Re: [VOTE] Release flink-connector-jdbc, release candidate #3
Thanks all, this vote is now closed, I will announce the results on a separate thread! On Tue, Feb 20, 2024 at 3:26 PM Matthias Pohl wrote: > +1 (binding) > > * Downloaded artifacts > * Extracted sources and compiled them > * Checked diff of git tag checkout with downloaded sources > * Verified SHA512 & GPG checksums > * Checked that all POMs have the expected version > * Generated diffs to compare pom file changes with NOTICE files > > On Tue, Feb 20, 2024 at 11:23 AM Leonard Xu wrote: > > > Thanks Sergey for driving this release. > > > > +1 (binding) > > > > - verified signatures > > - verified hashsums > > - built from source code with Maven 3.8.1 and Scala 2.12 succeeded > > - checked Github release tag > > - checked release notes > > - reviewed all jira tickets has been resolved > > - reviewed the web PR and left one minor comment about backporting bugfix > > to main branch > > **Note** The release date in jira[1] need to be updated > > > > Best, > > Leonard > > [1] https://issues.apache.org/jira/projects/FLINK/versions/12354088 > > > > > > > 2024年2月20日 下午5:15,Sergey Nuyanzin 写道: > > > > > > +1 (non-binding) > > > > > > - Validated checksum hash > > > - Verified signature from another machine > > > - Checked that tag is present in Github > > > - Built the source > > > > > > On Tue, Feb 20, 2024 at 10:13 AM Sergey Nuyanzin > > > wrote: > > > > > >> Hi David > > >> thanks for checking and sorry for the late reply > > >> > > >> yep, that's ok this just means that you haven't signed my key which is > > ok > > >> (usually it could happen during virtual key signing parties) > > >> > > >> For release checking it is ok to check that the key which was used to > > sign > > >> the artifacts is included into Flink release KEYS file [1] > > >> > > >> [1] https://dist.apache.org/repos/dist/release/flink/KEYS > > >> > > >> On Thu, Feb 8, 2024 at 3:50 PM David Radley > > >> wrote: > > >> > > >>> Thanks Sergey, > > >>> > > >>> It looks better now. > > >>> > > >>> gpg --verify flink-connector-jdbc-3.1.2-1.18.jar.asc > > >>> > > >>> gpg: assuming signed data in 'flink-connector-jdbc-3.1.2-1.18.jar' > > >>> > > >>> gpg: Signature made Thu 1 Feb 10:54:45 2024 GMT > > >>> > > >>> gpg:using RSA key > > F7529FAE24811A5C0DF3CA741596BBF0726835D8 > > >>> > > >>> gpg: Good signature from "Sergey Nuyanzin (CODE SIGNING KEY) > > >>> snuyan...@apache.org<mailto:snuyan...@apache.org>" [unknown] > > >>> > > >>> gpg: aka "Sergey Nuyanzin (CODE SIGNING KEY) > > >>> snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] > > >>> > > >>> gpg: aka "Sergey Nuyanzin snuyan...@gmail.com > > >>> snuyan...@gmail.com>" [unknown] > > >>> > > >>> gpg: WARNING: This key is not certified with a trusted signature! > > >>> > > >>> gpg: There is no indication that the signature belongs to > the > > >>> owner. > > >>> > > >>> I assume the warning is ok, > > >>> Kind regards, David. > > >>> > > >>> From: Sergey Nuyanzin > > >>> Date: Thursday, 8 February 2024 at 14:39 > > >>> To: dev@flink.apache.org > > >>> Subject: [EXTERNAL] Re: FW: RE: [VOTE] Release flink-connector-jdbc, > > >>> release candidate #3 > > >>> Hi David > > >>> > > >>> it looks like in your case you don't specify the jar itself and > > probably > > >>> it > > >>> is not in current dir > > >>> so it should be something like that (assuming that both asc and jar > > file > > >>> are downloaded and are in current folder) > > >>> gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > > >>> flink-connector-jdbc-3.1.2-1.16.jar > > >>> > > >>> Here it is a more complete guide how to do it for Apache projects [1] > > >>> > > >>> [1] https://www.apache.org/info/verification.html#CheckingSignatures > >
Re: [VOTE] Release flink-connector-jdbc, release candidate #3
+1 (binding) * Downloaded artifacts * Extracted sources and compiled them * Checked diff of git tag checkout with downloaded sources * Verified SHA512 & GPG checksums * Checked that all POMs have the expected version * Generated diffs to compare pom file changes with NOTICE files On Tue, Feb 20, 2024 at 11:23 AM Leonard Xu wrote: > Thanks Sergey for driving this release. > > +1 (binding) > > - verified signatures > - verified hashsums > - built from source code with Maven 3.8.1 and Scala 2.12 succeeded > - checked Github release tag > - checked release notes > - reviewed all jira tickets has been resolved > - reviewed the web PR and left one minor comment about backporting bugfix > to main branch > **Note** The release date in jira[1] need to be updated > > Best, > Leonard > [1] https://issues.apache.org/jira/projects/FLINK/versions/12354088 > > > > 2024年2月20日 下午5:15,Sergey Nuyanzin 写道: > > > > +1 (non-binding) > > > > - Validated checksum hash > > - Verified signature from another machine > > - Checked that tag is present in Github > > - Built the source > > > > On Tue, Feb 20, 2024 at 10:13 AM Sergey Nuyanzin > > wrote: > > > >> Hi David > >> thanks for checking and sorry for the late reply > >> > >> yep, that's ok this just means that you haven't signed my