[VOTE] Pulsar 1.22.0-incubating Release Candidate 3

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

[VOTE] Pulsar 1.22.0-incubating Release Candidate 3

Jai Asher
This is the fourth release candidate for Apache Pulsar, version
1.22.0-incubating.

It fixes the following issues:
https://github.com/apache/incubator-pulsar/milestone/11?closed=1

*** Please download, test and vote by Friday, Feb 23, 2018, 10:00 GMT.

Note that we are voting upon the source (tag), binaries are provided for
convenience.

Source and binary files:
https://dist.apache.org/repos/dist/dev/incubator/pulsar/
pulsar-1.22.0-incubating-candidate-3/

Maven staging repo:
https://repository.apache.org/content/repositories/orgapachepulsar-1010/

The tag to be voted upon:
v1.22.0-incubating-candidate-3 (5d14788e510faec23fd8ed189ed343e93b489dda)
https://github.com/apache/incubator-pulsar/releases/tag/
v1.22.0-incubating-candidate-3

Pulsar's KEYS file containing PGP keys we use to sign the release:
https://dist.apache.org/repos/dist/release/incubator/pulsar/KEYS

Please download the source package, and follow the README to build
and run the Pulsar standalone service.


On Fri, Feb 23, 2018 at 8:09 PM, Dave Fisher <[hidden email]> wrote:

> I will review and then cast a vote on the General@incubator thread.
>
> Sent from my iPhone
>
> > On Feb 23, 2018, at 7:57 PM, Jai Asher <[hidden email]> wrote:
> >
> > Hi,
> >
> > The vote for releasing Apache Pulsar 1.22.0-incubating is now closed.
> >
> > With a total of +6 votes (5 binding) and no -1 votes, the vote passes.
> >
> > +1s (binding):
> > Matteo
> > Sergio
> > Masahiro
> > Rajan
> > Nozomi
> >
> > +1 (non binding):
> > Jia
> >
> > Thanks a lot to all the reviewers for taking the time to validate this
> > release!
> >
> > Regards,
> > Jai
> >
> >> On Fri, Feb 23, 2018 at 9:22 AM, Matteo Merli <[hidden email]>
> wrote:
> >>
> >> +1 (binding)
> >>
> >> Environment: MacOS 10.12 & Centos-7.4
> >>
> >> Checked:
> >> * Signatures, crc
> >> * Bin distribution:
> >>    - NOTICE, README, LICENSE
> >>    - Start standalone service and producer/consumer test
> >> * Src distribution:
> >>    - NOTICE,  README, LICENSE
> >>    - Compile and unit tests
> >>    - Start standalone service
> >> * Checked staging maven repository artifacts
> >>
> >> Matteo
> >>
> >>> On Fri, Feb 23, 2018 at 2:44 AM Jia Zhai <[hidden email]> wrote:
> >>>
> >>> +1 (non-binding)
> >>>
> >>> Environment: MacOS 10.13
> >>>
> >>> * Bin distribution
> >>>   -checked md5, sha, asc,
> >>>   -start standalone,
> >>>   -producer/consumer worked,
> >>> * Src distribution
> >>>   -checked md5, sha, asc,
> >>>   -compile and unit tests,
> >>>   -start standalone,
> >>>   -producer/consumer worked
> >>>
> >>>
> >>>
> >>>
> >>> On Fri, Feb 23, 2018 at 4:02 PM, Masahiro Sakamoto <
> >> [hidden email]
> >>> wrote:
> >>>
> >>>> +1 (binding)
> >>>>
> >>>> Environment: CentOS 6.7
> >>>>
> >>>> * checked md5, sha, asc
> >>>> * ran standalone
> >>>> * producer/consumer worked normally
> >>>> * compiling and unit tests succeeded
> >>>> * rat check
> >>>>
> >>>> - Masahiro
> >>>>
> >>>> --
> >>>> Masahiro Sakamoto
> >>>> Yahoo Japan Corp.
> >>>> E-mail: [hidden email]
> >>>> --
> >>>>
> >>>>> -----Original Message-----
> >>>>> From: Jai Asher [mailto:[hidden email]]
> >>>>> Sent: Wednesday, February 21, 2018 1:39 PM
> >>>>> To: [hidden email]
> >>>>> Subject: [VOTE] Pulsar 1.22.0-incubating Release Candidate 3
> >>>>>
> >>>>> This is the fourth release candidate for Apache Pulsar, version
> >>>>> 1.22.0-incubating.
> >>>>>
> >>>>> It fixes the following issues:
> >>>>> https://github.com/apache/incubator-pulsar/milestone/11?closed=1
> >>>>>
> >>>>> *** Please download, test and vote by Friday, Feb 23, 2018, 10:00
> >> GMT.
> >>>>>
> >>>>> Note that we are voting upon the source (tag), binaries are provided
> >>> for
> >>>>> convenience.
> >>>>>
> >>>>> Source and binary files:
> >>>>> https://dist.apache.org/repos/dist/dev/incubator/pulsar/
> >> pulsar-1.22.0-
> >>>>> incubating-candidate-3/
> >>>>>
> >>>>> Maven staging repo:
> >>>>> https://repository.apache.org/content/repositories/
> >> orgapachepulsar-101
> >>>>> 0/
> >>>>>
> >>>>> The tag to be voted upon:
> >>>>> v1.22.0-incubating-candidate-3
> >>>>> (5d14788e510faec23fd8ed189ed343e93b489dda)
> >>>>> https://github.com/apache/incubator-pulsar/releases/tag/
> >> v1.22.0-incuba
> >>>>> ting-candidate-3
> >>>>>
> >>>>> Pulsar's KEYS file containing PGP keys we use to sign the release:
> >>>>> https://dist.apache.org/repos/dist/release/incubator/pulsar/KEYS
> >>>>>
> >>>>> Please download the source package, and follow the README to build
> >> and
> >>>> run
> >>>>> the Pulsar standalone service.
> >> --
> >> Matteo Merli
> >> <[hidden email]>
> >>
>
Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Pulsar 1.22.0-incubating Release Candidate 3

