| <!DOCTYPE html> |
| <html lang="en"> |
| <head> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one or more |
| contributor license agreements. See the NOTICE file distributed with |
| this work for additional information regarding copyright ownership. |
| The ASF licenses this file to You under the Apache License, Version 2.0 |
| (the "License"); you may not use this file except in compliance with |
| the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| <meta charset="utf-8"> |
| <meta http-equiv="X-UA-Compatible" content="IE=edge"> |
| <meta name="viewport" content="width=device-width, initial-scale=1"> |
| <link href="/css/bootstrap.min.css" rel="stylesheet"> |
| <link href="/css/bootstrap-theme.min.css" rel="stylesheet"> |
| <link href="/css/dataTables.bootstrap.css" rel="stylesheet"> |
| <link href="/css/pirk.css" rel="stylesheet" type="text/css"> |
| <link href="//netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css" rel="stylesheet"> |
| |
| <title>Verifying a Release</title> |
| |
| <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script> |
| <script src="/js/bootstrap.min.js"></script> |
| <script src="/js/jquery.dataTables.min.js"></script> |
| <script src="/js/dataTables.bootstrap.js"></script> |
| <script> |
| // show location of canonical site if not currently on the canonical site |
| $(function() { |
| var host = window.location.host; |
| if (typeof host !== 'undefined' && host !== 'pirk.incubator.apache.org') { |
| $('#non-canonical').show(); |
| } |
| }); |
| |
| |
| // decorate menu with currently navigated page |
| $(function() { |
| $("#nav_verify_release").addClass("active"); |
| }); |
| |
| |
| $(function() { |
| // decorate section headers with anchors |
| return $("h2, h3, h4, h5, h6").each(function(i, el) { |
| var $el, icon, id; |
| $el = $(el); |
| id = $el.attr('id'); |
| icon = '<i class="fa fa-link"></i>'; |
| if (id) { |
| return $el.append($("<a />").addClass("header-link").attr("href", "#" + id).html(icon)); |
| } |
| }); |
| }); |
| |
| // configure Google Analytics |
| (function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){ |
| (i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o), |
| m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m) |
| })(window,document,'script','https://www.google-analytics.com/analytics.js','ga'); |
| |
| ga('create', 'UA-81114308-1', 'auto'); |
| ga('send', 'pageview'); |
| |
| </script> |
| </head> |
| <body style="padding-top: 100px"> |
| |
| <nav class="navbar navbar-default navbar-fixed-top"> |
| <div class="container-fluid"> |
| <div class="navbar-header"> |
| <button type="button" class="navbar-toggle" data-toggle="collapse" data-target="#navbar-items"> |
| <span class="sr-only">Toggle navigation</span> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| <span class="icon-bar"></span> |
| </button> |
| <a href="/"><img id="nav-logo" alt="Apache Pirk" class="img-responsive" src="/images/pirkImage.png" width="150"/></a> |
| </div> |
| <div class="collapse navbar-collapse" id="navbar-items"> |
| <ul class="nav navbar-nav"> |
| <li class="nav-link"><a href="/downloads">Download</a></li> |
| <li class="dropdown"> |
| <a class="dropdown-toggle" data-toggle="dropdown" href="#">Documentation<span class="caret"></span></a> |
| <ul class="dropdown-menu"> |
| <li id="nav_users"><a href="/for_users">For Users</a></li> |
| <li id="nav_developers"><a href="/for_developers">For Developers</a></li> |
| <li id="nav_developers"><a href="/cloud_instructions">Cloud instructions</a></li> |
| <li id="nav_papers"><a href="/papers">Papers & Presentations</a></li> |
| <li class="nav_faq"><a href="/faq">FAQ</a></li> |
| <li class="divider"></li> |
| <li><a href="/javadocs">Javadocs</a></li> |
| </ul> |
| </li> |
| <li class="dropdown"> |
| <a class="dropdown-toggle" data-toggle="dropdown" href="#">Community<span class="caret"></span></a> |
| <ul class="dropdown-menu"> |
| <li id="nav_getinvolvedpirk"><a href="/get_involved_pirk">Get Involved</a></li> |
| <li id="nav_listspirk"><a href="/mailing_list_pirk">Mailing Lists</a></li> |
| <li id="nav_peoplepirk"><a href="/people_pirk">People</a></li> |
| </ul> |
| </li> |
| <li class="dropdown"> |
| <a class="dropdown-toggle" data-toggle="dropdown" href="#">Development<span class="caret"></span></a> |
| <ul class="dropdown-menu"> |
| <li id="nav_releasing"><a href="/how_to_contribute">How to Contribute</a></li> |
| <li id="nav_releasing"><a href="/releasing">Making Releases</a></li> |
| <li id="nav_nav_verify_release"><a href="/verifying_releases">Verifying Releases</a></li> |
| <li id="nav_update_website"><a href="/website_updates">Website Updates</a></li> |
| <hr> |
| <li><a href="https://issues.apache.org/jira/browse/PIRK ">Issue Tracker/JIRA <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://builds.apache.org/job/pirk/">Jenkins Builds <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://travis-ci.org/apache/incubator-pirk">Travis CI Builds <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://github.com/apache/incubator-pirk"> Pirk Github Mirror <i class="fa fa-external-link"></i></a></li> |
| </ul> |
| </li> |
| <li class="nav-link"><a href="/roadmap">Roadmap</a></li> |
| <ul class="nav navbar-nav navbar-right"> |
| <li class="dropdown"> |
| <a class="dropdown-toggle" data-toggle="dropdown" href="#">Apache Software Foundation<span class="caret"></span></a> |
| <ul class="dropdown-menu"> |
| <li><a href="https://www.apache.org">Apache Homepage <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://www.apache.org/licenses/LICENSE-2.0">License <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://www.apache.org/foundation/sponsorship">Sponsorship <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://www.apache.org/security">Security <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://www.apache.org/foundation/thanks">Thanks <i class="fa fa-external-link"></i></a></li> |
