Hello Apache NiFi community, Please find the associated guidance to help those interested in validating/verifying the release so they can vote.
# Download latest KEYS file: https://dist.apache.org/repos/dist/dev/nifi/KEYS <https://dist.apache.org/repos/dist/dev/nifi/KEYS> # Import keys file: gpg --import KEYS # [optional] Clear out local maven artifact repository # Pull down minifi-0.3.0 source release artifacts for review: wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip <https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip> wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.asc <https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.asc> wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.md5 <https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.md5> wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.sha1 <https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.sha1> wget https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.sha256 <https://dist.apache.org/repos/dist/dev/nifi/nifi-minifi/0.3.0/minifi-0.3.0-source-release.zip.sha256> # Verify the signature gpg --verify minifi-0.3.0-source-release.zip.asc # Verify the hashes (md5, sha1, sha256) match the source and what was provided in the vote email thread md5sum minifi-0.3.0-source-release.zip sha1sum minifi-0.3.0-source-release.zip sha256sum minifi-0.3.0-source-release.zip # Unzip minifi-0.3.0-source-release.zip # Verify the build works including release audit tool (RAT) checks cd minifi-0.3.0 mvn clean install -Pcontrib-check # Verify the contents contain a good README, NOTICE, and LICENSE. # Verify the git commit ID is correct # Verify the RC was branched off the correct git commit ID There are three convenience binaries generated as part of this process. The MiNiFi assembly, a MiNiFi Toolkit assembly, and a MiNiFi C2 Assembly. For the MiNiFi assembly: # Look at the resulting convenience binary as found in minifi-assembly/target # Make sure the README, NOTICE, and LICENSE are present and correct # Run the resulting convenience binary and make sure it works as expected For the MiNiFi Toolkit assembly: # Look at the resulting convenience binary as found in minifi-toolkit/minifi-toolkit-assembly/target # Make sure the README, NOTICE, and LICENSE are present and correct # Run the resulting convenience binary and make sure it works as expected For the MiNiFi C2 assembly: # Look at the resulting convenience binary as found in minifi-c2/minifi-c2-assembly/target # Make sure the README, NOTICE, and LICENSE are present and correct # Run the resulting convenience binary and make sure it works as expected # Send a response to the vote thread indicating a +1, 0, -1 based on your findings. Thank you for your time and effort to validate the release!
signature.asc
Description: Message signed with OpenPGP