Stian Soiland-Reyes-2
?On 25 February 2018 at 23:36, Jai Asher <[hidden email]> wrote:
> This is the fourth release candidate for Apache Pulsar, version
> 1.22.0-incubating.
>
> It fixes the following issues:
> https://github.com/apache/incubator-pulsar/milestone/11?closed=1
>
> *** Please download, test and vote by Friday, Feb 23, 2018, 10:00 GMT.

Oo, I'll better hurry up then! :)
Normally the wording is "The vote is open for at least 72 hours" --
you are OK to keep it open a bit longer if you need sufficient votes
or have not tallied them yet.


> Source and binary files:
> https://dist.apache.org/repos/dist/dev/incubator/pulsar/
> pulsar-1.22.0-incubating-candidate-3/

Is it fourth of third release candidate? Use consistent numbering.
Starting with "RC0" is a bit unusual..

> Maven staging repo:
> https://repository.apache.org/content/repositories/orgapachepulsar-1010/

My vote: +1 (binding)


+0 checksums valid (I think)
? asc signatures (sorry, my machine lacks gpg today)
+1 tag vs commit
+0 src.tar.gz vs git tag  (generate_protobuf.sh and
generate_protobuf_docker.sh missing from dist - are they needed?)
+1 mvn install
+1 src LICENSE
+1 bin NOTICE
+0 src NOTICE -- copyright should extend into 2017-2018
+1 src/bin DISCLAIMER
+1 bin LICENSE and licenses (but why extra LICENSE-HdrHistogram0.txt?)
+0 bin NOTICE -- are all of these copyrights really forwarded from their NOTICE?
+1 mvn apache-rat:check - well-documented excludes

As an overall comment I think good work on the licenses!


I did a spot check, and guava.jar does not have a NOTICE, so unless
that was copied from a zip/tar that had such a NOTICE, then there
would be nothing to propagate. On the other side netty.jar has a
humongous NOTICE which somehow just becomes "Copyright 2014 The Netty
Project" in your NOTICE -- this seems to violate their Apache license.
  Has this been discussed on legael?


Your Git repository contains .gitignore.swp from vim which you
probably want to delete.



Your checksum files are in an unusual style:

C1 B8 C8 91 23 92 6A 56  82 F6 E9 F3 25 86 8B 58

CA1B352F 9576C8CB F16258F8 DEABF8F6 E95A926F 665E2FD8 30A38532 8BC639C6 20FD34E6
 6948396A CCD1A123 F072F93D 55D316EB EE34D208 9E0E9174 95AA09EE

Normally the .md5 and .sha512 files contain the checksum only, in
lowercase hex without spacing, e.g.

c1b8c89123926a5682f6e9f325868b58
ca1b352f9576c8cbf16258f8deabf8f6e95a926f665e2fd830a385328bc639c620fd34e66948396accd1a123f072f93d55d316ebee34d2089e0e917495aa09ee

This makes it easier to check against tools like md5sum and shasum.

You didn't include .sha1 checksums, but extra points for .sha512 :)

It is customary to include the checksums (at least md5) or the
dist.apache.org svn revision in the [VOTE] email, to any avoid
accidental last-minute-tampering confusion and to keep it in the
mailing list archives.