| <li><a href="https://www.apache.org/foundation/policies/conduct">Code of Conduct <i class="fa fa-external-link"></i></a></li> |
| </ul> |
| </li> |
| </ul> |
| </ul> |
| </div> |
| </div> |
| </nav> |
| |
| |
| <div class="container"> |
| <div class="row"> |
| <div class="col-md-12"> |
| <div id="content"> |
| |
| <h1 class="title">Verifying a Release</h1> |
| |
| <p>This guide for the verification of a release candidate is meant to encapsulate |
| the requirements of the PMC set forth by the ASF.</p> |
| |
| <p>Verification of a release candidate can be broken down into three categories.</p> |
| |
| <h2 id="pirk-correctness">Pirk Correctness</h2> |
| |
| <p>Pirk contains unit and integration tests which can be automatically run via Maven. These tests can be invoked by issues the following commands:</p> |
| |
| <div class="highlighter-rouge"><pre class="highlight"><code>$ mvn verify |
| </code></pre> |
| </div> |
| |
| <p>Additionally, Pirk contains multiple distributed tests which must be run and must pass on a live cluster:</p> |
| |
| <div class="highlighter-rouge"><pre class="highlight"><code>hadoop jar <pirkJar> org.apache.pirk.test.distributed.DistributedTestDriver -j <full path to pirkJar> |
| </code></pre> |
| </div> |
| |
| <h2 id="foundation-level-requirements">Foundation Level Requirements</h2> |
| |
| <p>The ASF requires that all artifacts in a release are cryptographically signed and distributed with hashes.</p> |
| |
| <p>OpenPGP is an asymmetric encryption scheme which lends itself well to the globally distributed nature of Apache. |
| Verification of a release artifact can be done using the signature and the release-maker’s public key. Hashes |
| can be verified using the appropriate command (e.g. <code class="highlighter-rouge">sha1sum</code>, <code class="highlighter-rouge">md5sum</code>).</p> |
| |
| <p>An Apache release must contain a source-only artifact. This is the official release artifact. While a release of |
| an Apache project can contain other artifacts that do contain binary files. These non-source artifacts are for |
| user convenience only, but still must adhere to the same licensing rules.</p> |
| |
| <p>PMC members should take steps to verify that the source-only artifact does not contain any binary files. There is |
| some leeway in this rule. For example, test-only binary artifacts (such as test files or jars) are acceptable as long |
| as they are only used for testing the software and not running it.</p> |
| |
| <p>The following are the aforementioned Foundation-level documents provided for reference:</p> |
| |
| <ul> |
| <li><a href="https://www.apache.org/dev/apply-license">Applying the Apache Software License</a></li> |
| <li><a href="https://www.apache.org/legal/src-headers">Legal’s license application guidelines</a></li> |
| <li><a href="https://www.apache.org/legal/resolved">Common legal-discuss mailing list questions/resolutions</a></li> |
| <li><a href="https://www.apache.org/legal">ASF Legal Affairs Page</a></li> |
| </ul> |
| |
| <h2 id="apache-software-license-application">Apache Software License Application</h2> |
| |
| <p>Application of the Apache Software License v2 consists of the following steps on each artifact in a release. It’s |
| important to remember that for artifacts that contain other artifacts (e.g. a tarball that contains JAR files or |
| an RPM which contains JAR files), both the tarball, RPM and JAR files are subject to the following roles.</p> |
| |
| <p>The difficulty in verifying each artifact is that, often times, each artifact requires a different LICENSE and NOTICE |
| file.</p> |
| |
| <h3 id="license-file">LICENSE file</h3> |
| |
| <p>The LICENSE file should be present at the top-level of the artifact. This file should be explicitly named <code class="highlighter-rouge">LICENSE</code>, |
| however <code class="highlighter-rouge">LICENSE.txt</code> is acceptable but not preferred. This file contains the text of the Apache Software License |
| at the top of the file. At the bottom of the file, all other open source licenses <em>contained in the given |
| artifact</em> must be listed at the bottom of the LICENSE file. Contained components that are licensed with the ASL themselves |
| do not need to be included in this file. It is common to see inclusions in file such as the MIT License of 3-clause |
| BSD License.</p> |
| |
| <h3 id="notice-file">NOTICE file</h3> |
| |
| <p>The NOTICE file should be present at the top-level of the artifact beside the LICENSE file. This file should be explicitly |
| name <code class="highlighter-rouge">NOTICE</code>, while <code class="highlighter-rouge">NOTICE.txt</code> is also acceptable but not preferred. This file contains the copyright notice for |
| the artifact being released. As a reminder, the copyright is held by the Apache Software Foundation, not the individual |
| project.</p> |
| |
| <p>The second purpose this file serves is to distribute third-party notices from dependent software. Specifically, other code |
| which is licensed with the ASLv2 may also contain a NOTICE file. If such an artifact which contains a NOTICE file is |
| contained in artifact being verified for releases, the contents of the contained artifact’s NOTICE file should be appended |
| to this artifact’s NOTICE file.</p> |
| |
| |
| </div> |
| |
| |
| <footer> |
| |
| <p><a href="https://www.apache.org"><img src="/images/feather-small.gif" alt="Apache Software Foundation" id="asf-logo" height="100" /></a></p> |
| |
| <p>Copyright © 2016-2016 The Apache Software Foundation. Licensed under the <a href="https://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> |
| |
| </footer> |
| |
| |
| </div> |
| </div> |
| </div> |
| </body> |
| </html> |