tl;dr: (1) Attached script to generate KEYS (I'll be happy to provide the generated KEYS by request) (2) dsahlberg, futatuki, jun66j5, kfogel: it can't find your key
Replies and details inline below... On Thu, Mar 31, 2022 at 7:48 PM Daniel Shahaf <d...@daniel.shahaf.name> wrote: > > Mark Phippard wrote on Wed, Mar 30, 2022 at 08:01:32 -0400: > > I am still a little unsure what to do about the KEYS file when we > > produce this release. Okay, so https://downloads.apache.org/subversion/ has the file KEYS, which is a bit outdated (last modified 2020-07-03). There's also subversion-${VERSION}.KEYS as danielsh explains in [1]. More below... > > Our release.py script no longer works for whatever it used to do and > > throws an error. I do not know if more errors will happen when I get > > to the steps of publishing the release to /dist later on. > > > > I just updated my Apache LDAP with the fingerprint of my new key I > > will use to sign the release. > > > > Is there anything here we can leverage? > > > > https://people.apache.org/keys/ danielsh wrote: > I did post just a few days ago > (<https://mail-archives.apache.org/mod_mbox/subversion-dev/202203.mbox/%3C20220323035056.GY7687%40tarpaulin.shahaf.local2%3E>) > a piece of code that assembles a KEYS-like file from this URL… So I took the above-mentioned "piece of code" and expanded it into a script, attached as make-keys.sh.txt. Improvements welcome. When I ran this script (just now): [[[ svn-trunk$ ../make-keys.sh Fetching https://people.apache.org/keys/committer/jimb.asc... MISSING Fetching https://people.apache.org/keys/committer/sussman.asc... MISSING Fetching https://people.apache.org/keys/committer/kfogel.asc... MISSING Fetching https://people.apache.org/keys/committer/gstein.asc... OK Fetching https://people.apache.org/keys/committer/brane.asc... OK Fetching https://people.apache.org/keys/committer/jorton.asc... MISSING Fetching https://people.apache.org/keys/committer/ghudson.asc... MISSING Fetching https://people.apache.org/keys/committer/fitz.asc... OK Fetching https://people.apache.org/keys/committer/daniel.asc... MISSING Fetching https://people.apache.org/keys/committer/cmpilato.asc... OK Fetching https://people.apache.org/keys/committer/philip.asc... OK Fetching https://people.apache.org/keys/committer/jerenkrantz.asc... MISSING Fetching https://people.apache.org/keys/committer/rooneg.asc... MISSING Fetching https://people.apache.org/keys/committer/blair.asc... MISSING Fetching https://people.apache.org/keys/committer/striker.asc... OK Fetching https://people.apache.org/keys/committer/dlr.asc... MISSING Fetching https://people.apache.org/keys/committer/mbk.asc... MISSING Fetching https://people.apache.org/keys/committer/jaa.asc... MISSING Fetching https://people.apache.org/keys/committer/julianfoad.asc... OK Fetching https://people.apache.org/keys/committer/jszakmeister.asc... MISSING Fetching https://people.apache.org/keys/committer/ehu.asc... MISSING Fetching https://people.apache.org/keys/committer/breser.asc... OK Fetching https://people.apache.org/keys/committer/maxb.asc... OK Fetching https://people.apache.org/keys/committer/dberlin.asc... MISSING Fetching https://people.apache.org/keys/committer/danderson.asc... MISSING Fetching https://people.apache.org/keys/committer/djames.asc... MISSING Fetching https://people.apache.org/keys/committer/pburba.asc... OK Fetching https://people.apache.org/keys/committer/glasser.asc... MISSING Fetching https://people.apache.org/keys/committer/lgo.asc... OK Fetching https://people.apache.org/keys/committer/hwright.asc... OK Fetching https://people.apache.org/keys/committer/vgeorgescu.asc... MISSING Fetching https://people.apache.org/keys/committer/kameshj.asc... MISSING Fetching https://people.apache.org/keys/committer/markphip.asc... OK Fetching https://people.apache.org/keys/committer/arfrever.asc... MISSING Fetching