key which is > ok > >> (usually it could happen during virtual key signing parties) > >> > >> For release checking it is ok to check that the key which was used to > sign > >> the artifacts is included into Flink release KEYS file [1] > >> > >> [1] https://dist.apache.org/repos/dist/release/flink/KEYS > >> > >> On Thu, Feb 8, 2024 at 3:50 PM David Radley > >> wrote: > >> > >>> Thanks Sergey, > >>> > >>> It looks better now. > >>> > >>> gpg --verify flink-connector-jdbc-3.1.2-1.18.jar.asc > >>> > >>> gpg: assuming signed data in 'flink-connector-jdbc-3.1.2-1.18.jar' > >>> > >>> gpg: Signature made Thu 1 Feb 10:54:45 2024 GMT > >>> > >>> gpg:using RSA key > F7529FAE24811A5C0DF3CA741596BBF0726835D8 > >>> > >>> gpg: Good signature from "Sergey Nuyanzin (CODE SIGNING KEY) > >>> snuyan...@apache.org<mailto:snuyan...@apache.org>" [unknown] > >>> > >>> gpg: aka "Sergey Nuyanzin (CODE SIGNING KEY) > >>> snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] > >>> > >>> gpg: aka "Sergey Nuyanzin snuyan...@gmail.com >>> snuyan...@gmail.com>" [unknown] > >>> > >>> gpg: WARNING: This key is not certified with a trusted signature! > >>> > >>> gpg: There is no indication that the signature belongs to the > >>> owner. > >>> > >>> I assume the warning is ok, > >>> Kind regards, David. > >>> > >>> From: Sergey Nuyanzin > >>> Date: Thursday, 8 February 2024 at 14:39 > >>> To: dev@flink.apache.org > >>> Subject: [EXTERNAL] Re: FW: RE: [VOTE] Release flink-connector-jdbc, > >>> release candidate #3 > >>> Hi David > >>> > >>> it looks like in your case you don't specify the jar itself and > probably > >>> it > >>> is not in current dir > >>> so it should be something like that (assuming that both asc and jar > file > >>> are downloaded and are in current folder) > >>> gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > >>> flink-connector-jdbc-3.1.2-1.16.jar > >>> > >>> Here it is a more complete guide how to do it for Apache projects [1] > >>> > >>> [1] https://www.apache.org/info/verification.html#CheckingSignatures > >>> > >>> On Thu, Feb 8, 2024 at 12:38 PM David Radley > >>> wrote: > >>> > >>>> Hi, > >>>> I was looking more at the asc files. I imported the keys and tried. > >>>> > >>>> > >>>> gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > >>>> > >>>> gpg: no signed data > >>>> > >>>> gpg: can't hash datafile: No data > >>>> > >>>> This seems to be the same for all the asc file. It does not look > right; > >>> am > >>>> I doing doing incorrect? >
Re: [VOTE] Release flink-connector-jdbc, release candidate #3
Thanks Sergey for driving this release. +1 (binding) - verified signatures - verified hashsums - built from source code with Maven 3.8.1 and Scala 2.12 succeeded - checked Github release tag - checked release notes - reviewed all jira tickets has been resolved - reviewed the web PR and left one minor comment about backporting bugfix to main branch **Note** The release date in jira[1] need to be updated Best, Leonard [1] https://issues.apache.org/jira/projects/FLINK/versions/12354088 > 2024年2月20日 下午5:15,Sergey Nuyanzin 写道: > > +1 (non-binding) > > - Validated checksum hash > - Verified signature from another machine > - Checked that tag is present in Github > - Built the source > > On Tue, Feb 20, 2024 at 10:13 AM Sergey Nuyanzin > wrote: > >> Hi David >> thanks for checking and sorry for the late reply >> >> yep, that's ok this just means that you haven't signed my key which is ok >> (usually it could happen during virtual key signing parties) >> >> For release checking it is ok to check that the key which was used to sign >> the artifacts is included into Flink release KEYS file [1] >> >> [1] https://dist.apache.org/repos/dist/release/flink/KEYS >> >> On Thu, Feb 8, 2024 at 3:50 PM David Radley >> wrote: >> >>> Thanks Sergey, >>> >>> It looks better now. >>> >>> gpg --verify flink-connector-jdbc-3.1.2-1.18.jar.asc >>> >>> gpg: assuming signed data in 'flink-connector-jdbc-3.1.2-1.18.jar' >>> >>> gpg: Signature made Thu 1 Feb 10:54:45 2024 GMT >>> >>> gpg:using RSA key F7529FAE24811A5C0DF3CA741596BBF0726835D8 >>> >>> gpg: Good signature from "Sergey Nuyanzin (CODE SIGNING KEY) >>> snuyan...@apache.org<mailto:snuyan...@apache.org>" [unknown] >>> >>> gpg: aka "Sergey Nuyanzin (CODE SIGNING KEY) >>> snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] >>> >>> gpg: aka "Sergey Nuyanzin snuyan...@gmail.com>> snuyan...