Prerequisite for Mac
Code Block language bash brew install wget brew install gpg
Set environment variables for version & release candidate number.
Code Block language bash VERSION=0.212.0 RC=0
Download the release candidate tarballs and open the directory for the corresponding release candidate (e.g., https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-0.212.0-rc0)
Code Block language bash mkdir rc-test cd rc-test wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}$VERSION-rc$RC/apache-pinot-incubating$VERSION-${VERSION}-src.tar.gz wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}$VERSION-rc$RC/apache-pinot-incubating$VERSION-${VERSION}-src.tar.gz.asc wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}$VERSION-rc$RC/apache-pinot-incubating-${VERSION}$VERSION-src.tar.gz.sha512 wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}$VERSION-rc$RC/apache-pinot-incubating$VERSION-${VERSION}-bin.tar.gz wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}$VERSION-rc$RC/apache-pinot-incubating-${VERSION}$VERSION-bin.tar.gz.asc wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}$VERSION-rc$RC/apache-pinot-incubating$VERSION-${VERSION}-bin.tar.gz.sha512
- Verify bundle name, signature & SHA512 hash
- Verify if the bundle contains "incubating" in name (e.g. apache-pinot-incubating-x.x.x-src.tar.gz)
Import public keys from Pinot release managers (need to do onceif gpg complains that there is no public key)
Code Block language bash wget https://dist.apache.org/repos/dist/release/incubator/pinot/KEYS gpg --import KEYS
Verify the signature (Note: You may see a WARNING that the key is not certified with a trusted signature. That is fine. See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key. Also, see https://gpgtools.tenderapp.com/kb/how-to/trusting-keys-and-why-this-signature-is-not-to-be-trusted#this-signature-is-not-to-be-trusted. In order not to see the warning message, you can edit the key in your local environment (see https://www.gnupg.org/gph/en/manual/x334.html)
Code Block language bash gpg --verify apache-pinot-incubating-${VERSION}-bin.tar.gz.asc gpg --verify apache-pinot-incubating-${VERSION}-src.tar.gz.asc # Expected output # gpg: assuming signed data in 'apache-pinot-incubating-x.x.x-bin.tar.gz' # gpg: Signature made MonTue FebAug 1110 13:2347:4008 20192021 PSTPDT # gpg: using RSA key FD534854D542FD474278B85344BA03AD164D961B6117BAEB7199AF89 # gpg: Good signature from "Seunghyun Lee <snlee@apache.org>" [ultimate]unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: DDB6 EBD1 C9E6 ACB0 3DAF 3B44 6117 BAEB 7199 AF89 ### Please note that sometimes "KEYS" file shows the short key. The example is the following: -----END PGP PUBLIC KEY BLOCK----- pub 4096R/7199AF89 2021-05-10 uid Seunghyun Lee <snlee@apache.org> sig 3 7199AF89 2021-05-10 Seunghyun Lee <snlee@apache.org> sub 4096R/F306596D 2021-05-10 sig 7199AF89 2021-05-10 Seunghyun Lee <snlee@apache.org> -----BEGIN PGP PUBLIC KEY BLOCK----- # KEYS file indicates "7199AF89" as the key while the pgp verify command shows the full key "6117BAEB7199AF89" # In this case, please do check the last 8 digits and see if they do match.
Verify hashes
Code Block language bash # Compare the output with *.tar.gz.sha512 file shasum -a 512 apache-pinot-incubating-${VERSION}-bin.tar.gz cat apache-pinot-incubating-${VERSION}-bin.tar.gz.sha512 shasum -a 512 apache-pinot-incubating-${VERSION}-src.tar.gz cat apache-pinot-incubating-${VERSION}-src.tar.gz.sha512
Open a directory for the corresponding release candidate and untar the tarball.
Code Block language bash tar -xzvf apache-pinot-incubating-${VERSION}-src.tar.gz tar -xzvf apache-pinot-incubating-${VERSION}-bin.tar.gz
- Verify git commit hash & tag
Checking if the git commit hash provided in voting mail matches with the commit hash from the actual tag & checking if the source release matches with the git tag
Code Block language bash git clone -b release-${VERSION}-rc${RC} --single-branch --depth 1 https://github.com/apache/incubator-pinot.git pinot-git-src cd pinot-git-src # Check git commit hash given here against the one given in the voting mail git log cd .. diff -r apache-pinot-incubating-${VERSION}-src pinot-git-src # Expected output is to only include lines starting with "Only in pinot-git-src..." # Only in pinot-git-src: .codecov_bash # Only in pinot-git-src: .codecov.yml # ...
- Verify DISCLAIMER, LICENSE, and NOTICE files are present in the extracted bundle.
Verify if the source distribution can compile
Warning You must build and run with JDK 11+
Code Block language bash cd apache-pinot-incubating-${VERSION}-src # Build Pinot (This will run license check, compilation, andbut not tests. Running tests will take an hour or more, so the use ofa few hours, you can enable it by removing -DskipTests may helpoption) mvn clean install -Pbin-dist -DskipTests -T1C # Run Quick Demo cd pinot-distribution/target/apache-pinot-incubating-${VERSION}-bin/apache-pinot-incubating-${VERSION}-bin bin/quick-start-offlinebatch.sh # At this point, open a web browser and go to http://localhost:9000/query and try to run some queries
Verify if the binary distribution are is working well with the Quick Demo
Code Block language bash # Run Quick Demo cd apache-pinot-incubating-${VERSION}-bin bin/quick-start-offlinebatch.sh # At this point, open a web browser and go to http://localhost:9000/query and try to run some queries
Checklist
- Verify if the bundle contains "incubating" in nameVerify signature, hash
- Verify if the released source matches with the provided git tag & hash
- Verify if DISCLAIMER, LICENSE, NOTICE files are present
- Check if the source distribution can compile (Do not skip the tests)
- Run quick demo from both source and binary distributions
...