.allowall=true is ignoring this issue. Do you
have any ideas on this?
[ERROR] Failed to execute goal on project atlas-testtools:
Could not resolve dependencies for project
org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
maven-restlet (https://maven.restlet.com): transfer failed for
https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom:
sun.security.validator.ValidatorException: PKIX path validation
failed: java.security.cert.CertPathValidatorException: validity check
failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
Thanks,
Sid
On Thu, Dec 1, 2022 at 10:04 AM Sarath Subramanian <sa...@apache.org> wrote:
>
> Sid,
>
> I followed the below steps to verify signature. I'm running on Mac OS
> Monterey.
>
> wget https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > gpg --import KEYS
> > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > apache-atlas-2.3.0-sources.tar.gz
> >
>
> Thanks,
> Sarath
>
> On Wed, Nov 30, 2022 at 11:50 PM Sidharth Mishra <si...@apache.org>
> wrote:
>
> > Thank you Madhan for the release candidate.
> >
> > Validated the following and faced some issues as mentioned below:
> >
> > - Able to download source, signature, md5 and sha512 files and verify
> > the checksum hash
> > - I am not able to verify the signature of the source. Steps I followed:
> > curl -O https://downloads.apache.org/atlas/KEYS
> > gpg --import KEYS
> > gpg --list-sigs madhan # Gives the correct output
> > pub rsa4096 2020-06-10 [SC] [expires: 2024-06-09]
> > 1B6007E9CDEC4913DFB5031B630E02BA8823016D
> > uid [ unknown] Madhan Neethiraj <
> > madhan@apache.org>
> > sig 3 630E02BA8823016D 2020-06-10
> > Madhan Neethiraj <ma...@apache.org>
> > sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
> > sig 630E02BA8823016D 2020-06-10 Madhan
> > Neethiraj <ma...@apache.org>
> >
> > pub rsa2048 2014-11-10 [SC] [expired: 2018-11-10]
> > 4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
> > uid [ expired] Madhan Neethiraj <
> > madhan@apache.org>
> > sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
> > Neethiraj <ma...@apache.org>
> > sig 9C0596B11E19B762 2014-11-10 [User ID not
> > found]
> > sig 2C1CD6311ED05C4A 2016-02-16 [User ID not
> > found]
> > sig 3 X EB4200BBD4393DE8 2016-04-30 [User ID not
> > found]
> >
> > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> > apache-atlas-2.3.0-sources.tar.gz
> > gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> > gpg: using RSA key FED467D3B01179D4
> > gpg: Can't check signature: No public key
> >
> > # Even tried this and no help as it didn't download any keys
> > gpg --keyserver
> > https://dist.apache.org/repos/dist/release/atlas/KEYS --recv-keys
> > FED467D3B01179D4
> >
> > - Build failed for the source using embedded-hbase-solr profile -
> >
> > [ERROR] Failed to execute goal on project atlas-testtools: Could not
> > resolve dependencies for project
> > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> > maven-restlet (https://maven.restlet.com): transfer failed for
> >
> > https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom
> > :
> > sun.security.validator.ValidatorException: PKIX path validation
> > failed: java.security.cert.CertPathValidatorException: validity check
> > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
> > [ERROR]
> > [ERROR] To see the full stack trace of the errors, re-run Maven with
> > the -e switch.
> > [ERROR] Re-run Maven using the -X switch to enable full debug logging.
> > [ERROR]
> > [ERROR] For more information about the errors and possible
> > solutions, please read the following articles:
> > [ERROR] [Help 1]
> >
> > http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
> > [ERROR]
> > [ERROR] After correcting the problems, you can resume the build with
> > the command
> > [ERROR] mvn <args> -rf :atlas-testtools
> >
> > By running the below command the above issue was resolved as it
> > ignored all ssl verifications (Similar issue -
> >
> > https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval
> > ):
> > ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
> > default python3 gets installed when we upgrade to mac ventura and no
> > python symlink
> > mvn clean install
> > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > -Dmaven.wagon.http.ssl.insecure=true
> > -Dmaven.wagon.http.ssl.allowall=true
> > mvn clean package -Pdist
> > -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> > -Dmaven.wagon.http.ssl.insecure=true
> > -Dmaven.wagon.http.ssl.allowall=true
> >
> > - started Atlas and ran quickstart script to preload sample types and
> > entities
> > - validated relation search, basic and advanced search
> >
> > P.S. Recently I upgraded my mac to ventura and I'm not sure if these
> > issues are due to the upgrade. If someone else has a similar mac
> > version and it works for them then we are good to proceed.