@gmail.com>" [unknown] >>> >>> gpg: WARNING: This key is not certified with a trusted signature! >>> >>> gpg: There is no indication that the signature belongs to the >>> owner. >>> >>> I assume the warning is ok, >>> Kind regards, David. >>> >>> From: Sergey Nuyanzin >>> Date: Thursday, 8 February 2024 at 14:39 >>> To: dev@flink.apache.org >>> Subject: [EXTERNAL] Re: FW: RE: [VOTE] Release flink-connector-jdbc, >>> release candidate #3 >>> Hi David >>> >>> it looks like in your case you don't specify the jar itself and probably >>> it >>> is not in current dir >>> so it should be something like that (assuming that both asc and jar file >>> are downloaded and are in current folder) >>> gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc >>> flink-connector-jdbc-3.1.2-1.16.jar >>> >>> Here it is a more complete guide how to do it for Apache projects [1] >>> >>> [1] https://www.apache.org/info/verification.html#CheckingSignatures >>> >>> On Thu, Feb 8, 2024 at 12:38 PM David Radley >>> wrote: >>> >>>> Hi, >>>> I was looking more at the asc files. I imported the keys and tried. >>>> >>>> >>>> gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc >>>> >>>> gpg: no signed data >>>> >>>> gpg: can't hash datafile: No data >>>> >>>> This seems to be the same for all the asc file. It does not look right; >>> am >>>> I doing doing incorrect? >>>> Kind regards, David. >>>> >>>> >>>> From: David Radley >>>> Date: Thursday, 8 February 2024 at 10:46 >>>> To: dev@flink.apache.org >>>> Subject: [EXTERNAL] RE: [VOTE] Release flink-connector-jdbc, release >>>> candidate #3 >>>> +1 (non-binding) >>>> >>>> I assume that thttps://github.com/apache/flink-web/pull/707 and be >>>> completed after the release is out. >>>> >>>> From: Martijn Visser >>>> Date: Friday, 2 February 2024 at 08:38 >>>> To: dev@flink.apache.org >>>> Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release >>>> candidate #3 >>>> +1 (binding) >>>> >>>> - Validated
Re: FW: RE: [VOTE] Release flink-connector-jdbc, release candidate #3
Hi David thanks for checking and sorry for the late reply yep, that's ok this just means that you haven't signed my key which is ok (usually it could happen during virtual key signing parties) For release checking it is ok to check that the key which was used to sign the artifacts is included into Flink release KEYS file [1] [1] https://dist.apache.org/repos/dist/release/flink/KEYS On Thu, Feb 8, 2024 at 3:50 PM David Radley wrote: > Thanks Sergey, > > It looks better now. > > gpg --verify flink-connector-jdbc-3.1.2-1.18.jar.asc > > gpg: assuming signed data in 'flink-connector-jdbc-3.1.2-1.18.jar' > > gpg: Signature made Thu 1 Feb 10:54:45 2024 GMT > > gpg:using RSA key F7529FAE24811A5C0DF3CA741596BBF0726835D8 > > gpg: Good signature from "Sergey Nuyanzin (CODE SIGNING KEY) > snuyan...@apache.org<mailto:snuyan...@apache.org>" [unknown] > > gpg: aka "Sergey Nuyanzin (CODE SIGNING KEY) > snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] > > gpg: aka "Sergey Nuyanzin snuyan...@gmail.com snuyan...@gmail.com>" [unknown] > > gpg: WARNING: This key is not certified with a trusted signature! > > gpg: There is no indication that the signature belongs to the > owner. > > I assume the warning is ok, > Kind regards, David. > > From: Sergey Nuyanzin > Date: Thursday, 8 February 2024 at 14:39 > To: dev@flink.apache.org > Subject: [EXTERNAL] Re: FW: RE: [VOTE] Release flink-connector-jdbc, > release candidate #3 > Hi David > > it looks like in your case you don't specify the jar itself and probably it > is not in current dir > so it should be something like that (assuming that both asc and jar file > are downloaded and are in current folder) > gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > flink-connector-jdbc-3.1.2-1.16.jar > > Here it is a more complete guide how to do it for Apache projects [1] > > [1] https://www.apache.org/info/verification.html#CheckingSignatures > > On Thu, Feb 8, 2024 at 12:38 PM David Radley > wrote: > > > Hi, > > I was looking more at the asc files. I imported the keys and tried. > > > > > > gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > > > > gpg: no signed data > > > > gpg: can't hash datafile: No data > > > > This seems to be the same for all the asc file. It does not look right; > am > > I doing doing incorrect? > >Kind regards, David. > > > > > > From: David Radley > > Date: Thursday, 8 February 2024 at 10:46 > > To: dev@flink.apache.org > > Subject: [EXTERNAL] RE: [VOTE] Release flink-connector-jdbc, release > > candidate #3 > > +1 (non-binding) > > > > I assume that thttps://github.com/apache/flink-web/pull/707 and be > > completed after the release is out. > > > > From: Martijn Visser > > Date: Friday, 2 February 2024 at 08:38 > > To: dev@flink.apache.org > > Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release > > candidate #3 > > +1 (binding) > > > > - Validated hashes > > - Verified signature > > - Verified that no binaries exist in the source archive > > - Build the source with Maven > > - Verified licenses > > - Verified web PRs > > > > On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: > > > > > +1 (non-binding) > > > > > > - Validated checksum hash > > > - Verified signature > > > - Build the source with Maven and jdk8/11/17 > > > - Check that the jar is built by jdk8 > > > - Verified that no binaries exist in the source archive > > > > > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > > > > > Hi everyone, > > > > Please review and vote on the release candidate #3 for the version > > 3.1.2, > > > > as follows: > > > > [ ] +1, Approve the release > > > > [ ] -1, Do not approve the release (please provide specific comments) > > > > > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > > > > > The complete staging area is available for your review, which > includes: > > > > * JIRA release notes [1], > > > > * the official Apache source release to be deployed to > dist.apache.org > > > > [2], > > > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > > > * all artifacts to be deployed to the Maven Central Repository [4], > > > > * source code tag v3.1.2-rc3 [5], > >