https://people.apache.org/keys/committer/stsp.asc... OK Fetching https://people.apache.org/keys/committer/kou.asc... OK Fetching https://people.apache.org/keys/committer/danielsh.asc... OK Fetching https://people.apache.org/keys/committer/peters.asc... MISSING Fetching https://people.apache.org/keys/committer/rhuijben.asc... OK Fetching https://people.apache.org/keys/committer/stylesen.asc... OK Fetching https://people.apache.org/keys/committer/steveking.asc... MISSING Fetching https://people.apache.org/keys/committer/neels.asc... OK Fetching https://people.apache.org/keys/committer/jwhitlock.asc... MISSING Fetching https://people.apache.org/keys/committer/sbutler.asc... MISSING Fetching https://people.apache.org/keys/committer/dannas.asc... MISSING Fetching https://people.apache.org/keys/committer/stefan2.asc... OK Fetching https://people.apache.org/keys/committer/jcorvel.asc... OK Fetching https://people.apache.org/keys/committer/trent.asc... MISSING Fetching https://people.apache.org/keys/committer/kotkov.asc... OK Fetching https://people.apache.org/keys/committer/astieger.asc... OK Fetching https://people.apache.org/keys/committer/jamessan.asc... OK Fetching https://people.apache.org/keys/committer/luke1410.asc... OK Fetching https://people.apache.org/keys/committer/troycurtisjr.asc... OK Fetching https://people.apache.org/keys/committer/hartmannathan.asc... OK Fetching https://people.apache.org/keys/committer/futatuki.asc... MISSING Fetching https://people.apache.org/keys/committer/jun66j5.asc... MISSING Fetching https://people.apache.org/keys/committer/dsahlberg.asc... MISSING ]]] As you can see, the keys are MISSING for the following committers who are participating in this release: dsahlberg, futatuki, jun66j5, kfogel Not sure what's going on... perhaps they should check and/or update id.apache.org? Or upload their keys to a keyserver? Or is the above committers directory out-of-date? I'm not sure. Mark wrote: > > Maybe someone can manually generate a KEYS file and send it to me to > > include in the release? I imagine if I drop it in the folder with the > > tarballs after I produce them the process will think that it is the > > one it expects to have. > > > > Mark Let me know if you'd like me to email you the KEYS file generated by the attached script... The file is approx 1 MB in size. Alternatively... If you run the script yourself, I recommend to run it in an up-to-date checkout of trunk, since COMMITTERS of branches/1.14.x and branches/1.10.x do not contain some of the newer full committers. References: [1] The dev@ thread "Re: Questions on Release Management Process" on 22 Mar 2022, archived: https://lists.apache.org/thread/sw2og65pxy3qj6cvogqnn3kj7rmmzdv3 or: https://mail-archives.apache.org/mod_mbox/subversion-dev/202203.mbox/%3C20220323035056.GY7687%40tarpaulin.shahaf.local2%3E Cheers, Nathan
#!/bin/sh # Script to construct a KEYS file by fetching public keys of full # committers as listed in the COMMITTERS file from people.apache.org. # # Based on "a piece of code" posted by danielsh on 22 Mar 2022 in the # thread "Questions on Release Management Process": # https://mail-archives.apache.org/mod_mbox/subversion-dev/202203.mbox/%3C20220323035056.GY7687%40tarpaulin.shahaf.local2%3E # # Run in the top directory of a checkout of SVN's sources, where the # COMMITTERS file is located. # # This will download a bunch of .asc files and then cat them together # to form a KEYS file. # # Requires curl. (Could be reworked to use wget, too, I suppose.) if [ ! -f COMMITTERS ]; then echo "COMMITTERS file not found." exit 1 fi for availid in $( perl -anE 'say $F[0] if (/^Blanket/../END ACTIVE FULL.*SCRIPTS LOOK FOR IT/ and /@/)' < COMMITTERS ) do key_url=https://people.apache.org/keys/committer/${availid}.asc echo -n "Fetching ${key_url}..." curl -sSfO ${key_url} 2> /dev/null if [ $? -eq 0 ]; then echo " OK" else echo " MISSING" fi done cat *.asc > KEYS
