Hi, just for info I just pinged the people managing the restlet maven repository. I hope this will get fixed soon.
On Fri, Dec 2, 2022 at 1:05 AM Sidharth Mishra <[email protected]> wrote: > Sure. In that case +1 for Apache Atlas 2.3.0 release candidate #1 > > Thanks, > Sid > > On Thu, Dec 1, 2022 at 1:31 PM Madhan Neethiraj <[email protected]> wrote: > > > > Sid, > > > > I see that the certificate in https://maven.restlet.com expired 19 days > back. I guess this issue wouldn't be impact folks who have .m2 cache > populated with org.restlet artifacts earlier (than the certificate expiry). > Until this certificate is renewed, you can use the flags to build Atlas. > > > > Thanks, > > Madhan > > > > > > > > On 12/1/22, 12:53 PM, "Sidharth Mishra" <[email protected]> wrote: > > > > Thanks Madhan and Sarath. I tried the below and the signature > > verification worked with warning as shown below: > > curl -O https://dist.apache.org/repos/dist/dev/atlas/KEYS > > gpg --import KEYS > > gpg --list madhan # Checked it has FED467D3B01179D4 > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc > > apache-atlas-2.3.0-sources.tar.gz > > gpg: Signature made Mon Nov 28 13:14:22 2022 PST > > gpg: using RSA key FED467D3B01179D4 > > gpg: Good signature from "Madhan Neethiraj <[email protected]>" > [unknown] > > gpg: WARNING: This key is not certified with a trusted > signature! > > gpg: There is no indication that the signature > belongs > > to the owner. > > Primary key fingerprint: 0524 DD1F 7940 6654 6D61 0744 FED4 > > 67D3 B011 79D4 > > > > Still I am getting below error when I run maven clean install. Adding > > the -Dmaven.wagon.http.ssl.ignore.validity.dates=true > > -Dmaven.wagon.http.ssl.insecure=true > > -Dmaven.wagon.http.ssl.allowall=true is ignoring this issue. Do you > > have any ideas on this? > > > > [ERROR] Failed to execute goal on project atlas-testtools: > > Could not resolve dependencies for project > > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect > > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 -> > > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact > > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not > > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to > > maven-restlet (https://maven.restlet.com): transfer failed for > > > https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom > : > > sun.security.validator.ValidatorException: PKIX path validation > > failed: java.security.cert.CertPathValidatorException: validity check > > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1] > > > > Thanks, > > Sid > > > > On Thu, Dec 1, 2022 at 10:04 AM Sarath Subramanian < > [email protected]> wrote: > > > > > > Sid, > > > > > > I followed the below steps to verify signature. I'm running on Mac > OS > > > Monterey. > > > > > > wget https://dist.apache.org/repos/dist/dev/atlas/KEYS > > > > gpg --import KEYS > > > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc > > > > apache-atlas-2.3.0-sources.tar.gz > > > > > > > > > > Thanks, > > > Sarath > > > > > > On Wed, Nov 30, 2022 at 11:50 PM Sidharth Mishra < > [email protected]> > > > wrote: > > > > > > > Thank you Madhan for the release candidate. > > > > > > > > Validated the following and faced some issues as mentioned below: > > > > > > > > - Able to download source, signature, md5 and sha512 files and > verify > > > > the checksum hash > > > > - I am not able to verify the signature of the source. Steps I > followed: > > > > curl -O https://downloads.apache.org/atlas/KEYS > > > > gpg --import KEYS > > > > gpg --list-sigs madhan # Gives the correct output > > > > pub rsa4096 2020-06-10 [SC] [expires: > 2024-06-09] > > > > 1B6007E9CDEC4913DFB5031B630E02BA8823016D > > > > uid [ unknown] Madhan Neethiraj < > > > > [email protected]> > > > > sig 3 630E02BA8823016D 2020-06-10 > > > > Madhan Neethiraj <[email protected]> > > > > sub rsa4096 2020-06-10 [E] [expires: 2024-06-09] > > > > sig 630E02BA8823016D 2020-06-10 Madhan > > > > Neethiraj <[email protected]> > > > > > > > > pub rsa2048 2014-11-10 [SC] [expired: > 2018-11-10] > > > > 4BDEE6708B5F5216CF0BA42754EA1B4FFA03B08A > > > > uid [ expired] Madhan Neethiraj < > > > > [email protected]> > > > > sig 3 54EA1B4FFA03B08A 2014-11-10 Madhan > > > > Neethiraj <[email protected]> > > > > sig 9C0596B11E19B762 2014-11-10 [User > ID not > > > > found] > > > > sig 2C1CD6311ED05C4A 2016-02-16 [User > ID not > > > > found] > > > > sig 3 X EB4200BBD4393DE8 2016-04-30 [User > ID not > > > > found] > > > > > > > > gpg --verify apache-atlas-2.3.0-sources.tar.gz.asc > > > > apache-atlas-2.3.0-sources.tar.gz > > > > gpg: Signature made Mon Nov 28 13:14:22 2022 PST > > > > gpg: using RSA key FED467D3B01179D4 > > > > gpg: Can't check signature: No public key > > > > > > > > # Even tried this and no help as it didn't download any keys > > > > gpg --keyserver > > > > https://dist.apache.org/repos/dist/release/atlas/KEYS > --recv-keys > > > > FED467D3B01179D4 > > > > > > > > - Build failed for the source using embedded-hbase-solr profile - > > > > > > > > [ERROR] Failed to execute goal on project atlas-testtools: > Could not > > > > resolve dependencies for project > > > > org.apache.atlas:atlas-testtools:jar:2.3.0: Failed to collect > > > > dependencies at org.apache.solr:solr-test-framework:jar:8.6.3 -> > > > > org.restlet.jee:org.restlet:jar:2.4.3: Failed to read artifact > > > > descriptor for org.restlet.jee:org.restlet:jar:2.4.3: Could not > > > > transfer artifact org.restlet.jee:org.restlet:pom:2.4.3 from/to > > > > maven-restlet (https://maven.restlet.com): transfer failed for > > > > > > > > > https://maven.restlet.com/org/restlet/jee/org.restlet/2.4.3/org.restlet-2.4.3.pom > > > > : > > > > sun.security.validator.ValidatorException: PKIX path validation > > > > failed: java.security.cert.CertPathValidatorException: validity > check > > > > failed: NotAfter: Sun Nov 13 09:05:56 PST 2022 -> [Help 1] > > > > [ERROR] > > > > [ERROR] To see the full stack trace of the errors, re-run > Maven with > > > > the -e switch. > > > > [ERROR] Re-run Maven using the -X switch to enable full debug > logging. > > > > [ERROR] > > > > [ERROR] For more information about the errors and possible > > > > solutions, please read the following articles: > > > > [ERROR] [Help 1] > > > > > > > > > http://cwiki.apache.org/confluence/display/MAVEN/DependencyResolutionException > > > > [ERROR] > > > > [ERROR] After correcting the problems, you can resume the > build with > > > > the command > > > > [ERROR] mvn <args> -rf :atlas-testtools > > > > > > > > By running the below command the above issue was resolved as > it > > > > ignored all ssl verifications (Similar issue - > > > > > > > > > https://stackoverflow.com/questions/68199459/maven-build-failed-pkix-path-validation-failed-java-security-cert-certpathval > > > > ): > > > > ln -s /usr/local/bin/python3 /usr/local/bin/python # As by > > > > default python3 gets installed when we upgrade to mac ventura > and no > > > > python symlink > > > > mvn clean install > > > > -Dmaven.wagon.http.ssl.ignore.validity.dates=true > > > > -Dmaven.wagon.http.ssl.insecure=true > > > > -Dmaven.wagon.http.ssl.allowall=true > > > > mvn clean package -Pdist > > > > -Dmaven.wagon.http.ssl.ignore.validity.dates=true > > > > -Dmaven.wagon.http.ssl.insecure=true > > > > -Dmaven.wagon.http.ssl.allowall=true > > > > > > > > - started Atlas and ran quickstart script to preload sample > types and > > > > entities > > > > - validated relation search, basic and advanced search > > > > > > > > P.S. Recently I upgraded my mac to ventura and I'm not sure if > these > > > > issues are due to the upgrade. If someone else has a similar mac > > > > version and it works for them then we are good to proceed. > > > > Please check once if the signature is correct or else I will > debug > > > > further at my end. > > > > > > > > Thanks, > > > > Sid > > > > > > > > > > > > > > > > On Tue, Nov 29, 2022 at 10:17 PM Sarath Subramanian < > [email protected]> > > > > wrote: > > > > > > > > > > Thank you Madhan for the release candidate. > > > > > > > > > > +1 for Apache Atlas 2.3.0 release candidate #1 > > > > > > > > > > validated the following: > > > > > - Able to download source, signature, md5 and sha512 files and > verified > > > > > checksum hash > > > > > - validated signature of source from release manager (Madhan > Neethiraj < > > > > > [email protected]>) > > > > > - Build the source successfully using embedded-hbase-solr > profile > > > > > - started Atlas and ran quickstart script to preload sample > types and > > > > > entities > > > > > - validated relation search, basic and advanced search > > > > > > > > > > Thanks, > > > > > Sarath > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Mon, Nov 28, 2022 at 1:50 PM Madhan Neethiraj < > [email protected]> > > > > wrote: > > > > > > > > > > > Atlas team, > > > > > > > > > > > > > > > > > > > > > > > > Apache Atlas 2.3.0 release candidate #1 is now available for > a vote > > > > within > > > > > > dev community. Links to the release artifacts are given > below. Please > > > > > > review and vote. > > > > > > > > > > > > > > > > > > > > > > > > The vote will be open for at least 72 hours or until > necessary votes > > > > are > > > > > > reached. > > > > > > > > > > > > [ ] +1 approve > > > > > > > > > > > > [ ] +0 no opinion > > > > > > > > > > > > [ ] -1 disapprove (and reason why) > > > > > > > > > > > > > > > > > > > > > > > > Thanks, > > > > > > > > > > > > Madhan > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > List of issues addressed in this release: > > > > > > > > > > > https://issues.apache.org/jira/issues/?jql=project%20%3D%20Atlas%20AND%20fixVersion%20%3D%202.3.0%20ORDER%20BY%20key%20DESC > > > > > > > > > > > > > > > > > > > > > > > > Git tag for the release: > > > > > > https://github.com/apache/atlas/tree/release-2.3.0-rc1 > > > > > > > > > > > > Sources for the release: > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz > > > > > > > > > > > > > > > > > > > > > > > > Source release verification: > > > > > > > > > > > > PGP Signature: > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.asc > > > > > > > > > > > > MD5 Hash: > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.md5 > > > > > > > > > > > > SHA512 Hash: > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/atlas/2.3.0-rc1/apache-atlas-2.3.0-sources.tar.gz.sha512 > > > > > > > > > > > > > > > > > > > > > > > > Keys to verify the signature of the release artifacts are > available at: > > > > > > https://dist.apache.org/repos/dist/dev/atlas/KEYS > > > > > > > > > > > > > > > > > > > > >