Re: FW: RE: [VOTE] Release flink-connector-jdbc, release candidate #3
+1 (non-binding) - Validated checksum hash - Verified signature from another machine - Checked that tag is present in Github - Built the source On Tue, Feb 20, 2024 at 10:13 AM Sergey Nuyanzin wrote: > Hi David > thanks for checking and sorry for the late reply > > yep, that's ok this just means that you haven't signed my key which is ok > (usually it could happen during virtual key signing parties) > > For release checking it is ok to check that the key which was used to sign > the artifacts is included into Flink release KEYS file [1] > > [1] https://dist.apache.org/repos/dist/release/flink/KEYS > > On Thu, Feb 8, 2024 at 3:50 PM David Radley > wrote: > >> Thanks Sergey, >> >> It looks better now. >> >> gpg --verify flink-connector-jdbc-3.1.2-1.18.jar.asc >> >> gpg: assuming signed data in 'flink-connector-jdbc-3.1.2-1.18.jar' >> >> gpg: Signature made Thu 1 Feb 10:54:45 2024 GMT >> >> gpg:using RSA key F7529FAE24811A5C0DF3CA741596BBF0726835D8 >> >> gpg: Good signature from "Sergey Nuyanzin (CODE SIGNING KEY) >> snuyan...@apache.org<mailto:snuyan...@apache.org>" [unknown] >> >> gpg: aka "Sergey Nuyanzin (CODE SIGNING KEY) >> snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] >> >> gpg: aka "Sergey Nuyanzin snuyan...@gmail.com> snuyan...@gmail.com>" [unknown] >> >> gpg: WARNING: This key is not certified with a trusted signature! >> >> gpg: There is no indication that the signature belongs to the >> owner. >> >> I assume the warning is ok, >> Kind regards, David. >> >> From: Sergey Nuyanzin >> Date: Thursday, 8 February 2024 at 14:39 >> To: dev@flink.apache.org >> Subject: [EXTERNAL] Re: FW: RE: [VOTE] Release flink-connector-jdbc, >> release candidate #3 >> Hi David >> >> it looks like in your case you don't specify the jar itself and probably >> it >> is not in current dir >> so it should be something like that (assuming that both asc and jar file >> are downloaded and are in current folder) >> gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc >> flink-connector-jdbc-3.1.2-1.16.jar >> >> Here it is a more complete guide how to do it for Apache projects [1] >> >> [1] https://www.apache.org/info/verification.html#CheckingSignatures >> >> On Thu, Feb 8, 2024 at 12:38 PM David Radley >> wrote: >> >> > Hi, >> > I was looking more at the asc files. I imported the keys and tried. >> > >> > >> > gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc >> > >> > gpg: no signed data >> > >> > gpg: can't hash datafile: No data >> > >> > This seems to be the same for all the asc file. It does not look right; >> am >> > I doing doing incorrect? >> >Kind regards, David. >> > >> > >> > From: David Radley >> > Date: Thursday, 8 February 2024 at 10:46 >> > To: dev@flink.apache.org >> > Subject: [EXTERNAL] RE: [VOTE] Release flink-connector-jdbc, release >> > candidate #3 >> > +1 (non-binding) >> > >> > I assume that thttps://github.com/apache/flink-web/pull/707 and be >> > completed after the release is out. >> > >> > From: Martijn Visser >> > Date: Friday, 2 February 2024 at 08:38 >> > To: dev@flink.apache.org >> > Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release >> > candidate #3 >> > +1 (binding) >> > >> > - Validated hashes >> > - Verified signature >> > - Verified that no binaries exist in the source archive >> > - Build the source with Maven >> > - Verified licenses >> > - Verified web PRs >> > >> > On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: >> > >> > > +1 (non-binding) >> > > >> > > - Validated checksum hash >> > > - Verified signature >> > > - Build the source with Maven and jdk8/11/17 >> > > - Check that the jar is built by jdk8 >> > > - Verified that no binaries exist in the source archive >> > > >> > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: >> > > >> > > > Hi everyone, >> > > > Please review and vote on the release candidate #3 for the version >> > 3.1.2, >> > > > as follows: >> > > > [ ] +1, Approve the release >> &g
RE: FW: RE: [VOTE] Release flink-connector-jdbc, release candidate #3
Thanks Sergey, It looks better now. gpg --verify flink-connector-jdbc-3.1.2-1.18.jar.asc gpg: assuming signed data in 'flink-connector-jdbc-3.1.2-1.18.jar' gpg: Signature made Thu 1 Feb 10:54:45 2024 GMT gpg:using RSA key F7529FAE24811A5C0DF3CA741596BBF0726835D8 gpg: Good signature from "Sergey Nuyanzin (CODE SIGNING KEY) snuyan...@apache.org<mailto:snuyan...@apache.org>" [unknown] gpg: aka "Sergey Nuyanzin (CODE SIGNING KEY) snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] gpg: aka "Sergey Nuyanzin snuyan...@gmail.com<mailto:snuyan...@gmail.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. I assume the warning is ok, Kind regards, David. From: Sergey Nuyanzin Date: Thursday, 8 February 2024 at 14:39 To: dev@flink.apache.org Subject: [EXTERNAL] Re: FW: RE: [VOTE] Release flink-connector-jdbc, release candidate #3 Hi David it looks like in your case you don't specify the jar itself and probably it is not in current dir so it should be something like that (assuming that both asc and jar file are downloaded and are in current folder) gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc flink-connector-jdbc-3.1.2-1.16.jar Here it is a more complete guide how to do it for Apache projects [1] [1] https://www.apache.org/info/verification.html#CheckingSignatures On Thu, Feb 8, 2024 at 12:38 PM David Radley wrote: > Hi, > I was looking more at the asc files. I imported the keys and tried. > > > gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > > gpg: no signed data > > gpg: can't hash datafile: No data > > This seems to be the same for all the asc file. It does not look right; am > I doing doing incorrect? >Kind regards, David. > > > From: David Radley > Date: Thursday, 8 February 2024 at 10:46 > To: dev@flink.apache.org > Subject: [EXTERNAL] RE: [VOTE] Release flink-connector-jdbc, release > candidate #3 > +1 (non-binding) > > I assume that thttps://github.com/apache/flink-web/pull/707 and be > completed after the release is out. > > From: Martijn Visser > Date: Friday, 2 February 2024 at 08:38 > To: dev@flink.apache.org > Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release > candidate #3 > +1 (binding) > > - Validated hashes > - Verified signature > - Verified that no binaries exist in the source archive > - Build the source with Maven > - Verified licenses > - Verified web PRs > > On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: > > > +1 (non-binding) > > > > - Validated checksum hash > > - Verified signature > > - Build the source with Maven and jdk8/11/17 > > - Check that the jar is built by jdk8 > > - Verified that no binaries exist in the source archive > > > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > > > Hi everyone, > > > Please review and vote on the release candidate #3 for the version > 3.1.2, > > > as follows: > > > [ ] +1, Approve the release > > > [ ] -1, Do not approve the release (please provide specific comments) > > > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > > > The complete staging area is available for your review, which includes: > > > * JIRA release notes [1], > > > * the official Apache source release to be deployed to dist.apache.org > > > [2], > > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > > * all artifacts to be deployed to the Maven Central Repository [4], > > > * source code tag v3.1.2-rc3 [5], > > > * website pull request listing the new release [6]. > > > > > > The vote will be open for at least 72 hours. It is adopted by majority > > > approval, with at least 3 PMC affirmative votes. > > > > > > Thanks, > > > Release Manager > > > > > > [1] > > > > > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > > > [2] > > > > > > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > > > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > > > [4] > > > > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > > > [5] > > https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > > > [6] https://github.com/apache/flink-web/pull/707 > > > > > > > Unless otherwise stated above: > > IBM United Kingdom Limited > Registered in England and Wales with number 741598 > Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU > > Unless otherwise stated above: > > IBM United Kingdom Limited > Registered in England and Wales with number 741598 > Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU > -- Best regards, Sergey Unless otherwise stated above: IBM United Kingdom Limited Registered in England and Wales with number 741598 Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
Re: FW: RE: [VOTE] Release flink-connector-jdbc, release candidate #3
Hi David it looks like in your case you don't specify the jar itself and probably it is not in current dir so it should be something like that (assuming that both asc and jar file are downloaded and are in current folder) gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc flink-connector-jdbc-3.1.2-1.16.jar Here it is a more complete guide how to do it for Apache projects [1] [1] https://www.apache.org/info/verification.html#CheckingSignatures On Thu, Feb 8, 2024 at 12:38 PM David Radley wrote: > Hi, > I was looking more at the asc files. I imported the keys and tried. > > > gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc > > gpg: no signed data > > gpg: can't hash datafile: No data > > This seems to be the same for all the asc file. It does not look right; am > I doing doing incorrect? >Kind regards, David. > > > From: David Radley > Date: Thursday, 8 February 2024 at 10:46 > To: dev@flink.apache.org > Subject: [EXTERNAL] RE: [VOTE] Release flink-connector-jdbc, release > candidate #3 > +1 (non-binding) > > I assume that thttps://github.com/apache/flink-web/pull/707 and be > completed