...
Now, diff the NOTICE-binary file to make sure that it looks like we want, with no extra lines in place.
GPG Key Setup
It is strongly suggested that you read through this page first: https://www.apache.org/dev/release-signing.html
The release manager must hold a GPG key for signing the release artifacts. GPG key has to be associated with the apache email address. One can create the GPG by using the following cmd. Note that the key length should be 4096 bits. Please refer to the example below:
...
After you generate the GPG key, copy the key. "e.g. gpg: key 2C9B34D6A54AAFAE marked as ultimately trusted" (From here, I will use GPG_KEY to refer the key).
Make sure the key has a preference of SHA512. See https://www.apache.org/dev/openpgp.html#key-gen-avoid-sha1
| Code Block | ||
|---|---|---|
| ||
$ GPG_KEY=<your_gpg_key> # fill in your key |
...
Upload GPG public key to a public key server. Copy the following command's output to "Submit a key" box and click the submit button. http://pgp.mit.edu. You can also upload it to other sites (See https://www.apache.org/dev/release-signing.html#keyserver for some servers, and also a command-line way to send key to public servers)
Code Block language bash $ gpg --export --armor $GPG_KEY -----BEGIN PGP PUBLIC KEY BLOCK----- ... -----END PGP PUBLIC KEY BLOCK-----
Update key fingerprint at https://id.apache.org
Code Block language bash $ gpg --fingerprint $GPG_KEY
Copy the hex numbers (e.g. "0D9E 9997 4D5A 59F1 7183 362F 2C9B 34D6 A54A AFAE") to "OpenPGP Public Key Primary Fingerprint" box and submit the change.
Update KEYS file under pinot-release-dist
Code Block language bash $ cd pinot-release-dist # Append the public key to KEYS file gpg --list-sigs $GPG_KEY && gpg --armor --export $GPG_KEY >> KEYS # Commit the change svn commit -m "Update Pinot KEYS file for $GPG_KEY"
...