Validating release candidates

Download And Verify the source tarball

Before you start to validate the source tarball, make sure you have installed these software:

OpenJDK 17
Maven 3.9.9 (most recent stable Maven 3.9.x version)

Download the source tarball and extract it. The extracted files are in a directory called apache-pulsar-adapters-<release>-src:

VERSION=3.0.0
CANDIDATE=2
wget https://dist.apache.org/repos/dist/dev/pulsar/pulsar-adapters-$VERSION-candidate-$CANDIDATE/apache-pulsar-adapters-$VERSION-src.tar.gz
wget https://dist.apache.org/repos/dist/dev/pulsar/pulsar-adapters-$VERSION-candidate-$CANDIDATE/apache-pulsar-adapters-$VERSION-src.tar.gz.asc
wget https://dist.apache.org/repos/dist/dev/pulsar/pulsar-adapters-$VERSION-candidate-$CANDIDATE/apache-pulsar-adapters-$VERSION-src.tar.gz.sha512sum

tar -zxvf apache-pulsar-adapters-$VERSION-src.tar.gz

Verify the GPG signature:

# Import the Pulsar KEYS
gpg --import <(curl https://dist.apache.org/repos/dist/release/pulsar/KEYS)

# Verify the source tarball
gpg --verify apache-pulsar-adapters-$VERSION-src.tar.gz

Verify the SHA512 sum:

sha512sum --check apache-pulsar-adapters-$VERSION-src.tar.gz.sha512sum

Build:

cd apache-pulsar-adapters-$VERSION-src
mvn clean install -DskipTests

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Validating release candidates

Download And Verify the source tarball

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally