Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Thank you, Larry, for preparing the new release! I tried to verify the signature of knox-1.4.0.zip using GPG but verification failed for me with the following error: $ gpg --import KEYS gpg: directory 'XXX' created gpg: keybox 'XXX/pubring.kbx' created gpg: key 82F9C371587C089B: 1 signature not checked due to a missing key gpg: XXX/trustdb.gpg: trustdb created gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING KEY) < lmc...@apache.org>" imported gpg: key 57846920EACB2DAE: 2 signatures not checked due to missing keys gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code signing) < kmin...@apache.org>" imported gpg: key 2B5842B902C74EAE: public key "Sumit Gupta " imported gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING KEY) < kris...@apache.org>" imported gpg: Total number processed: 4 gpg: imported: 4 gpg: no ultimately trusted keys found $ gpg --verify knox-1.4.0.zip.asc gpg: assuming signed data in 'knox-1.4.0.zip' gpg: Signature made Wed Apr 15 02:36:28 2020 CEST gpg:using RSA key 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF gpg: Can't check signature: No public key Could you please let me know if I'm doing something wrong or the KEYS file is incorrect? Thanks, Sandor P.S.: the rest seems to be OK. I deployed/started Knox, reached the new Home PAge, logged into Admin UI, tested some of the new features. On Wed, Apr 15, 2020 at 3:01 AM larry mccay wrote: > All - > > A candidate for the Apache Knox 1.4.0 release is available at: > > https://dist.apache.org/repos/dist/dev/knox/knox-1.4.0/ > > The release candidate is a zip archive of the sources in: > > https://https://gitbox.apache.org/repos/asf/knox.git > Branch v1.4.0 (git checkout -b v1.4.0) > > The KEYS file for signature validation is available at: > https://dist.apache.org/repos/dist/release/knox/KEYS > > To assist in testing the knoxshell features you can find the new KnoxShell > User Guide at > http://knox.apache.org/books/knox-1-4-0/knoxshell_user_guide.html > > Gateway User Guide: > http://knox.apache.org/books/knox-1-4-0/user-guide.html > > Dev Guide: http://knox.apache.org/books/knox-1-4-0/dev-guide.html > > Please vote on releasing this package as Apache Knox 1.4.0. > The vote is open for the next 72 hours and passes if a majority of at > least three +1 Apache Knox PMC votes are cast. > > [ ] +1 Release this package as Apache Knox 1.4.0 > [ ] -1 Do not release this package because... > > thanks, > > --larry >
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
I am getting the same error as well, looks like the key used to sign the release has changed. It also appears that we do not have the tar.gz file for knox-1.4.0-src (i.e. knox-1.4.0-src.tar.gz) *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] Larry McCay (CODE SIGNING KEY) >--pub rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] Larry McCay (CODE SIGNING KEY) >* On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar wrote: > Thank you, Larry, for preparing the new release! > > I tried to verify the signature of knox-1.4.0.zip using GPG but > verification failed for me with the following error: > > $ gpg --import KEYS > gpg: directory 'XXX' created > gpg: keybox 'XXX/pubring.kbx' created > gpg: key 82F9C371587C089B: 1 signature not checked due to a missing key > gpg: XXX/trustdb.gpg: trustdb created > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING KEY) < > lmc...@apache.org>" imported > gpg: key 57846920EACB2DAE: 2 signatures not checked due to missing keys > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code signing) < > kmin...@apache.org>" imported > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta " > imported > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING KEY) < > kris...@apache.org>" imported > gpg: Total number processed: 4 > gpg: imported: 4 > gpg: no ultimately trusted keys found > > $ gpg --verify knox-1.4.0.zip.asc > gpg: assuming signed data in 'knox-1.4.0.zip' > gpg: Signature made Wed Apr 15 02:36:28 2020 CEST > gpg:using RSA key 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF > gpg: Can't check signature: No public key > > Could you please let me know if I'm doing something wrong or the KEYS file > is incorrect? > > Thanks, > Sandor > > P.S.: the rest seems to be OK. I deployed/started Knox, reached the new > Home PAge, logged into Admin UI, tested some of the new features. > > On Wed, Apr 15, 2020 at 3:01 AM larry mccay wrote: > > > All - > > > > A candidate for the Apache Knox 1.4.0 release is available at: > > > > https://dist.apache.org/repos/dist/dev/knox/knox-1.4.0/ > > > > The release candidate is a zip archive of the sources in: > > > > https://https://gitbox.apache.org/repos/asf/knox.git > > Branch v1.4.0 (git checkout -b v1.4.0) > > > > The KEYS file for signature validation is available at: > > https://dist.apache.org/repos/dist/release/knox/KEYS > > > > To assist in testing the knoxshell features you can find the new > KnoxShell > > User Guide at > > http://knox.apache.org/books/knox-1-4-0/knoxshell_user_guide.html > > > > Gateway User Guide: > > http://knox.apache.org/books/knox-1-4-0/user-guide.html > > > > Dev Guide: http://knox.apache.org/books/knox-1-4-0/dev-guide.html > > > > Please vote on releasing this package as Apache Knox 1.4.0. > > The vote is open for the next 72 hours and passes if a majority of at > > least three +1 Apache Knox PMC votes are cast. > > > > [ ] +1 Release this package as Apache Knox 1.4.0 > > [ ] -1 Do not release this package because... > > > > thanks, > > > > --larry > > >
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Sorry about that folks - I've corrected the signatures now. Please feel free to check now. --larry On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré wrote: > I am getting the same error as well, looks like the key used to sign the > release has changed. > It also appears that we do not have the tar.gz file for knox-1.4.0-src > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] Larry > McCay (CODE SIGNING KEY) >--pub > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] Larry > McCay (CODE SIGNING KEY) >* > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > wrote: > > > Thank you, Larry, for preparing the new release! > > > > I tried to verify the signature of knox-1.4.0.zip using GPG but > > verification failed for me with the following error: > > > > $ gpg --import KEYS > > gpg: directory 'XXX' created > > gpg: keybox 'XXX/pubring.kbx' created > > gpg: key 82F9C371587C089B: 1 signature not checked due to a missing key > > gpg: XXX/trustdb.gpg: trustdb created > > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING KEY) < > > lmc...@apache.org>" imported > > gpg: key 57846920EACB2DAE: 2 signatures not checked due to missing keys > > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code signing) < > > kmin...@apache.org>" imported > > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta " > > imported > > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING KEY) < > > kris...@apache.org>" imported > > gpg: Total number processed: 4 > > gpg: imported: 4 > > gpg: no ultimately trusted keys found > > > > $ gpg --verify knox-1.4.0.zip.asc > > gpg: assuming signed data in 'knox-1.4.0.zip' > > gpg: Signature made Wed Apr 15 02:36:28 2020 CEST > > gpg:using RSA key > 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF > > gpg: Can't check signature: No public key > > > > Could you please let me know if I'm doing something wrong or the KEYS > file > > is incorrect? > > > > Thanks, > > Sandor > > > > P.S.: the rest seems to be OK. I deployed/started Knox, reached the new > > Home PAge, logged into Admin UI, tested some of the new features. > > > > On Wed, Apr 15, 2020 at 3:01 AM larry mccay wrote: > > > > > All - > > > > > > A candidate for the Apache Knox 1.4.0 release is available at: > > > > > > https://dist.apache.org/repos/dist/dev/knox/knox-1.4.0/ > > > > > > The release candidate is a zip archive of the sources in: > > > > > > https://https://gitbox.apache.org/repos/asf/knox.git > > > Branch v1.4.0 (git checkout -b v1.4.0) > > > > > > The KEYS file for signature validation is available at: > > > https://dist.apache.org/repos/dist/release/knox/KEYS > > > > > > To assist in testing the knoxshell features you can find the new > > KnoxShell > > > User Guide at > > > http://knox.apache.org/books/knox-1-4-0/knoxshell_user_guide.html > > > > > > Gateway User Guide: > > > http://knox.apache.org/books/knox-1-4-0/user-guide.html > > > > > > Dev Guide: http://knox.apache.org/books/knox-1-4-0/dev-guide.html > > > > > > Please vote on releasing this package as Apache Knox 1.4.0. > > > The vote is open for the next 72 hours and passes if a majority of at > > > least three +1 Apache Knox PMC votes are cast. > > > > > > [ ] +1 Release this package as Apache Knox 1.4.0 > > > [ ] -1 Do not release this package because... > > > > > > thanks, > > > > > > --larry > > > > > >