after the release is out. > > From: Martijn Visser > Date: Friday, 2 February 2024 at 08:38 > To: dev@flink.apache.org > Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release > candidate #3 > +1 (binding) > > - Validated hashes > - Verified signature > - Verified that no binaries exist in the source archive > - Build the source with Maven > - Verified licenses > - Verified web PRs > > On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: > > > +1 (non-binding) > > > > - Validated checksum hash > > - Verified signature > > - Build the source with Maven and jdk8/11/17 > > - Check that the jar is built by jdk8 > > - Verified that no binaries exist in the source archive > > > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > > > Hi everyone, > > > Please review and vote on the release candidate #3 for the version > 3.1.2, > > > as follows: > > > [ ] +1, Approve the release > > > [ ] -1, Do not approve the release (please provide specific comments) > > > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > > > The complete staging area is available for your review, which includes: > > > * JIRA release notes [1], > > > * the official Apache source release to be deployed to dist.apache.org > > > [2], > > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > > * all artifacts to be deployed to the Maven Central Repository [4], > > > * source code tag v3.1.2-rc3 [5], > > > * website pull request listing the new release [6]. > > > > > > The vote will be open for at least 72 hours. It is adopted by majority > > > approval, with at least 3 PMC affirmative votes. > > > > > > Thanks, > > > Release Manager > > > > > > [1] > > > > > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > > > [2] > > > > > > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > > > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > > > [4] > > > > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > > > [5] > > https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > > > [6] https://github.com/apache/flink-web/pull/707 > > > > > > > Unless otherwise stated above: > > IBM United Kingdom Limited > Registered in England and Wales with number 741598 > Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU > > Unless otherwise stated above: > > IBM United Kingdom Limited > Registered in England and Wales with number 741598 > Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU > -- Best regards, Sergey
FW: RE: [VOTE] Release flink-connector-jdbc, release candidate #3
Hi, I was looking more at the asc files. I imported the keys and tried. gpg --verify flink-connector-jdbc-3.1.2-1.16.jar.asc gpg: no signed data gpg: can't hash datafile: No data This seems to be the same for all the asc file. It does not look right; am I doing doing incorrect? Kind regards, David. From: David Radley Date: Thursday, 8 February 2024 at 10:46 To: dev@flink.apache.org Subject: [EXTERNAL] RE: [VOTE] Release flink-connector-jdbc, release candidate #3 +1 (non-binding) I assume that thttps://github.com/apache/flink-web/pull/707 and be completed after the release is out. From: Martijn Visser Date: Friday, 2 February 2024 at 08:38 To: dev@flink.apache.org Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release candidate #3 +1 (binding) - Validated hashes - Verified signature - Verified that no binaries exist in the source archive - Build the source with Maven - Verified licenses - Verified web PRs On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: > +1 (non-binding) > > - Validated checksum hash > - Verified signature > - Build the source with Maven and jdk8/11/17 > - Check that the jar is built by jdk8 > - Verified that no binaries exist in the source archive > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > Hi everyone, > > Please review and vote on the release candidate #3 for the version 3.1.2, > > as follows: > > [ ] +1, Approve the release > > [ ] -1, Do not approve the release (please provide specific comments) > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > The complete staging area is available for your review, which includes: > > * JIRA release notes [1], > > * the official Apache source release to be deployed to dist.apache.org > > [2], > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > * all artifacts to be deployed to the Maven Central Repository [4], > > * source code tag v3.1.2-rc3 [5], > > * website pull request listing the new release [6]. > > > > The vote will be open for at least 72 hours. It is adopted by majority > > approval, with at least 3 PMC affirmative votes. > > > > Thanks, > > Release Manager > > > > [1] > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > > [2] > > > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > > [4] > > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > > [5] > https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > > [6] https://github.com/apache/flink-web/pull/707 > > > Unless otherwise stated above: IBM United Kingdom Limited Registered in England and Wales with number 741598 Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU Unless otherwise stated above: IBM United Kingdom Limited Registered in England and Wales with number 741598 Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
RE: [VOTE] Release flink-connector-jdbc, release candidate #3
+1 (non-binding) I assume that thttps://github.com/apache/flink-web/pull/707 and be completed after the release is out. From: Martijn Visser Date: Friday, 2 February 2024 at 08:38 To: dev@flink.apache.org Subject: [EXTERNAL] Re: [VOTE] Release flink-connector-jdbc, release candidate #3 +1 (binding) - Validated hashes - Verified signature - Verified that no binaries exist in the source archive - Build the source with Maven - Verified licenses - Verified web PRs On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: > +1 (non-binding) > > - Validated checksum hash > - Verified signature > - Build the source with Maven and jdk8/11/17 > - Check that the jar is built by jdk8 > - Verified that no binaries exist in the source archive > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > Hi everyone, > > Please review and vote on the release candidate #3 for the version 3.1.2, > > as follows: > > [ ] +1, Approve the release > > [ ] -1, Do not approve the release (please provide specific comments) > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > The complete staging area is available for your review, which includes: > > * JIRA release notes [1], > > * the official Apache source release to be deployed to dist.apache.org > > [2], > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > * all artifacts to be deployed to the Maven Central Repository [4], > > * source code tag v3.1.2-rc3 [5], > > * website pull request listing the new release [6]. > > > > The vote will be open for at least 72 hours. It is adopted by majority > > approval, with at least 3 PMC affirmative votes. > > > > Thanks, > > Release Manager > > > > [1] > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > > [2] > > > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > > [4] > > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > > [5] > https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > > [6] https://github.com/apache/flink-web/pull/707 > > > Unless otherwise stated above: IBM United Kingdom Limited Registered in England and Wales with number 741598 Registered office: PO Box 41, North Harbour, Portsmouth, Hants. PO6 3AU
Re: [VOTE] Release flink-connector-jdbc, release candidate #3
+1 (binding) - Validated hashes - Verified signature - Verified that no binaries exist in the source archive - Build the source with Maven - Verified licenses - Verified web PRs On Fri, Feb 2, 2024 at 9:31 AM Yanquan Lv wrote: > +1 (non-binding) > > - Validated checksum hash > - Verified signature > - Build the source with Maven and jdk8/11/17 > - Check that the jar is built by jdk8 > - Verified that no binaries exist in the source archive > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > Hi everyone, > > Please review and vote on the release candidate #3 for the version 3.1.2, > > as follows: > > [ ] +1, Approve the release > > [ ] -1, Do not approve the release (please provide specific comments) > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > The complete staging area is available for your review, which includes: > > * JIRA release notes [1], > > * the official Apache source release to be deployed to dist.apache.org > > [2], > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > * all artifacts to be deployed to the Maven Central Repository [4], > > * source code tag v3.1.2-rc3 [5], > > * website pull request listing the new release [6]. > > > > The vote will be open for at least 72 hours. It is adopted by majority > > approval, with at least 3 PMC affirmative votes. > > > > Thanks, > > Release Manager > > > > [1] > > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > > [2] > > > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > > [4] > > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > > [5] > https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > > [6] https://github.com/apache/flink-web/pull/707 > > >
Re: [VOTE] Release flink-connector-jdbc, release candidate #3
+1 (non-binding) - Validated checksum hash - Verified signature - Build the source with Maven and jdk8/11/17 - Check that the jar is built by jdk8 - Verified that no binaries exist in the source archive Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > Hi everyone, > Please review and vote on the release candidate #3 for the version 3.1.2, > as follows: > [ ] +1, Approve the release > [ ] -1, Do not approve the release (please provide specific comments) > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > The complete staging area is available for your review, which includes: > * JIRA release notes [1], > * the official Apache source release to be deployed to dist.apache.org > [2], > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > * all artifacts to be deployed to the Maven Central Repository [4], > * source code tag v3.1.2-rc3 [5], > * website pull request listing the new release [6]. > > The vote will be open for at least 72 hours. It is adopted by majority > approval, with at least 3 PMC affirmative votes. > > Thanks, > Release Manager > > [1] > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > [2] > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > [4] > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > [5] https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > [6] https://github.com/apache/flink-web/pull/707 >