Tested with:
Apache Maven 3.5.0 (ff8f5e7444045639af65f6095c62210b5713f426;
2017-04-03T20:39:06+01:00)
Maven home: /usr/local/share/maven
Java version: 1.8.0_144, vendor: Oracle Corporation
Java home: /Library/Java/JavaVirtualMachines/jdk1.8.0_144.jdk/Contents/Home/jre
Default locale: en_US, platform encoding: UTF-8
OS name: "mac os x", version: "10.11.6", arch: "x86_64", family: "mac"



--
Stian Soiland-Reyes
http://orcid.org/0000-0001-9842-9718

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: [VOTE] Pulsar 1.22.0-incubating Release Candidate 3

Matteo Merli
Hi Stian,

thanks for the detailed spot-on review. (comments inline).

I have created an issue to track the point you have raised (
https://github.com/apache/incubator-pulsar/issues/1337), we'll get to these
before next release.

On Fri, Mar 2, 2018 at 2:00 AM Stian Soiland-Reyes <[hidden email]> wrote:

> Oo, I'll better hurry up then! :)
>
Normally the wording is "The vote is open for at least 72 hours" --
> you are OK to keep it open a bit longer if you need sufficient votes
> or have not tallied them yet.
>

Sure we'll update the email templates


> > Source and binary files:
> > https://dist.apache.org/repos/dist/dev/incubator/pulsar/
> > pulsar-1.22.0-incubating-candidate-3/
>
> Is it fourth of third release candidate? Use consistent numbering.
> Starting with "RC0" is a bit unusual..
>

Yes, we're indeed starting with RC0. We'll switch the instructions to start
with RC1


> +0 src.tar.gz vs git tag  (generate_protobuf.sh and
> generate_protobuf_docker.sh missing from dist - are they needed?)
>

These files are only need to recreate protobuf generated files which are
anyway included in the repo (not when just c


> +0 src NOTICE -- copyright should extend into 2017-2018
>

Thanks for catching, will fix


> +0 bin NOTICE -- are all of these copyrights really forwarded from their
> NOTICE?
>
> I did a spot check, and guava.jar does not have a NOTICE, so unless
> that was copied from a zip/tar that had such a NOTICE, then there
> would be nothing to propagate. On the other side netty.jar has a
> humongous NOTICE which somehow just becomes "Copyright 2014 The Netty
> Project" in your NOTICE -- this seems to violate their Apache license.
>   Has this been discussed on legael?
>

This was discussed few times here when voting on past releases. Initially I
had put the overall content of Netty
NOTICE file but according to the discussion I have only left copyright
notices.

Discussion for 1.19 Pulsar release:
https://lists.apache.org/thread.html/b2ebf0d5fc8f75f3bb09dc1c2da878da9c565043cae8fcc2bb20c519@%3Cgeneral.incubator.apache.org%3E
Discussion for 1.20 release:
https://lists.apache.org/thread.html/bcaa7b2547ec72d2457c9516ae4fee8bb27429be17a4e0db77b013df@%3Cgeneral.incubator.apache.org%3E

These discussions, resulted into these 2 changes to the notice files:
 * https://github.com/apache/incubator-pulsar/pull/677
 * https://github.com/apache/incubator-pulsar/pull/926

Regarding Netty, I've done a spot check on several other ASF TLP projects
and found no one including the full NOTICE file from Netty. I can assure we
have no intention to withdraw information from the NOTICE file :-), it's
just that the definition of what should be included and what shouldn't is
still not 100% crisp and clear to us.

Your Git repository contains .gitignore.swp from vim which you
> probably want to delete.
>

Thanks for catching, will remove.

Your checksum files are in an unusual style:

>
> C1 B8 C8 91 23 92 6A 56  82 F6 E9 F3 25 86 8B 58
>
> CA1B352F 9576C8CB F16258F8 DEABF8F6 E95A926F 665E2FD8 30A38532 8BC639C6
> 20FD34E6
>  6948396A CCD1A123 F072F93D 55D316EB EE34D208 9E0E9174 95AA09EE
>
> Normally the .md5 and .sha512 files contain the checksum only, in
> lowercase hex without spacing, e.g.
>
> c1b8c89123926a5682f6e9f325868b58
>
> ca1b352f9576c8cbf16258f8deabf8f6e95a926f665e2fd830a385328bc639c620fd34e66948396accd1a123f072f93d55d316ebee34d2089e0e917495aa09ee
>
> This makes it easier to check against tools like md5sum and shasum.
>
> You didn't include .sha1 checksums, but extra points for .sha512 :)
>

We have a script that we use to generate the checksums and it does:
gpg --print-md SHA512 $FILE > $FILE.sha512

This was to avoid differences in tooling between macos and linux. We'll try
to fix it to use the standard format.


> It is customary to include the checksums (at least md5) or the
> dist.apache.org svn revision in the [VOTE] email, to any avoid
> accidental last-minute-tampering confusion and to keep it in the
> mailing list archives.
>

Sure, we'll add that to instructions.

Thanks,
Matteo
--
Matteo Merli
<[hidden email]>