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Hi folks, Here is my +1 for RC1 of Knox 1.4. I verified the updated signatures and ran some basic tests (including some of the new features) using the downloaded product. Cheers, Sandor On Thu, Apr 16, 2020 at 4:29 PM larry mccay wrote: > Sorry about that folks - I've corrected the signatures now. > Please feel free to check now. > > --larry > > On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré > wrote: > > > I am getting the same error as well, looks like the key used to sign the > > release has changed. > > It also appears that we do not have the tar.gz file for knox-1.4.0-src > > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > > CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] Larry > > McCay (CODE SIGNING KEY) >--pub > > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] Larry > > McCay (CODE SIGNING KEY) >* > > > > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > > > > wrote: > > > > > Thank you, Larry, for preparing the new release! > > > > > > I tried to verify the signature of knox-1.4.0.zip using GPG but > > > verification failed for me with the following error: > > > > > > $ gpg --import KEYS > > > gpg: directory 'XXX' created > > > gpg: keybox 'XXX/pubring.kbx' created > > > gpg: key 82F9C371587C089B: 1 signature not checked due to a missing key > > > gpg: XXX/trustdb.gpg: trustdb created > > > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING KEY) < > > > lmc...@apache.org>" imported > > > gpg: key 57846920EACB2DAE: 2 signatures not checked due to missing keys > > > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code signing) < > > > kmin...@apache.org>" imported > > > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta " > > > imported > > > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING KEY) > < > > > kris...@apache.org>" imported > > > gpg: Total number processed: 4 > > > gpg: imported: 4 > > > gpg: no ultimately trusted keys found > > > > > > $ gpg --verify knox-1.4.0.zip.asc > > > gpg: assuming signed data in 'knox-1.4.0.zip' > > > gpg: Signature made Wed Apr 15 02:36:28 2020 CEST > > > gpg:using RSA key > > 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF > > > gpg: Can't check signature: No public key > > > > > > Could you please let me know if I'm doing something wrong or the KEYS > > file > > > is incorrect? > > > > > > Thanks, > > > Sandor > > > > > > P.S.: the rest seems to be OK. I deployed/started Knox, reached the new > > > Home PAge, logged into Admin UI, tested some of the new features. > > > > > > On Wed, Apr 15, 2020 at 3:01 AM larry mccay wrote: > > > > > > > All - > > > > > > > > A candidate for the Apache Knox 1.4.0 release is available at: > > > > > > > > https://dist.apache.org/repos/dist/dev/knox/knox-1.4.0/ > > > > > > > > The release candidate is a zip archive of the sources in: > > > > > > > > https://https://gitbox.apache.org/repos/asf/knox.git > > > > Branch v1.4.0 (git checkout -b v1.4.0) > > > > > > > > The KEYS file for signature validation is available at: > > > > https://dist.apache.org/repos/dist/release/knox/KEYS > > > > > > > > To assist in testing the knoxshell features you can find the new > > > KnoxShell > > > > User Guide at > > > > http://knox.apache.org/books/knox-1-4-0/knoxshell_user_guide.html > > > > > > > > Gateway User Guide: > > > > http://knox.apache.org/books/knox-1-4-0/user-guide.html > > > > > > > > Dev Guide: http://knox.apache.org/books/knox-1-4-0/dev-guide.html > > > > > > > > Please vote on releasing this package as Apache Knox 1.4.0. > > > > The vote is open for the next 72 hours and passes if a majority of at > > > > least three +1 Apache Knox PMC votes are cast. > > > > > > > > [ ] +1 Release this package as Apache Knox 1.4.0 > > > > [ ] -1 Do not release this package because... > > > > > > > > thanks, > > > > > > > > --larry > > > > > > > > > >
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Thank you for preparing this release candidate. I've verified the signatures and built/installed from source. I've exercised the homepage, Admin UI and ClouderaManager discovery. I did notice that the homepage has the following for the Knox Version: 1.4.0 (hash=1.4.0) ? Not necessarily release blockers, but questions for future releases: - Can the sandbox topology be migrated to a descriptor? - Are there other topologies which can be migrated to descriptors? - Should Knox be monitoring the ClouderaManager integration descriptors by default? e.g., knox.gateway (ClouderaManagerDescriptorMonitor.java:setupMonitor(66)) - Monitoring Cloudera Manager descriptors in ... On Thu, Apr 16, 2020 at 10:47 AM Sandor Molnar wrote: > Hi folks, > > Here is my +1 for RC1 of Knox 1.4. > I verified the updated signatures and ran some basic tests (including some > of the new features) using the downloaded product. > > Cheers, > Sandor > > On Thu, Apr 16, 2020 at 4:29 PM larry mccay wrote: > > > Sorry about that folks - I've corrected the signatures now. > > Please feel free to check now. > > > > --larry > > > > On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré > > wrote: > > > > > I am getting the same error as well, looks like the key used to sign > the > > > release has changed. > > > It also appears that we do not have the tar.gz file for knox-1.4.0-src > > > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > > > CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] Larry > > > McCay (CODE SIGNING KEY) >--pub > > > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > > > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] Larry > > > McCay (CODE SIGNING KEY) >* > > > > > > > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > > > > > > > wrote: > > > > > > > Thank you, Larry, for preparing the new release! > > > > > > > > I tried to verify the signature of knox-1.4.0.zip using GPG but > > > > verification failed for me with the following error: > > > > > > > > $ gpg --import KEYS > > > > gpg: directory 'XXX' created > > > > gpg: keybox 'XXX/pubring.kbx' created > > > > gpg: key 82F9C371587C089B: 1 signature not checked due to a missing > key > > > > gpg: XXX/trustdb.gpg: trustdb created > > > > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING > KEY) < > > > > lmc...@apache.org>" imported > > > > gpg: key 57846920EACB2DAE: 2 signatures not checked due to missing > keys > > > > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code signing) < > > > > kmin...@apache.org>" imported > > > > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta >" > > > > imported > > > > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING > KEY) > > < > > > > kris...@apache.org>" imported > > > > gpg: Total number processed: 4 > > > > gpg: imported: 4 > > > > gpg: no ultimately trusted keys found > > > > > > > > $ gpg --verify knox-1.4.0.zip.asc > > > > gpg: assuming signed data in 'knox-1.4.0.zip' > > > > gpg: Signature made Wed Apr 15 02:36:28 2020 CEST > > > > gpg:using RSA key > > > 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF > > > > gpg: Can't check signature: No public key > > > > > > > > Could you please let me know if I'm doing something wrong or the KEYS > > > file > > > > is incorrect? > > > > > > > > Thanks, > > > > Sandor > > > > > > > > P.S.: the rest seems to be OK. I deployed/started Knox, reached the > new > > > > Home PAge, logged into Admin UI, tested some of the new features. > > > > > > > > On Wed, Apr 15, 2020 at 3:01 AM larry mccay > wrote: > > > > > > > > > All - > > > > > > > > > > A candidate for the Apache Knox 1.4.0 release is available at: > > > > > > > > > > https://dist.apache.org/repos/dist/dev/knox/knox-1.4.0/ > > > > > > > > > > The release candidate is a zip archive of the sources in: > > > > > > > > > > https://https://gitbox.apache.org/repos/asf/knox.git > > > > > Branch v1.4.0 (git checkout -b v1.4.0) > > > > > > > > > > The KEYS file for signature validation is available at: > > > > > https://dist.apache.org/repos/dist/release/knox/KEYS > > > > > > > > > > To assist in testing the knoxshell features you can find the new > > > > KnoxShell > > > > > User Guide at > > > > > http://knox.apache.org/books/knox-1-4-0/knoxshell_user_guide.html > > > > > > > > > > Gateway User Guide: > > > > > http://knox.apache.org/books/knox-1-4-0/user-guide.html > > > > > > > > > > Dev Guide: http://knox.apache.org/books/knox-1-4-0/dev-guide.html > > > > > > > > > > Please vote on releasing this package as Apache Knox 1.4.0. > > > > > The vote is open for the next 72 hours and passes if a majority of > at > > > > > least three +1 Apache Knox PMC votes are cast. > > > > > > > > > > [ ] +1 Release this package as Apache Knox 1.4.0 > > > > > [ ] -1 Do not release this package because... > > > > > > > > > > thanks, > > > > >
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Thanks for your review, Phil! I am inclined to say that these do not have to block the release. I will however dig into the CM integration descriptors and determine just how CM specific this is. If it doesn't break any default behavior, then I think we can accept it for now but am open to anyone else's opinion there as well. On Thu, Apr 16, 2020 at 11:33 AM Phil Zampino wrote: > Thank you for preparing this release candidate. > > I've verified the signatures and built/installed from source. > I've exercised the homepage, Admin UI and ClouderaManager discovery. > > I did notice that the homepage has the following for the Knox Version: > 1.4.0 (hash=1.4.0) ? > > Not necessarily release blockers, but questions for future releases: > >- Can the sandbox topology be migrated to a descriptor? >- Are there other topologies which can be migrated to descriptors? >- Should Knox be monitoring the ClouderaManager integration descriptors >by default? >e.g., knox.gateway >(ClouderaManagerDescriptorMonitor.java:setupMonitor(66)) - Monitoring >Cloudera Manager descriptors in ... > > > > On Thu, Apr 16, 2020 at 10:47 AM Sandor Molnar > > wrote: > > > Hi folks, > > > > Here is my +1 for RC1 of Knox 1.4. > > I verified the updated signatures and ran some basic tests (including > some > > of the new features) using the downloaded product. > > > > Cheers, > > Sandor > > > > On Thu, Apr 16, 2020 at 4:29 PM larry mccay wrote: > > > > > Sorry about that folks - I've corrected the signatures now. > > > Please feel free to check now. > > > > > > --larry > > > > > > On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré > > > wrote: > > > > > > > I am getting the same error as well, looks like the key used to sign > > the > > > > release has changed. > > > > It also appears that we do not have the tar.gz file for > knox-1.4.0-src > > > > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > > > > CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] > Larry > > > > McCay (CODE SIGNING KEY) >>--pub > > > > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > > > > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] > Larry > > > > McCay (CODE SIGNING KEY) >* > > > > > > > > > > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > > > > > > > > > > wrote: > > > > > > > > > Thank you, Larry, for preparing the new release! > > > > > > > > > > I tried to verify the signature of knox-1.4.0.zip using GPG but > > > > > verification failed for me with the following error: > > > > > > > > > > $ gpg --import KEYS > > > > > gpg: directory 'XXX' created > > > > > gpg: keybox 'XXX/pubring.kbx' created > > > > > gpg: key 82F9C371587C089B: 1 signature not checked due to a missing > > key > > > > > gpg: XXX/trustdb.gpg: trustdb created > > > > > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING > > KEY) < > > > > > lmc...@apache.org>" imported > > > > > gpg: key 57846920EACB2DAE: 2 signatures not checked due to missing > > keys > > > > > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code signing) > < > > > > > kmin...@apache.org>" imported > > > > > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta < > su...@apache.org > > >" > > > > > imported > > > > > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING > > KEY) > > > < > > > > > kris...@apache.org>" imported > > > > > gpg: Total number processed: 4 > > > > > gpg: imported: 4 > > > > > gpg: no ultimately trusted keys found > > > > > > > > > > $ gpg --verify knox-1.4.0.zip.asc > > > > > gpg: assuming signed data in 'knox-1.4.0.zip' > > > > > gpg: Signature made Wed Apr 15 02:36:28 2020 CEST > > > > > gpg:using RSA key > > > > 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF > > > > > gpg: Can't check signature: No public key > > > > > > > > > > Could you please let me know if I'm doing something wrong or the > KEYS > > > > file > > > > > is incorrect? > > > > > > > > > > Thanks, > > > > > Sandor > > > > > > > > > > P.S.: the rest seems to be OK. I deployed/started Knox, reached the > > new > > > > > Home PAge, logged into Admin UI, tested some of the new features. > > > > > > > > > > On Wed, Apr 15, 2020 at 3:01 AM larry mccay > > wrote: > > > > > > > > > > > All - > > > > > > > > > > > > A candidate for the Apache Knox 1.4.0 release is available at: > > > > > > > > > > > > https://dist.apache.org/repos/dist/dev/knox/knox-1.4.0/ > > > > > > > > > > > > The release candidate is a zip archive of the sources in: > > > > > > > > > > > > https://https://gitbox.apache.org/repos/asf/knox.git > > > > > > Branch v1.4.0 (git checkout -b v1.4.0) > > > > > > > > > > > > The KEYS file for signature validation is available at: > > > > > > https://dist.apache.org/repos/dist/release/knox/KEYS > > > > > > > > > > > > To assist in testing the knoxshell features you can find the new > > > >