> > Please check once if the signature is correct or else I will debug
> > further at my end.
> >
> > Thanks,
> > Sid
> >
> >
> >
> > On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <sa...@apache.org>
> > wrote:
> > >
> > > Thank you Madhan for the release candidate.
> > >
> > > +1 for Apache Atlas 2.3.0 release candidate #1
> > >
> > > validated the following:
> > > - Able to download source, signature, md5 and sha512 files and verified
> > > checksum hash
> > > - validated signature of source from release manager (Madhan Neethiraj <
> > > madhan@apache.org>)
> > > - Build the source successfully using embedded-hbase-solr profile
> > > - started Atlas and ran quickstart script to preload sample types and
> > > entities
> > > - validated relation search, basic and advanced search
> > >
> > > Thanks,
> > > Sarath
> > >
> > >
> > >
> > >
> > >
> > > On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <ma...@apache.org>
> > wrote:
> > >
> > > > Atlas team,
> > > >
> > > >
> > > >
> > > > Apache Atlas 2.3.0 release candidate #1 is now available for a vote
> > within
> > > > dev community. Links to the release artifacts are given below. Please
> > > > review and vote.
> > > >
> > > >
> > > >
> > > > The vote will be open for at least 72 hours or until necessary votes
> > are
> > > > reached.
> > > >
> > > > [ ] +1 approve
> > > >
> > > > [ ] +0 no opinion
> > > >
> > > > [ ] -1 disapprove (and reason why)
> > > >
> > > >
> > > >
> > > > Thanks,
> > > >
> > > > Madhan
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > List of issues addressed in this release:
> > > >
> > https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> > > >
> > > >
> > > >
> > > > Git tag for the release:
> > > > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> > > >
> > > > Sources for the release:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> > > >
> > > >
> > > >
> > > > Source release verification:
> > > >
> > > > PGP Signature:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> > > >
> > > > MD5 Hash:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> > > >
> > > > SHA512 Hash:
> > > >
> > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> > > >
> > > >
> > > >
> > > > Keys to verify the signature of the release artifacts are available at:
> > > > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > > >
> > > >
> >
Re: [VOTE] Release Apache Atlas 2.3.0 rc1
Posted by Sarath Subramanian <sa...@apache.org>.
Sid,
I followed the below steps to verify signature. I'm running on Mac OS
Monterey.
wget https://dist.apache.org/repos/dist/dev/atlas/KEYS
> gpg --import KEYS
> gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> apache-atlas-2.3.0-sources.tar.gz
>
Thanks,
Sarath
On Wed, Nov 30, 2022 at 11:50 PM Sidharth Mishra <si...@apache.org>
wrote:
> Thank you Madhan for the release candidate.
>
> Validated the following and faced some issues as mentioned below:
>
> - Able to download source, signature, md5 and sha512 files and verify
> the checksum hash
> - I am not able to verify the signature of the source. Steps I followed:
> curl -O https://downloads.apache.org/atlas/KEYS
> gpg --import KEYS
> gpg --list-sigs madhan # Gives the correct output
> pub rsa4096 2020-06-10 [SC] [expires: 2024-06-09]
> 1B6007E9CDEC4913DFB5031B630E02BA8823016D
> uid [ unknown] Madhan Neethiraj <
> madhan@apache.org>
> sig 3 630E02BA8823016D 2020-06-10
> Madhan Neethiraj <ma...@apache.org>
> sub rsa4096 2020-06-10 [E] [expires: 2024-06-09]
> sig 630E02BA8823016D 2020-06-10 Madhan
> Neethiraj <ma...@apache.org>
>
> pub rsa2048 2014-11-10 [SC] [expired: 2018-11-10]
> 4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A
> uid [ expired] Madhan Neethiraj <
> madhan@apache.org>
> sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan
> Neethiraj <ma...@apache.org>
> sig 9C0596B11E19B762 2014-11-10 [User ID not
> found]
> sig 2C1CD6311ED05C4A 2016-02-16 [User ID not
> found]
> sig 3 X EB4200BBD4393DE8 2016-04-30 [User ID not
> found]
>
> gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc
> apache-atlas-2.3.0-sources.tar.gz
> gpg: Signature made Mon Nov 28 13:14:22 2022 PST
> gpg: using RSA key FED467D3B01179D4
> gpg: Can't check signature: No public key
>
> # Even tried this and no help as it didn't download any keys
> gpg --keyserver
> https://dist.apache.org/repos/dist/release/atlas/KEYS --recv-keys
> FED467D3B01179D4
>
> - Build failed for the source using embedded-hbase-solr profile -
>
> [ERROR] Failed to execute goal on project atlas-testtools: Could not
> resolve dependencies for project
> org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect
> dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 ->
> org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact
> descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not
> transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to
> maven-restlet (https://maven.restlet.com): transfer failed for
>
> https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom
> :
> sun.security.validator.ValidatorException: PKIX path validation
> failed: java.security.cert.CertPathValidatorException: validity check
> failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1]
> [ERROR]
> [ERROR] To see the full stack trace of the errors, re-run Maven with
> the -e switch.
