KNOX-1637 - ant verify-stage should check knoxshell artifacts
Signed-off-by: Kevin Risden <krisden@apache.org>
diff --git a/CHANGES b/CHANGES
index c343635b..9e5e13d 100644
--- a/CHANGES
+++ b/CHANGES
@@ -170,6 +170,7 @@
* [KNOX-1542] - Upgrade to EasyMock 4.0.1
* [KNOX-1543] - Update documentation for KNOX-1531
* [KNOX-1622] - Enable the secure processing feature on all XPathFactory instances
+ * [KNOX-1637] - ant verify-stage should check knoxshell artifacts
------------------------------------------------------------------------------
Release Notes - Apache Knox - Version 1.1.0
diff --git a/build.xml b/build.xml
index b031010..aa4d2f4 100644
--- a/build.xml
+++ b/build.xml
@@ -221,9 +221,9 @@
<arg value="--verify"/>
<arg value="${gateway-artifact}-${gateway-version}.zip.asc"/>
</exec>
- <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-256" verifyproperty="zip.sha256.ok"/>
+ <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-256" fileext=".sha256" verifyproperty="zip.sha256.ok"/>
<fail message="SHA-256 Invalid"><condition><isfalse value="${zip.sha256.ok}"/></condition></fail>
- <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-512" verifyproperty="zip.sha512.ok"/>
+ <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.zip" algorithm="SHA-512" fileext=".sha512" verifyproperty="zip.sha512.ok"/>
<fail message="SHA-512 Invalid"><condition><isfalse value="${zip.sha512.ok}"/></condition></fail>
<echo>Verify ${gateway-artifact}-${gateway-version}-src.zip</echo>
@@ -231,9 +231,9 @@
<arg value="--verify"/>
<arg value="${gateway-artifact}-${gateway-version}-src.zip.asc"/>
</exec>
- <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-256" verifyproperty="src.sha256.ok"/>
+ <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-256" fileext=".sha256" verifyproperty="src.sha256.ok"/>
<fail message="SHA-256 Invalid"><condition><isfalse value="${src.sha256.ok}"/></condition></fail>
- <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-512" verifyproperty="src.sha512.ok"/>
+ <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}-src.zip" algorithm="SHA-512" fileext=".sha512" verifyproperty="src.sha512.ok"/>
<fail message="SHA-512 Invalid"><condition><isfalse value="${src.sha512.ok}"/></condition></fail>
<echo>Verify ${gateway-artifact}-${gateway-version}.tar.gz</echo>
@@ -241,10 +241,30 @@
<arg value="--verify"/>
<arg value="${gateway-artifact}-${gateway-version}.tar.gz.asc"/>
</exec>
- <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-256" verifyproperty="tar.sha256.ok"/>
+ <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-256" fileext=".sha256" verifyproperty="tar.sha256.ok"/>
<fail message="SHA-256 Invalid"><condition><isfalse value="${tar.sha256.ok}"/></condition></fail>
- <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-512" verifyproperty="tar.sha512.ok"/>
+ <checksum file="${install.dir}/${gateway-artifact}-${gateway-version}.tar.gz" algorithm="SHA-512" fileext=".sha512" verifyproperty="tar.sha512.ok"/>
<fail message="SHA-512 Invalid"><condition><isfalse value="${tar.sha512.ok}"/></condition></fail>
+
+ <echo>Verify ${knoxshell-artifact}-${gateway-version}.zip</echo>
+ <exec executable="gpg" dir="${install.dir}" failonerror="true">
+ <arg value="--verify"/>
+ <arg value="${knoxshell-artifact}-${gateway-version}.zip.asc"/>
+ </exec>
+ <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.zip" algorithm="SHA-256" fileext=".sha256" verifyproperty="knoxshell.zip.sha256.ok"/>
+ <fail message="SHA-256 Invalid"><condition><isfalse value="${knoxshell.zip.sha256.ok}"/></condition></fail>
+ <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.zip" algorithm="SHA-512" fileext=".sha512" verifyproperty="knoxshell.zip.sha512.ok"/>
+ <fail message="SHA-512 Invalid"><condition><isfalse value="${knoxshell.zip.sha512.ok}"/></condition></fail>
+
+ <echo>Verify ${knoxshell-artifact}-${gateway-version}.tar.gz</echo>
+ <exec executable="gpg" dir="${install.dir}" failonerror="true">
+ <arg value="--verify"/>
+ <arg value="${knoxshell-artifact}-${gateway-version}.tar.gz.asc"/>
+ </exec>
+ <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.tar.gz" algorithm="SHA-256" fileext=".sha256" verifyproperty="knoxshell.tar.sha256.ok"/>
+ <fail message="SHA-256 Invalid"><condition><isfalse value="${knoxshell.tar.sha256.ok}"/></condition></fail>
+ <checksum file="${install.dir}/${knoxshell-artifact}-${gateway-version}.tar.gz" algorithm="SHA-512" fileext=".sha512" verifyproperty="knoxshell.tar.sha512.ok"/>
+ <fail message="SHA-512 Invalid"><condition><isfalse value="${knoxshell.tar.sha512.ok}"/></condition></fail>
</target>
<target name="sign-candidate" depends="_init,_passphrase" description="Sign a downloaded created release.">