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Larry - I agree with your inclination, and I indicated my similar inclination in my review. I just wanted to call these things out in case anyone feels differently. I'm giving my +1 for this RC. Thanks, Phil On Thu, Apr 16, 2020 at 12:42 PM larry mccay wrote: > Thanks for your review, Phil! > > I am inclined to say that these do not have to block the release. > I will however dig into the CM integration descriptors and determine just > how CM specific this is. > If it doesn't break any default behavior, then I think we can accept it for > now but am open to anyone else's opinion there as well. > > > On Thu, Apr 16, 2020 at 11:33 AM Phil Zampino wrote: > > > Thank you for preparing this release candidate. > > > > I've verified the signatures and built/installed from source. > > I've exercised the homepage, Admin UI and ClouderaManager discovery. > > > > I did notice that the homepage has the following for the Knox Version: > > 1.4.0 (hash=1.4.0) ? > > > > Not necessarily release blockers, but questions for future releases: > > > >- Can the sandbox topology be migrated to a descriptor? > >- Are there other topologies which can be migrated to descriptors? > >- Should Knox be monitoring the ClouderaManager integration > descriptors > >by default? > >e.g., knox.gateway > >(ClouderaManagerDescriptorMonitor.java:setupMonitor(66)) - Monitoring > >Cloudera Manager descriptors in ... > > > > > > > > On Thu, Apr 16, 2020 at 10:47 AM Sandor Molnar > > > > wrote: > > > > > Hi folks, > > > > > > Here is my +1 for RC1 of Knox 1.4. > > > I verified the updated signatures and ran some basic tests (including > > some > > > of the new features) using the downloaded product. > > > > > > Cheers, > > > Sandor > > > > > > On Thu, Apr 16, 2020 at 4:29 PM larry mccay wrote: > > > > > > > Sorry about that folks - I've corrected the signatures now. > > > > Please feel free to check now. > > > > > > > > --larry > > > > > > > > On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré > > > > wrote: > > > > > > > > > I am getting the same error as well, looks like the key used to > sign > > > the > > > > > release has changed. > > > > > It also appears that we do not have the tar.gz file for > > knox-1.4.0-src > > > > > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > > > > > CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] > > Larry > > > > > McCay (CODE SIGNING KEY) > >>--pub > > > > > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > > > > > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] > > Larry > > > > > McCay (CODE SIGNING KEY) >* > > > > > > > > > > > > > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > > > > > > > > > > > > > wrote: > > > > > > > > > > > Thank you, Larry, for preparing the new release! > > > > > > > > > > > > I tried to verify the signature of knox-1.4.0.zip using GPG but > > > > > > verification failed for me with the following error: > > > > > > > > > > > > $ gpg --import KEYS > > > > > > gpg: directory 'XXX' created > > > > > > gpg: keybox 'XXX/pubring.kbx' created > > > > > > gpg: key 82F9C371587C089B: 1 signature not checked due to a > missing > > > key > > > > > > gpg: XXX/trustdb.gpg: trustdb created > > > > > > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE SIGNING > > > KEY) < > > > > > > lmc...@apache.org>" imported > > > > > > gpg: key 57846920EACB2DAE: 2 signatures not checked due to > missing > > > keys > > > > > > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code > signing) > > < > > > > > > kmin...@apache.org>" imported > > > > > > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta < > > su...@apache.org > > > >" > > > > > > imported > > > > > > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE SIGNING > > > KEY) > > > > < > > > > > > kris...@apache.org>" imported > > > > > > gpg: Total number processed: 4 > > > > > > gpg: imported: 4 > > > > > > gpg: no ultimately trusted keys found > > > > > > > > > > > > $ gpg --verify knox-1.4.0.zip.asc > > > > > > gpg: assuming signed data in 'knox-1.4.0.zip' > > > > > > gpg: Signature made Wed Apr 15 02:36:28 2020 CEST > > > > > > gpg:using RSA key > > > > > 7AEC60D6E92792CCE08CDEDE3704A2F46A6B52DF > > > > > > gpg: Can't check signature: No public key > > > > > > > > > > > > Could you please let me know if I'm doing something wrong or the > > KEYS > > > > > file > > > > > > is incorrect? > > > > > > > > > > > > Thanks, > > > > > > Sandor > > > > > > > > > > > > P.S.: the rest seems to be OK. I deployed/started Knox, reached > the > > > new > > > > > > Home PAge, logged into Admin UI, tested some of the new features. > > > > > > > > > > > > On Wed, Apr 15, 2020 at 3:01 AM larry mccay > > > wrote: > > > > > > > > > > > > > All - > > > > > > > > > > > > > > A candidate for the Apache Knox 1.4
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
