Versions Compared

Old Version 43

changes.mady.by.user Xiang Fu

Saved on

compared with

New Version 44

changes.mady.by.user Xiang Fu

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

  1. Prerequisite for Mac

    Code Block
    languagebash
    brew install wget
brew install gpg


  2. Set environment variables for version & release candidate number.

    Code Block
    languagebash
    VERSION=0.3.0
RC=1


  3. Download the release candidate tarballs and open the directory for the corresponding release candidate (e.g.https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-0.3.0-rc1)

    Code Block
    languagebash
    mkdir rc-test
cd rc-test
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-$VERSION-rc$RC/apache-pinot-incubating-$VERSION-src.tar.gz
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-$VERSION-rc$RC/apache-pinot-incubating-$VERSION-src.tar.gz.asc
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-$VERSION-rc$RC/apache-pinot-incubating-$VERSION-src.tar.gz.sha512
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-$VERSION-rc$RC/apache-pinot-incubating-$VERSION-bin.tar.gz
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-$VERSION-rc$RC/apache-pinot-incubating-$VERSION-bin.tar.gz.asc
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-$VERSION-rc$RC/apache-pinot-incubating-$VERSION-bin.tar.gz.sha512


  4. Verify bundle name, signature & SHA512 hash
    1. Verify if the bundle contains "incubating" in the name (e.g., apache-pinot-incubating-x.x.x-src.tar.gz)

    2. Import public keys from Pinot release managers (need to do once)

      Code Block
      languagebash
      wget https://dist.apache.org/repos/dist/release/incubator/pinot/KEYS
gpg --import KEYS

    1. Verify the signature (Note: You may see a WARNING that the key is not certified with a trusted signature. That is fine. See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key. Also, see https://gpgtools.tenderapp.com/kb/how-to/trusting-keys-and-why-this-signature-is-not-to-be-trusted#this-signature-is-not-to-be-trusted.  In order not to see the warning message, you can edit the key in your local environment (see https://www.gnupg.org/gph/en/manual/x334.html)

      Code Block
      languagebash
      gpg --verify apache-pinot-incubating-${VERSION}-bin.tar.gz.asc
gpg --verify apache-pinot-incubating-${VERSION}-src.tar.gz.asc

# Expected output
# gpg: assuming signed data in 'apache-pinot-incubating-x.x.x-bin.tar.gz'
# gpg: Signature made Mon Feb 11 13:23:40 2019 PST
# gpg: using RSA key FD534854D542FD474278B85344BA03AD164D961B
# gpg: Good signature from "Seunghyun Lee <snlee@apache.org>" [ultimate]

    2. Verify hashes

      Code Block
      languagebash
      # Compare the output with *.tar.gz.sha512 file
shasum -a 512 apache-pinot-incubating-${VERSION}-bin.tar.gz
cat apache-pinot-incubating-${VERSION}-bin.tar.gz.sha512

shasum -a 512 apache-pinot-incubating-${VERSION}-src.tar.gz
cat apache-pinot-incubating-${VERSION}-src.tar.gz.sha512

  5. Open a directory for the corresponding release candidate and untar the tarball.

    Code Block
    languagebash
    tar -xzvf apache-pinot-incubating-${VERSION}-src.tar.gz
tar -xzvf apache-pinot-incubating-${VERSION}-bin.tar.gz

  6. Verify git commit hash & tag 

    1. Checking if the git commit hash provided in voting mail matches with the commit hash from the actual tag & checking if the source release matches with the git tag

      Code Block
      languagebash
      git clone -b release-${VERSION}-rc${RC} --single-branch --depth 1 https://github.com/apache/incubator-pinot.git pinot-git-src  
cd pinot-git-src

# Check git commit hash given here against the one given in the voting mail
git log
cd ..
diff -r apache-pinot-incubating-${VERSION}-src pinot-git-src

# Expected output is to only include lines starting with "Only in pinot-git-src..."
# Only in pinot-git-src: .codecov_bash
# Only in pinot-git-src: .codecov.yml
# ...

  7. Verify DISCLAIMER, LICENSE, and NOTICE files are present in the extracted bundle.

  8. Verify if the source distribution can compile

    Warning

    You must release with JDK 8


    Code Block
    languagebash
    cd apache-pinot-incubating-${VERSION}-src

# Build Pinot (This will run license check, compilation, and tests. Running tests will take an hour or more, so the use of -DskipTests may help)
mvn clean install -Pbin-dist

# Run Quick Demo
cd pinot-distribution/target/apache-pinot-incubating-${VERSION}-bin/apache-pinot-incubating-${VERSION}-bin
bin/quick-start-batch.sh

# At this point, open a web browser and go to http://localhost:9000/query and try to run some queries

  9. Verify if the binary distribution are is working well with the Quick Demo

    Code Block
    languagebash
    # Run Quick Demo
cd apache-pinot-incubating-${VERSION}-bin
bin/quick-start-batch.sh

# At this point, open a web browser and go to http://localhost:9000/query and try to run some queries

...

  1. Verify if the bundle contains "incubating" in the name
  2. Verify signature, hash
  3. Verify if the released source matches with the provided git tag & hash
  4. Verify if DISCLAIMER, LICENSE, NOTICE files are present
  5. Check if the source distribution can compile (Do not skip the tests)
  6. Run quick demo from both source and binary distributions

...