"use strict";(self.webpackChunkopendal_website=self.webpackChunkopendal_website||[]).push([[5384],{884:(e,n,t)=>{t.r(n),t.d(n,{assets:()=>l,contentTitle:()=>a,default:()=>h,frontMatter:()=>o,metadata:()=>s,toc:()=>d});const s=JSON.parse('{"id":"release/reference/setup_gpg","title":"Setup GPG key","description":"This section is a brief from the Cryptography with OpenPGP guideline.","source":"@site/community/release/reference/setup_gpg.md","sourceDirName":"release/reference","slug":"/release/reference/setup_gpg","permalink":"/community/release/reference/setup_gpg","draft":false,"unlisted":false,"editUrl":"https://github.com/apache/opendal/tree/main/website/community/release/reference/setup_gpg.md","tags":[],"version":"current","frontMatter":{"title":"Setup GPG key"},"sidebar":"docs","previous":{"title":"Generate release note","permalink":"/community/release/reference/generate_release_note"},"next":{"title":"Committers","permalink":"/community/category/committers"}}');var r=t(6070),i=t(5658);const o={title:"Setup GPG key"},a=void 0,l={},d=[{value:"Install GPG",id:"install-gpg",level:2},{value:"Generate GPG Key",id:"generate-gpg-key",level:2},{value:"Upload your key to public GPG keyserver",id:"upload-your-key-to-public-gpg-keyserver",level:2},{value:"Check whether the key is created successfully",id:"check-whether-the-key-is-created-successfully",level:2},{value:"Add your GPG public key to the KEYS document",id:"add-your-gpg-public-key-to-the-keys-document",level:2},{value:"Upload the GPG public key to your GitHub account",id:"upload-the-gpg-public-key-to-your-github-account",level:2}];function c(e){const n={a:"a",admonition:"admonition",code:"code",h2:"h2",li:"li",p:"p",pre:"pre",ul:"ul",...(0,i.R)(),...e.components};return(0,r.jsxs)(r.Fragment,{children:[(0,r.jsx)(n.admonition,{type:"note",children:(0,r.jsxs)(n.p,{children:["This section is a brief from the ",(0,r.jsx)(n.a,{href:"https://infra.apache.org/openpgp.html",children:"Cryptography with OpenPGP"})," guideline."]})}),"\n",(0,r.jsx)(n.h2,{id:"install-gpg",children:"Install GPG"}),"\n",(0,r.jsxs)(n.p,{children:["For more details, please refer to ",(0,r.jsx)(n.a,{href:"https://www.gnupg.org/download/index.html",children:"GPG official website"}),". Here shows one approach to install GPG with ",(0,r.jsx)(n.code,{children:"apt"}),":"]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-shell",children:"sudo apt install gnupg2\n"})}),"\n",(0,r.jsx)(n.h2,{id:"generate-gpg-key",children:"Generate GPG Key"}),"\n",(0,r.jsx)(n.p,{children:"Attentions:"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsx)(n.li,{children:"Name is best to keep consistent with your full name of Apache ID;"}),"\n",(0,r.jsx)(n.li,{children:"Email should be the Apache email;"}),"\n",(0,r.jsx)(n.li,{children:"Name is best to only use English to avoid garbled."}),"\n"]}),"\n",(0,r.jsxs)(n.p,{children:["Run ",(0,r.jsx)(n.code,{children:"gpg --full-gen-key"})," and complete the generation interactively:"]}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-shell",children:"gpg (GnuPG) 2.2.20; Copyright (C) 2020 Free Software Foundation, Inc.\nThis is free software: you are free to change and redistribute it.\nThere is NO WARRANTY, to the extent permitted by law.\n\nPlease select what kind of key you want:\n (1) RSA and RSA (default)\n (2) DSA and Elgamal\n (3) DSA (sign only)\n (4) RSA (sign only)\n (14) Existing key from card\nYour selection? 1 # input 1\nRSA keys may be between 1024 and 4096 bits long.\nWhat keysize do you want? (2048) 4096 # input 4096\nRequested keysize is 4096 bits\nPlease specify how long the key should be valid.\n 0 = key does not expire\n <n> = key expires in n days\n <n>w = key expires in n weeks\n <n>m = key expires in n months\n <n>y = key expires in n years\nKey is valid for? (0) 0 # input 0\nKey does not expire at all\nIs this correct? (y/N) y # input y\n\nGnuPG needs to construct a user ID to identify your key.\n\nReal name: Hulk Lin # input your name\nEmail address: hulk@apache.org # input your email\nComment: # input some annotations, optional\nYou selected this USER-ID:\n \"Hulk <hulk@apache.org>\"\n\nChange (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O # input O\nWe need to generate a lot of random bytes. It is a good idea to perform\nsome other action (type on the keyboard, move the mouse, utilize the\ndisks) during the prime generation; this gives the random number\ngenerator a better chance to gain enough entropy.\nWe need to generate a lot of random bytes. It is a good idea to perform\nsome other action (type on the keyboard, move the mouse, utilize the\ndisks) during the prime generation; this gives the random number\ngenerator a better chance to gain enough entropy.