Hi folks, the monitor itself is not CM specific: anyone can generate a Hadoop style XML file and copy it in the KNOX_DESCRIPTOR_DIR with a .cm extension -> the monitor will pick it up. By default, the monitor is enabled because the default value of gateway.cloudera.manager.descriptors.monitor.interval is set to 30 secs. The reason for this naming convention is that, as of now, only CM generates such files and we wanted to have this logic in a separate CM integration module. I believe fixing https://issues.apache.org/jira/browse/KNOX-2344 in 1.5 is sufficient and I'm also in favor to go with this 1.4 RC. Regards, Sandor On Thu, Apr 16, 2020 at 7:01 PM Phil Zampino wrote: > Larry - > > I agree with your inclination, and I indicated my similar inclination in my > review. > I just wanted to call these things out in case anyone feels differently. > > I'm giving my +1 for this RC. > > Thanks, > Phil > > On Thu, Apr 16, 2020 at 12:42 PM larry mccay > wrote: > > > Thanks for your review, Phil! > > > > I am inclined to say that these do not have to block the release. > > I will however dig into the CM integration descriptors and determine just > > how CM specific this is. > > If it doesn't break any default behavior, then I think we can accept it > for > > now but am open to anyone else's opinion there as well. > > > > > > On Thu, Apr 16, 2020 at 11:33 AM Phil Zampino > wrote: > > > > > Thank you for preparing this release candidate. > > > > > > I've verified the signatures and built/installed from source. > > > I've exercised the homepage, Admin UI and ClouderaManager discovery. > > > > > > I did notice that the homepage has the following for the Knox Version: > > > 1.4.0 (hash=1.4.0) ? > > > > > > Not necessarily release blockers, but questions for future releases: > > > > > >- Can the sandbox topology be migrated to a descriptor? > > >- Are there other topologies which can be migrated to descriptors? > > >- Should Knox be monitoring the ClouderaManager integration > > descriptors > > >by default? > > >e.g., knox.gateway > > >(ClouderaManagerDescriptorMonitor.java:setupMonitor(66)) - > Monitoring > > >Cloudera Manager descriptors in ... > > > > > > > > > > > > On Thu, Apr 16, 2020 at 10:47 AM Sandor Molnar > > > > > > wrote: > > > > > > > Hi folks, > > > > > > > > Here is my +1 for RC1 of Knox 1.4. > > > > I verified the updated signatures and ran some basic tests (including > > > some > > > > of the new features) using the downloaded product. > > > > > > > > Cheers, > > > > Sandor > > > > > > > > On Thu, Apr 16, 2020 at 4:29 PM larry mccay > wrote: > > > > > > > > > Sorry about that folks - I've corrected the signatures now. > > > > > Please feel free to check now. > > > > > > > > > > --larry > > > > > > > > > > On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré < > moresand...@gmail.com> > > > > > wrote: > > > > > > > > > > > I am getting the same error as well, looks like the key used to > > sign > > > > the > > > > > > release has changed. > > > > > > It also appears that we do not have the tar.gz file for > > > knox-1.4.0-src > > > > > > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > > > > > > CB951DC938391FE207682BB582F9C371587C089Buid [ unknown] > > > Larry > > > > > > McCay (CODE SIGNING KEY) > > >>--pub > > > > > > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > > > > > > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ revoked] > > > Larry > > > > > > McCay (CODE SIGNING KEY) >>* > > > > > > > > > > > > > > > > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > Thank you, Larry, for preparing the new release! > > > > > > > > > > > > > > I tried to verify the signature of knox-1.4.0.zip using GPG but > > > > > > > verification failed for me with the following error: > > > > > > > > > > > > > > $ gpg --import KEYS > > > > > > > gpg: directory 'XXX' created > > > > > > > gpg: keybox 'XXX/pubring.kbx' created > > > > > > > gpg: key 82F9C371587C089B: 1 signature not checked due to a > > missing > > > > key > > > > > > > gpg: XXX/trustdb.gpg: trustdb created > > > > > > > gpg: key 82F9C371587C089B: public key "Larry McCay (CODE > SIGNING > > > > KEY) < > > > > > > > lmc...@apache.org>" imported > > > > > > > gpg: key 57846920EACB2DAE: 2 signatures not checked due to > > missing > > > > keys > > > > > > > gpg: key 57846920EACB2DAE: public key "Kevin Minder (Code > > signing) > > > < > > > > > > > kmin...@apache.org>" imported > > > > > > > gpg: key 2B5842B902C74EAE: public key "Sumit Gupta < > > > su...@apache.org > > > > >" > > > > > > > imported > > > > > > > gpg: key 12D51C2DE72B5D09: public key "Kevin Risden (CODE > SIGNING > > > > KEY) > > > > > < > > > > > > > kris...@apache.org>" imported > > > > > > > gpg: Total number
Re: [VOTE] Release Apache Knox 1.4.0 - RC 1
