GPG and Maven, JDK 7 is mandatory for verification.
brew install gpg gpg-agent pinentry-mac brew install maven brew install md5sha1sum
# Download GPG KEYS wget https://dist.apache.org/repos/dist/dev/incubator/hivemall/KEYS # import KEYS for GPG verification gpg --import KEYS
VERSION=0.5.0 RC_NUMBER=3 wget -e robots=off --no-check-certificate \ -r -np --reject=html,txt,tmp -nH --cut-dirs=5 \ https://dist.apache.org/repos/dist/dev/incubator/hivemall/${VERSION}-incubating-rc${RC_NUMBER}/
cd ${VERSION}-incubating-rc${RC_NUMBER}/ for f in `find . -type f -iname '*.sha1'`; do echo -n "Verifying ${f%.*} ... " sha1sum ${f%.*} | cut -f1 -d' ' | diff -Bw - ${f} if [ $? -eq 0 ]; then echo 'Valid' else echo "SHA1 is Invalid: ${f}" >&2 exit 1 fi done echo for f in `find . -type f -iname '*.md5'`; do echo -n "Verifying ${f%.*} ... " md5sum ${f%.*} | cut -f1 -d' ' | diff -Bw - ${f} if [ $? -eq 0 ]; then echo 'Valid' else echo "MD5 is Invalid: ${f%.*}" >&2 exit 1 fi done echo for f in `find . -type f -iname '*.asc'`; do gpg --verify ${f} if [ $? -eq 0 ]; then echo "GPG signature is correct: ${f%.*}" else echo "GPG signature is Invalid: ${f%.*}" >&2 exit 1 fi echo done
unzip hivemall-${VERSION}-incubating-source-release.zip cd hivemall-${VERSION}-incubating # workaround for Maven sign-release-artifacts plugin export GPG_TTY=$(tty) # JDK 7 is required for packaging export JAVA_HOME=`/usr/libexec/java_home -v 1.7` # Java 8 is required for building Spark 2.2 module export JAVA8_HOME=`/usr/libexec/java_home -v 1.8` # Try to create artifacts export MAVEN_OPTS=-XX:MaxPermSize=256m # Try to create artifacts # RAT license check and unit tests will be issued mvn -Papache-release clean install # Verify Signatures of Release Artifacts cd target/ for file in `find . -type f -iname '*.asc'`; do gpg --verify ${file} done