\n\n# Input the security key\n\u250c\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2510\n\u2502 Please enter this passphrase \u2502\n\u2502 \u2502\n\u2502 Passphrase: _______________________________ \u2502\n\u2502 \u2502\n\u2502 <OK> <Cancel> \u2502\n\u2514\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2500\u2518\n# key generation will be done after your inputting the key with the following output\ngpg: key E49B00F626B marked as ultimately trusted\ngpg: revocation certificate stored as '/Users/hulk/.gnupg/openpgp-revocs.d/F77B887A4F25A9468C513E9AA3008E49B00F626B.rev'\npublic and secret key created and signed.\n\npub rsa4096 2022-07-12 [SC]\n F77B887A4F25A9468C513E9AA3008E49B00F626B\nuid [ultimate] hulk <hulk@apache.org>\nsub rsa4096 2022-07-12 [E]\n"})}),"\n",(0,r.jsx)(n.h2,{id:"upload-your-key-to-public-gpg-keyserver",children:"Upload your key to public GPG keyserver"}),"\n",(0,r.jsx)(n.p,{children:"Firstly, list your key:"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-shell",children:"gpg --list-keys\n"})}),"\n",(0,r.jsx)(n.p,{children:"The output is like:"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-shell",children:"-------------------------------\npub rsa4096 2022-07-12 [SC]\n F77B887A4F25A9468C513E9AA3008E49B00F626B\nuid [ultimate] hulk <hulk@apache.org>\nsub rsa4096 2022-07-12 [E]\n"})}),"\n",(0,r.jsx)(n.p,{children:"Then, send your key id to key server:"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-shell",children:"gpg --keyserver keys.openpgp.org --send-key <key-id> # e.g., F77B887A4F25A9468C513E9AA3008E49B00F626B\n"})}),"\n",(0,r.jsxs)(n.p,{children:["Among them, ",(0,r.jsx)(n.code,{children:"keys.openpgp.org"})," is a randomly selected keyserver, you can use ",(0,r.jsx)(n.code,{children:"keyserver.ubuntu.com"})," or any other full-featured keyserver."]}),"\n",(0,r.jsx)(n.h2,{id:"check-whether-the-key-is-created-successfully",children:"Check whether the key is created successfully"}),"\n",(0,r.jsx)(n.p,{children:"Uploading takes about one minute; after that, you can check by your email at the corresponding keyserver."}),"\n",(0,r.jsxs)(n.p,{children:["Uploading keys to the keyserver is mainly for joining a ",(0,r.jsx)(n.a,{href:"https://infra.apache.org/release-signing.html#web-of-trust",children:"Web of Trust"}),"."]}),"\n",(0,r.jsx)(n.h2,{id:"add-your-gpg-public-key-to-the-keys-document",children:"Add your GPG public key to the KEYS document"}),"\n",(0,r.jsx)(n.admonition,{type:"info",children:(0,r.jsxs)(n.p,{children:[(0,r.jsx)(n.code,{children:"SVN"})," is required for this step."]})}),"\n",(0,r.jsxs)(n.p,{children:["The svn repository of the release branch is: ",(0,r.jsx)(n.a,{href:"https://dist.apache.org/repos/dist/release/opendal",children:"https://dist.apache.org/repos/dist/release/opendal"})]}),"\n",(0,r.jsx)(n.p,{children:"Please always add the public key to KEYS in the release branch:"}),"\n",(0,r.jsx)(n.pre,{children:(0,r.jsx)(n.code,{className:"language-shell",children:'svn co https://dist.apache.org/repos/dist/release/opendal opendal-dist\n# As this step will copy all the versions, it will take some time. If the network is broken, please use svn cleanup to delete the lock before re-execute it.\ncd opendal-dist\n(gpg --list-sigs YOUR_NAME@apache.org && gpg --export --armor YOUR_NAME@apache.org) >> KEYS # Append your key to the KEYS file\nsvn add . # It is not needed if the KEYS document exists before.\nsvn ci -m "add gpg key for YOUR_NAME" # Later on, if you are asked to enter a username and password, just use your apache username and password.\n'})}),"\n",(0,r.jsx)(n.h2,{id:"upload-the-gpg-public-key-to-your-github-account",children:"Upload the GPG public key to your GitHub account"}),"\n",(0,r.jsxs)(n.ul,{children:["\n",(0,r.jsxs)(n.li,{children:["Enter ",(0,r.jsx)(n.a,{href:"https://github.com/settings/keys",children:"https://github.com/settings/keys"})," to add your GPG key."]}),"\n",(0,r.jsxs)(n.li,{children:["Please remember to bind the email address used in the GPG key to your GitHub account (",(0,r.jsx)(n.a,{href:"https://github.com/settings/emails",children:"https://github.com/settings/emails"}),') if you find "unverified" after adding it.']}),"\n"]})]})}function h(e={}){const{wrapper:n}={...(0,i.R)(),...e.components};return n?(0,r.jsx)(n,{...e,children:(0,r.jsx)(c,{...e})}):c(e)}},5658:(e,n,t)=>{t.d(n,{R:()=>o,x:()=>a});var s=t(758);const r={},i=s.createContext(r);function o(e){const n=s.useContext(i);return s.useMemo((function(){return"function"==typeof e?e(n):{...n,...e}}),[n,e])}function a(e){let n;return n=e.disableParentContext?"function"==typeof e.components?e.components(r):e.components||r:o(e.components),s.createElement(i.Provider,{value:n},e.children)}}}]); |