NiFi release verification tools
These tools assist with automatic the verification of releases of Apache projects, specifically Apache NiFi. The current feature set is specific to NiFi but the framework allows extensibility to be applied to a variety of projects.
These steps are adapted from the release verification helper emails accompanying NiFi releases.
- Download latest KEYS file:
wget https://dist.apache.org/repos/dist/dev/nifi/KEYS
- Import keys file:
gpg --import KEYS
-
[optional] Clear out local maven artifact repository
-
Pull down nifi-0.6.1 source release artifacts for review:
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-0.6.1/nifi-0.6.1-source-release.zip
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-0.6.1/nifi-0.6.1-source-release.zip.asc
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-0.6.1/nifi-0.6.1-source-release.zip.md5
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-0.6.1/nifi-0.6.1-source-release.zip.sha1
wget https://dist.apache.org/repos/dist/dev/nifi/nifi-0.6.1/nifi-0.6.1-source-release.zip.sha256
- Verify the signature
gpg --verify nifi-0.6.1-source-release.zip.asc
- Verify the hashes (
md5
,sha1
,sha256
) match the source and what was provided in the vote email thread
md5sum nifi-0.6.1-source-release.zip
sha1sum nifi-0.6.1-source-release.zip
openssl sha256 nifi-0.6.1-source-release.zip
- Unzip nifi-0.6.1-source-release.zip
unzip -q nifi-0.6.1-source-release.zip
- Verify the build works including release audit tool (RAT) checks
cd nifi-0.6.1
mvn clean install -Pcontrib-check
- Verify the contents contain a good
README.md
,NOTICE
, andLICENSE
.
Here the code checks the existence of each file and looks for hard-coded representative strings (long enough that the random occurrence is highly unlikely). This does not compare to a reference implementation of each file because the files change dynamically with each release.
- Verify the git commit ID is correct
Not yet implemented
- Verify the RC was branched off the correct git commit ID
Not yet implemented
- Look at the resulting convenience binary as found in nifi-assembly/target
Not yet implemented
- Make sure the README, NOTICE, and LICENSE are present and correct
Not yet implemented
- Run the resulting convenience binary and make sure it works as expected
Not yet implemented