For the signature issue, I think we should use this keys https://dist.apache.org/repos/dist/dev/pulsar/KEYS
I updated the Pulsar release process https://github.com/apache/pulsar/wiki/Release-process#8-run-the-vote The keys in the file https://dist.apache.org/repos/dist/release/pulsar/KEYS are the PMC keys. They have permission to promote a candidate release to a stable release. For the docker image build, it's might an issue but it's not a block for releasing 2.7.1. As you see in the release process. We usually build an image from the GitHub repository, not the source tarball. On Tue, 9 Mar 2021 at 15:36, Enrico Olivelli <eolive...@gmail.com> wrote: > Yong, > I cannot build the docker image from the sources extracted by the > source tarball. > > This is probably a big issue, because as I cannot build the docker > image I cannot run tests on downstream applications. > > I am not sure this was possible with 2.7.0, so I don't know if this is > a blocker for the release > > What can we do in order to test the docker image ? > > Enrico > > > > Executing command line: > > [/Users/enrico.olivelli/Downloads/pulsar271/pulsar-2.7.1-candidate-1/apache-pulsar-2.7.1/docker/pulsar/../../pulsar-client-cpp/docker/build-wheels.sh, > 3.7 cp37-cp37m] > > fatal: not a git repository (or any of the parent directories): .git > > [INFO] --- exec-maven-plugin:1.6.0:exec > (build-pulsar-clients-python-35) @ pulsar-docker-image --- > > fatal: not a git repository (or any of the parent directories): .git > > [ERROR] Command execution failed. > > org.apache.commons.exec.ExecuteException: Process exited with an > error: 128 (Exit value: 128) > > at org.apache.commons.exec.DefaultExecutor.executeInternal > (DefaultExecutor.java:404) > > at org.apache.commons.exec.DefaultExecutor.execute > (DefaultExecutor.java:166) > > at org.codehaus.mojo.exec.ExecMojo.executeCommandLine > (ExecMojo.java:804) > > at org.codehaus.mojo.exec.ExecMojo.executeCommandLine > (ExecMojo.java:751) > > at org.codehaus.mojo.exec.ExecMojo.execute (ExecMojo.java:313) > > at org.apache.maven.plugin.DefaultBuildPluginManager.executeMojo > (DefaultBuildPluginManager.java:137) > > at org.apache.maven.lifecycle.internal.MojoExecutor.execute > (MojoExecutor.java:210) > > at org.apache.maven.lifecycle.internal.MojoExecutor.execute > (MojoExecutor.java:156) > > at org.apache.maven.lifecycle.internal.MojoExecutor.execute > (MojoExecutor.java:148) > > at > org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject > (LifecycleModuleBuilder.java:117) > > at > org.apache.maven.lifecycle.internal.LifecycleModuleBuilder.buildProject > (LifecycleModuleBuilder.java:81) > > at > org.apache.maven.lifecycle.internal.builder.singlethreaded.SingleThreadedBuilder.build > (SingleThreadedBuilder.java:56) > > at org.apache.maven.lifecycle.internal.LifecycleStarter.execute > (LifecycleStarter.java:128) > > at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:305) > > at org.apache.maven.DefaultMaven.doExecute (DefaultMaven.java:192) > > at org.apache.maven.DefaultMaven.execute (DefaultMaven.java:105) > > at org.apache.maven.cli.MavenCli.execute (MavenCli.java:957) > > at org.apache.maven.cli.MavenCli.doMain (MavenCli.java:289) > > at org.apache.maven.cli.MavenCli.main (MavenCli.java:193) > > at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native > Method) > > at jdk.internal.reflect.NativeMethodAccessorImpl.invoke > (NativeMethodAccessorImpl.java:62) > > at jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke > (DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke (Method.java:566) > > at org.codehaus.plexus.classworlds.launcher.Launcher.launchEnhanced > (Launcher.java:282) > > at org.codehaus.plexus.classworlds.launcher.Launcher.launch > (Launcher.java:225) > > at org.codehaus.plexus.classworlds.launcher.Launcher.mainWithExitCode > (Launcher.java:406) > > at org.codehaus.plexus.classworlds.launcher.Launcher.main > (Launcher.java:347) > > Il giorno mar 9 mar 2021 alle ore 08:04 Enrico Olivelli > <eolive...@gmail.com> ha scritto: > > > > Yong, > > I cannot find your signature at > > https://dist.apache.org/repos/dist/release/pulsar/KEYS > > > > can you please add yourself ? > > otherwise I cannot validate the digital signatures of the artifacts > > > > Thanks > > Enrico > > > > Il giorno lun 8 mar 2021 alle ore 05:41 Yong Zhang <y...@apache.org> ha > scritto: > > > > > > Hi all. > > > > > > This is the first release candidate for Apache Pulsar, version 2.X.0. > > > > > > It fixes the following issues: > > > > https://github.com/apache/pulsar/pulls?page=1&q=is%3Apr+label%3Arelease%2F2.7.1+is%3Aclosed+-label%3Acomponent%2Fdocumentation > > > > > > *** Please download, test and vote on this release. This vote will > stay open > > > for at least 72 hours *** > > > > > > Note that we are voting upon the source (tag), binaries are provided > for > > > convenience. > > > > > > Source and binary files: > > > > https://dist.apache.org/repos/dist/dev/pulsar/pulsar-2.7.1-candidate-1/ > > > > > > SHA-1 checksums: > > > > > > 8534bcac8cdc4cd54b99d721fac6e7b3abe4b9a2 > apache-pulsar-2.7.1-bin.tar.gz > > > a4c2f74481d066cb51822d9d54fc59e18033c773 > apache-pulsar-2.7.1-src.tar.gz > > > > > > Maven staging repo: > > > > https://repository.apache.org/content/repositories/orgapachepulsar-1079 > > > > > > The tag to be voted upon: > > > v2.7.1-candidate-1 (8ea4a39dc8bf6f2f23a160688bb70a80f6acfd4d) > > > https://github.com/apache/pulsar/releases/tag/v2.7.1-candidate-1 > > > > > > Pulsar's KEYS file containing PGP keys we use to sign the release: > > > https://dist.apache.org/repos/dist/release/pulsar/KEYS > > > > > > Please download the the source package, and follow the README to build > > > and run the Pulsar standalone service. >