All - Overall the release candidate looks pretty good. Unfortunately, I did find a bug that I feel is a blocker - it is in KnoxShellTableRenderer and even though it this isn't core to Knox Gateway - it is a prominent area of this release. While testing HiveServer2 queries from KnoxShell and knoxline, I found that table cols that are nullable cause an NPE while rendering. It was found during actual queries and 'describe table' calls. I have a fix and new unit test for it that I will commit to master and then cherry-pick back to v1.4.0 branch and will cut a new RC. Here is my -1 for RC 1. thanks, --larry On Fri, Apr 17, 2020 at 5:14 AM Sandor Molnar wrote: > Hi folks, > > the monitor itself is not CM specific: anyone can generate a Hadoop style > XML file and copy it in the KNOX_DESCRIPTOR_DIR with a .cm extension -> the > monitor will pick it up. > By default, the monitor is enabled because the default value of > gateway.cloudera.manager.descriptors.monitor.interval is set to 30 secs. > The reason for this naming convention is that, as of now, only CM generates > such files and we wanted to have this logic in a separate CM integration > module. > I believe fixing https://issues.apache.org/jira/browse/KNOX-2344 in 1.5 is > sufficient and I'm also in favor to go with this 1.4 RC. > > Regards, > Sandor > > On Thu, Apr 16, 2020 at 7:01 PM Phil Zampino wrote: > > > Larry - > > > > I agree with your inclination, and I indicated my similar inclination in > my > > review. > > I just wanted to call these things out in case anyone feels differently. > > > > I'm giving my +1 for this RC. > > > > Thanks, > > Phil > > > > On Thu, Apr 16, 2020 at 12:42 PM larry mccay > > wrote: > > > > > Thanks for your review, Phil! > > > > > > I am inclined to say that these do not have to block the release. > > > I will however dig into the CM integration descriptors and determine > just > > > how CM specific this is. > > > If it doesn't break any default behavior, then I think we can accept it > > for > > > now but am open to anyone else's opinion there as well. > > > > > > > > > On Thu, Apr 16, 2020 at 11:33 AM Phil Zampino > > wrote: > > > > > > > Thank you for preparing this release candidate. > > > > > > > > I've verified the signatures and built/installed from source. > > > > I've exercised the homepage, Admin UI and ClouderaManager discovery. > > > > > > > > I did notice that the homepage has the following for the Knox > Version: > > > > 1.4.0 (hash=1.4.0) ? > > > > > > > > Not necessarily release blockers, but questions for future releases: > > > > > > > >- Can the sandbox topology be migrated to a descriptor? > > > >- Are there other topologies which can be migrated to descriptors? > > > >- Should Knox be monitoring the ClouderaManager integration > > > descriptors > > > >by default? > > > >e.g., knox.gateway > > > >(ClouderaManagerDescriptorMonitor.java:setupMonitor(66)) - > > Monitoring > > > >Cloudera Manager descriptors in ... > > > > > > > > > > > > > > > > On Thu, Apr 16, 2020 at 10:47 AM Sandor Molnar > > > > > > > > wrote: > > > > > > > > > Hi folks, > > > > > > > > > > Here is my +1 for RC1 of Knox 1.4. > > > > > I verified the updated signatures and ran some basic tests > (including > > > > some > > > > > of the new features) using the downloaded product. > > > > > > > > > > Cheers, > > > > > Sandor > > > > > > > > > > On Thu, Apr 16, 2020 at 4:29 PM larry mccay > > wrote: > > > > > > > > > > > Sorry about that folks - I've corrected the signatures now. > > > > > > Please feel free to check now. > > > > > > > > > > > > --larry > > > > > > > > > > > > On Thu, Apr 16, 2020 at 7:09 AM Sandeep Moré < > > moresand...@gmail.com> > > > > > > wrote: > > > > > > > > > > > > > I am getting the same error as well, looks like the key used to > > > sign > > > > > the > > > > > > > release has changed. > > > > > > > It also appears that we do not have the tar.gz file for > > > > knox-1.4.0-src > > > > > > > (i.e. knox-1.4.0-src.tar.gz) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *gpg --list-keys | grep -B 2 Larrypub rsa4096 2013-10-08 [SC] > > > > > > > CB951DC938391FE207682BB582F9C371587C089Buid [ > unknown] > > > > Larry > > > > > > > McCay (CODE SIGNING KEY) > > > >>--pub > > > > > > > rsa4096 2014-06-16 [SCEA] [revoked: 2016-08-16] > > > > > > > E633929ED2B59AE4D37C9B4A9F6D85AC587C089Buid [ > revoked] > > > > Larry > > > > > > > McCay (CODE SIGNING KEY) > >>* > > > > > > > > > > > > > > > > > > > > > On Thu, Apr 16, 2020 at 6:49 AM Sandor Molnar > > > > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > Thank you, Larry, for preparing the new release! > > > > > > > > > > > > > > > > I tried to verify the signature of knox-1.4.0.zip using GPG > but > > > > > > > > verification failed for me with the following error: > > > > > > > > > > > > > > > >