RE: Re: [VOTE] Release flink-connector-jdbc, release candidate #3
Thanks Sergey for driving this. +1(non-binding) - Release notes look good - Tag is present in Github - Validated checksum hash - Verified signature - Build the source with Maven by jdk8,11,17 - Checked jar was built by jdk8 - Reviewed web PR Best, Jiabao On 2024/02/02 06:58:35 Hang Ruan wrote: > +1 (non-binding) > > - Validated checksum hash > - Verified signature > - Verified that no binaries exist in the source archive > - Build the source with Maven and jdk8 > - Check that the jar is built by jdk8 > > Best, > Hang > > Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > > > Hi everyone, > > Please review and vote on the release candidate #3 for the version 3.1.2, > > as follows: > > [ ] +1, Approve the release > > [ ] -1, Do not approve the release (please provide specific comments) > > > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > > > The complete staging area is available for your review, which includes: > > * JIRA release notes [1], > > * the official Apache source release to be deployed to dist.apache.org > > [2], > > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > > * all artifacts to be deployed to the Maven Central Repository [4], > > * source code tag v3.1.2-rc3 [5], > > * website pull request listing the new release [6]. > > > > The vote will be open for at least 72 hours. It is adopted by majority > > approval, with at least 3 PMC affirmative votes. > > > > Thanks, > > Release Manager > > > > [1] > > > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > > [2] > > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > > [4] > > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > > [5] https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > > [6] https://github.com/apache/flink-web/pull/707 > > >
Re: [VOTE] Release flink-connector-jdbc, release candidate #3
+1 (non-binding) - Validated checksum hash - Verified signature - Verified that no binaries exist in the source archive - Build the source with Maven and jdk8 - Check that the jar is built by jdk8 Best, Hang Sergey Nuyanzin 于2024年2月1日周四 19:50写道: > Hi everyone, > Please review and vote on the release candidate #3 for the version 3.1.2, > as follows: > [ ] +1, Approve the release > [ ] -1, Do not approve the release (please provide specific comments) > > This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. > > The complete staging area is available for your review, which includes: > * JIRA release notes [1], > * the official Apache source release to be deployed to dist.apache.org > [2], > which are signed with the key with fingerprint 1596BBF0726835D8 [3], > * all artifacts to be deployed to the Maven Central Repository [4], > * source code tag v3.1.2-rc3 [5], > * website pull request listing the new release [6]. > > The vote will be open for at least 72 hours. It is adopted by majority > approval, with at least 3 PMC affirmative votes. > > Thanks, > Release Manager > > [1] > > https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 > [2] > https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 > [3] https://dist.apache.org/repos/dist/release/flink/KEYS > [4] > https://repository.apache.org/content/repositories/orgapacheflink-1706/ > [5] https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 > [6] https://github.com/apache/flink-web/pull/707 >
[VOTE] Release flink-connector-jdbc, release candidate #3
Hi everyone, Please review and vote on the release candidate #3 for the version 3.1.2, as follows: [ ] +1, Approve the release [ ] -1, Do not approve the release (please provide specific comments) This version is compatible with Flink 1.16.x, 1.17.x and 1.18.x. The complete staging area is available for your review, which includes: * JIRA release notes [1], * the official Apache source release to be deployed to dist.apache.org [2], which are signed with the key with fingerprint 1596BBF0726835D8 [3], * all artifacts to be deployed to the Maven Central Repository [4], * source code tag v3.1.2-rc3 [5], * website pull request listing the new release [6]. The vote will be open for at least 72 hours. It is adopted by majority approval, with at least 3 PMC affirmative votes. Thanks, Release Manager [1] https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12315522&version=12354088 [2] https://dist.apache.org/repos/dist/dev/flink/flink-connector-jdbc-3.1.2-rc3 [3] https://dist.apache.org/repos/dist/release/flink/KEYS [4] https://repository.apache.org/content/repositories/orgapacheflink-1706/ [5] https://github.com/apache/flink-connector-jdbc/releases/tag/v3.1.2-rc3 [6] https://github.com/apache/flink-web/pull/707