> [ERROR] Re-run Maven using the -X switch to enable full debug logging.
> [ERROR]
> [ERROR] For more information about the errors and possible
> solutions, please read the following articles:
> [ERROR] [Help 1]
>
> http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException
> [ERROR]
> [ERROR] After correcting the problems, you can resume the build with
> the command
> [ERROR] mvn <args> -rf :atlas-testtools
>
> By running the below command the above issue was resolved as it
> ignored all ssl verifications (Similar issue -
>
> https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval
> ):
> ln -s /usr/local/bin/python3 /usr/local/bin/python # As by
> default python3 gets installed when we upgrade to mac ventura and no
> python symlink
> mvn clean install
> -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> -Dmaven.wagon.http.ssl.insecure=true
> -Dmaven.wagon.http.ssl.allowall=true
> mvn clean package -Pdist
> -Dmaven.wagon.http.ssl.ignore.validity.dates=true
> -Dmaven.wagon.http.ssl.insecure=true
> -Dmaven.wagon.http.ssl.allowall=true
>
> - started Atlas and ran quickstart script to preload sample types and
> entities
> - validated relation search, basic and advanced search
>
> P.S. Recently I upgraded my mac to ventura and I'm not sure if these
> issues are due to the upgrade. If someone else has a similar mac
> version and it works for them then we are good to proceed.
> Please check once if the signature is correct or else I will debug
> further at my end.
>
> Thanks,
> Sid
>
>
>
> On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian <sa...@apache.org>
> wrote:
> >
> > Thank you Madhan for the release candidate.
> >
> > +1 for Apache Atlas 2.3.0 release candidate #1
> >
> > validated the following:
> > - Able to download source, signature, md5 and sha512 files and verified
> > checksum hash
> > - validated signature of source from release manager (Madhan Neethiraj <
> > madhan@apache.org>)
> > - Build the source successfully using embedded-hbase-solr profile
> > - started Atlas and ran quickstart script to preload sample types and
> > entities
> > - validated relation search, basic and advanced search
> >
> > Thanks,
> > Sarath
> >
> >
> >
> >
> >
> > On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj <ma...@apache.org>
> wrote:
> >
> > > Atlas team,
> > >
> > >
> > >
> > > Apache Atlas 2.3.0 release candidate #1 is now available for a vote
> within
> > > dev community. Links to the release artifacts are given below. Please
> > > review and vote.
> > >
> > >
> > >
> > > The vote will be open for at least 72 hours or until necessary votes
> are
> > > reached.
> > >
> > > [ ] +1 approve
> > >
> > > [ ] +0 no opinion
> > >
> > > [ ] -1 disapprove (and reason why)
> > >
> > >
> > >
> > > Thanks,
> > >
> > > Madhan
> > >
> > >
> > >
> > >
> > >
> > > List of issues addressed in this release:
> > >
> https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC
> > >
> > >
> > >
> > > Git tag for the release:
> > > https://github.com/apache/atlas/tree/release-2.3.0-rc1
> > >
> > > Sources for the release:
> > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz
> > >
> > >
> > >
> > > Source release verification:
> > >
> > > PGP Signature:
> > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc
> > >
> > > MD5 Hash:
> > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5
> > >
> > > SHA512 Hash:
> > >
> https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512
> > >
> > >
> > >
> > > Keys to verify the signature of the release artifacts are available at:
> > > https://dist.apache.org/repos/dist/dev/atlas/KEYS
> > >
> > >
>