hi Kou, Sorry for not responding earlier on the JIRA about this.
My understanding is that these package artifacts should be signed by a PMC, and made available initially through the ASF's mirror system, e.g. https://www.apache.org/dyn/closer.cgi/arrow/arrow-0.5.0/ For example, I have been signing the source releases with my PGP key. They can be uploaded to other apt/yum repositories after the fact. It would be great if we could automate the process sufficiently so that these artifacts can be easily generated by the release manager. If any others have prior experience creating Linux packages in Apache projects, I would be interested to hear any more details. As an example, Apache Kudu makes source releases only and then Cloudera separately provides a Linux package repository http://kudu.apache.org/docs/installation.html#install_packages. - Wes On Mon, Aug 14, 2017 at 8:32 PM, Kouhei Sutou <k...@clear-code.com> wrote: > Hi, > > I want to provide the "official" APT and Yum repositories > for Apache Arrow C++ and GLib. They'll be useful for > GNU/Linux users including me. > > I already pushed .deb and .rpm build scripts to arrow-dist > repository: > https://github.com/apache/arrow-dist/tree/master/cpp-linux > > Next, I want to publish the .deb and .rpm as APT and Yum > repositories for easy to install. > > I want to know the following information to prepare APT and > Yum repositories: > > * PGP key to sign .deb and .rpm > * .deb and .rpm upload location > > If you know the information, please share the information. > > I created an issue for this on JIRA: > https://issues.apache.org/jira/browse/ARROW-1349 > > > Thanks, > -- > kou
