[jira] [Updated] (FLINK-25682) Check in script to verify cheksums and signatures for Apache Flink Releases

Wed, 02 Mar 2022 04:52:06 -0800 


     [ 
https://issues.apache.org/jira/browse/FLINK-25682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Konstantin Knauf updated FLINK-25682:
-------------------------------------
    Description: 
For each flink, flink-shaded and flink-ml release, multiple community memebers 
usually check the correctness of signatures and checksums. I propose to check 
in a script for this purpose.

What the script should do:
 * Verify Signatures for Java & Python Binaries and Maven Artifacts
 * Verify Checksums (MD5 & SHA1/512) for Java & Python Binaries

Where should this script be located:
 * flink: [https://github.com/apache/flink/tree/master/tools/releasing]
 * flink-shaded: 
[https://github.com/apache/flink-shaded/tree/master/tools/releasing]
 * flink-ml: [https://github.com/apache/flink-ml/tree/master/tools/releasing]

  was:
For each flink, flink-shaded and flink-ml release, multiple community memebers 
usually check the correctness of signatures and checksums. I propose to check 
in a script for this purpose. 

What the script should do:

* Verify Signatures for Java & Python Binaries and Maven Artifacts
* Verify Checksums (MD5 & SHA1/512) for Java & Python Binaries and Maven 
Artifacts

Where should this script be located: 
* flink: https://github.com/apache/flink/tree/master/tools/releasing
* flink-shaded: 
https://github.com/apache/flink-shaded/tree/master/tools/releasing
* flink-ml: https://github.com/apache/flink-ml/tree/master/tools/releasing


> Check in script to verify cheksums and signatures for Apache Flink Releases
> ---------------------------------------------------------------------------
>
>                 Key: FLINK-25682
>                 URL: https://issues.apache.org/jira/browse/FLINK-25682
>             Project: Flink
>          Issue Type: Improvement
>          Components: Build System
>            Reporter: Konstantin Knauf
>            Assignee: Konstantin Knauf
>            Priority: Major
>
> For each flink, flink-shaded and flink-ml release, multiple community 
> memebers usually check the correctness of signatures and checksums. I propose 
> to check in a script for this purpose.
> What the script should do:
>  * Verify Signatures for Java & Python Binaries and Maven Artifacts
>  * Verify Checksums (MD5 & SHA1/512) for Java & Python Binaries
> Where should this script be located:
>  * flink: [https://github.com/apache/flink/tree/master/tools/releasing]
>  * flink-shaded: 
> [https://github.com/apache/flink-shaded/tree/master/tools/releasing]
>  * flink-ml: [https://github.com/apache/flink-ml/tree/master/tools/releasing]



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

Reply via email to