You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 40 Next »

  1. Prerequisite for Mac

    brew install wget
brew install gpg

  2. Set environment variables for version & release candidate number.

    VERSION=0.2.0
RC=0

  3. Download the release candidate tarballs and open the directory for the corresponding release candidate (e.g. https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-0.2.0-rc0)

    mkdir rc-test
cd rc-test
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}/apache-pinot-incubating-${VERSION}-src.tar.gz
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}/apache-pinot-incubating-${VERSION}-src.tar.gz.asc
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}/apache-pinot-incubating-${VERSION}-src.tar.gz.sha512
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}/apache-pinot-incubating-${VERSION}-bin.tar.gz
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}/apache-pinot-incubating-${VERSION}-bin.tar.gz.asc
wget https://dist.apache.org/repos/dist/dev/incubator/pinot/apache-pinot-incubating-${VERSION}-rc${RC}/apache-pinot-incubating-${VERSION}-bin.tar.gz.sha512
  4. Verify bundle name, signature & SHA512 hash
    1. Verify if the bundle contains "incubating" in name (e.g. apache-pinot-incubating-x.x.x-src.tar.gz)

    2. Import public keys from Pinot release managers (need to do once)

      wget https://dist.apache.org/repos/dist/release/incubator/pinot/KEYS
gpg --import KEYS

    1. Verify the signature (Note: You may see a WARNING that the key is not certified with a trusted signature. That is fine. See https://serverfault.com/questions/569911/how-to-verify-an-imported-gpg-key. Also see https://gpgtools.tenderapp.com/kb/how-to/trusting-keys-and-why-this-signature-is-not-to-be-trusted#this-signature-is-not-to-be-trusted.  In order not to see the warning message, you can edit the key in your local environment (see https://www.gnupg.org/gph/en/manual/x334.html)

      gpg --verify apache-pinot-incubating-${VERSION}-bin.tar.gz.asc
gpg --verify apache-pinot-incubating-${VERSION}-src.tar.gz.asc

# Expected output
# gpg: assuming signed data in 'apache-pinot-incubating-x.x.x-bin.tar.gz'
# gpg: Signature made Mon Feb 11 13:23:40 2019 PST
# gpg: using RSA key FD534854D542FD474278B85344BA03AD164D961B
# gpg: Good signature from "Seunghyun Lee <snlee@apache.org>" [ultimate]

    2. Verify hashes

      # Compare the output with *.tar.gz.sha512 file
shasum -a 512 apache-pinot-incubating-${VERSION}-bin.tar.gz
cat apache-pinot-incubating-${VERSION}-bin.tar.gz.sha512

shasum -a 512 apache-pinot-incubating-${VERSION}-src.tar.gz
cat apache-pinot-incubating-${VERSION}-src.tar.gz.sha512

  5. Open a directory for the corresponding release candidate and untar the tarball

    tar -xzvf apache-pinot-incubating-${VERSION}-src.tar.gz
tar -xzvf apache-pinot-incubating-${VERSION}-bin.tar.gz

  6. Verify git commit hash & tag 

    1. Checking if git commit hash provided in voting mail matches with the commit hash from the actual tag & checking if the source release matches with the git tag

      git clone -b release-${VERSION}-rc${RC} --single-branch --depth 1 https://github.com/apache/incubator-pinot.git pinot-git-src  
cd pinot-git-src

# Check git commit hash given here against the one given in the voting mail
git log
cd ..
diff -r apache-pinot-incubating-${VERSION}-src pinot-git-src

# Expected output is to only include lines starting with "Only in pinot-git-src..."
# Only in pinot-git-src: .codecov_bash
# Only in pinot-git-src: .codecov.yml
# ...

  7. Verify DISCLAIMER, LICENSE, NOTICE files are present in the extracted bundle.

  8. Verify if the source distribution can compile

    cd apache-pinot-incubating-${VERSION}-src

# Build Pinot (This will run license check, compilation, and tests. Running tests will take an hour or more, so the use of -DskipTests may help)
mvn clean install -Pbin-dist

# Run Quick Demo
cd pinot-distribution/target/apache-pinot-incubating-${VERSION}-bin/apache-pinot-incubating-${VERSION}-bin
bin/quick-start-offline.sh

# At this point, open a web browser and go to http://localhost:9000/query and try to run some queries

  9. Verify if binary distribution are working well with the Quick Demo

    # Run Quick Demo
cd apache-pinot-incubating-${VERSION}-bin
bin/quick-start-offline.sh

# At this point, open a web browser and go to http://localhost:9000/query and try to run some queries

Checklist

  1. Verify if the bundle contains "incubating" in name
  2. Verify signature, hash
  3. Verify if the released source matches with the provided git tag & hash
  4. Verify if DISCLAIMER, LICENSE, NOTICE files are present
  5. Check if the source distribution can compile (Do not skip the tests)
  6. Run quick demo from both source and binary distributions

For the official incubator release checklist, please refer to https://wiki.apache.org/incubator/IncubatorReleaseChecklist


  • No labels