hadoop-yarn-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wangda Tan <wheele...@gmail.com>
Subject Re: [Urgent] Question about Nexus repo and Hadoop release
Date Mon, 21 Jan 2019 17:14:32 GMT
Hi David,

Thanks for helping check this,

I can see signatures on my key:

pub  4096R/57300D45
<http://pool.sks-keyservers.net:11371/key/0xB3FA653D57300D45>
2018-03-20
	 Fingerprint=4C89 9853 CDDA 4E40 C602  12B5 B3FA 653D 5730 0D45
uid Wangda tan <wangda@apache.org>
sig  sig3  57300D45
<http://pool.sks-keyservers.net:11371/key/0xB3FA653D57300D45>
2018-03-20 __________ __________ [selfsig]
<http://pool.sks-keyservers.net:11371/search/vindex/fingerprint/0xB3FA653D57300D45>
sig  sig   C36C5F0F
<http://pool.sks-keyservers.net:11371/key/0x255ADF56C36C5F0F>
2018-04-05 __________ __________ Vinod Kumar Vavilapalli (I am also
known as @tshooter.) <vinodkv@apache.org>
<http://pool.sks-keyservers.net:11371/search/vindex/fingerprint/0x255ADF56C36C5F0F>
sig  sig   F9CBBD4C
<http://pool.sks-keyservers.net:11371/key/0x29ED86E6F9CBBD4C>
2018-11-08 __________ __________ shikong <wudimenghuan@gmail.com>
<http://pool.sks-keyservers.net:11371/search/vindex/fingerprint/0x29ED86E6F9CBBD4C>
sub  4096R/D0C16F12 2018-03-20
sig sbind  57300D45
<http://pool.sks-keyservers.net:11371/key/0xB3FA653D57300D45>
2018-03-20 __________ __________ []
<http://pool.sks-keyservers.net:11371/search/vindex/fingerprint/0xB3FA653D57300D45>

And gpg --edit-key also shows:

gpg --edit-key 4C899853CDDA4E40C60212B5B3FA653D57300D45
gpg (GnuPG) 2.2.5; Copyright (C) 2018 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Secret key is available.

sec  rsa4096/B3FA653D57300D45
     created: 2018-03-20  expires: never       usage: SC
     trust: unknown       validity: unknown
ssb  rsa4096/79CD893FD0C16F12
     created: 2018-03-20  expires: never       usage: E
[ unknown] (1). Wangda tan <wangda@apache.org>

Thanks,
Wangda

On Mon, Jan 21, 2019 at 9:08 AM David Nalley <david@gnsa.us> wrote:

> I wonder if it's because there are no signatures on your key.
>
> --David
>
> On Mon, Jan 21, 2019 at 11:57 AM Wangda Tan <wheeleast@gmail.com> wrote:
> >
> > Hi Brian,
> >
> > Here're links to my key:
> >
> > http://pool.sks-keyservers.net:11371/key/0xB3FA653D57300D45
> >
> > http://pgp.mit.edu/pks/lookup?op=get&search=0xB3FA653D57300D45
> >
> > On Apache SVN:
> https://dist.apache.org/repos/dist/release/hadoop/common/KEYS
> >
> > Thanks,
> > Wangda
> >
> > On Mon, Jan 21, 2019 at 6:51 AM Brian Demers <brian.demers@gmail.com>
> wrote:
> >>
> >> Can you share the link to your key?
> >>
> >> -Brian
> >>
> >> On Jan 20, 2019, at 11:21 PM, Wangda Tan <wheeleast@gmail.com> wrote:
> >>
> >> Still couldn't figure out without locating the log on the Nexus
> machine. With help from several committers and PMCs, we didn't see anything
> wrong with my signing key.
> >>
> >> I don't want to delay 3.1.2 more because of this. Is it allowed for me
> to publish artifacts (like tarball, source package, etc.) only and somebody
> else to push Maven bits to Nexus. I believe Apache bylaw should allow that
> because there're several releases have more than one release managers. If
> it is not allowed, please take over the RM role if you have the bandwidth,
> I think most works have been done except close the Nexus repo.
> >>
> >> Thanks,
> >> Wangda
> >>
> >> On Thu, Jan 17, 2019 at 11:18 AM Wangda Tan <wheeleast@gmail.com>
> wrote:
> >>>
> >>> Spent several more hours trying to figure out the issue, still no luck.
> >>>
> >>> I just filed https://issues.sonatype.org/browse/OSSRH-45646, really
> appreciate if anybody could add some suggestions.
> >>>
> >>> Thanks,
> >>> Wangda
> >>>
> >>> On Tue, Jan 15, 2019 at 9:48 AM Wangda Tan <wheeleast@gmail.com>
> wrote:
> >>>>
> >>>> It seems the problem still exists for me:
> >>>>
> >>>> Now the error message only contains:
> >>>>
> >>>> failureMessage  Failed to validate the pgp signature of
> '/org/apache/hadoop/hadoop-client-check-invariants/3.1.2/hadoop-client-check-invariants-3.1.2.pom',
> check the logs.
> >>>> failureMessage  Failed to validate the pgp signature of
> '/org/apache/hadoop/hadoop-resourceestimator/3.1.2/hadoop-resourceestimator-3.1.2-javadoc.jar',
> check the logs.
> >>>>
> >>>> If anybody has access the Nexus node, could you please help to check
> what is the failure message?
> >>>>
> >>>> Thanks,
> >>>> Wangda
> >>>>
> >>>>
> >>>> On Tue, Jan 15, 2019 at 9:56 AM Brian Fox <brianf@infinity.nu>
wrote:
> >>>>>
> >>>>> Good to know. The pool has occasionally had sync issues, but we're
> talking 3 times in the last 8-9 years.
> >>>>>
> >>>>> On Tue, Jan 15, 2019 at 10:39 AM Elek, Marton <elek@apache.org>
> wrote:
> >>>>>>
> >>>>>> My key was pushed to the server with pgp about 1 year ago, and
it
> worked
> >>>>>> well with the last Ratis release. So it should be synced between
> the key
> >>>>>> servers.
> >>>>>>
> >>>>>> But it seems that the INFRA solved the problem with shuffling
the
> key
> >>>>>> server order (or it was an intermittent issue): see INFRA-17649
> >>>>>>
> >>>>>> Seems to be working now...
> >>>>>>
> >>>>>> Marton
> >>>>>>
> >>>>>>
> >>>>>> On 1/15/19 5:19 AM, Wangda Tan wrote:
> >>>>>> > HI Brain,
> >>>>>> > Thanks for responding, could u share how to push to keys
to
> Apache pgp pool?
> >>>>>> >
> >>>>>> > Best,
> >>>>>> > Wangda
> >>>>>> >
> >>>>>> > On Mon, Jan 14, 2019 at 10:44 AM Brian Fox <brianf@infinity.nu>
> wrote:
> >>>>>> >
> >>>>>> >> Did you push your key up to the pgp pool? That's what
Nexus is
> validating
> >>>>>> >> against. It might take time to propagate if you just
pushed it.
> >>>>>> >>
> >>>>>> >> On Mon, Jan 14, 2019 at 9:59 AM Elek, Marton <elek@apache.org>
> wrote:
> >>>>>> >>
> >>>>>> >>> Seems to be an INFRA issue for me:
> >>>>>> >>>
> >>>>>> >>> 1. I downloaded a sample jar file [1] + the signature
from the
> >>>>>> >>> repository and it was ok, locally I verified it.
> >>>>>> >>>
> >>>>>> >>> 2. I tested it with an other Apache project (Ratis)
and my key.
> I got
> >>>>>> >>> the same problem even if it worked at last year
during the 0.3.0
> >>>>>> >>> release. (I used exactly the same command)
> >>>>>> >>>
> >>>>>> >>> I opened an infra ticket to check the logs of the
Nexus as it
> was
> >>>>>> >>> suggested in the error message:
> >>>>>> >>>
> >>>>>> >>> https://issues.apache.org/jira/browse/INFRA-17649
> >>>>>> >>>
> >>>>>> >>> Marton
> >>>>>> >>>
> >>>>>> >>>
> >>>>>> >>> [1]:
> >>>>>> >>>
> >>>>>> >>>
> https://repository.apache.org/service/local/repositories/orgapachehadoop-1183/content/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2-javadoc.jar
> >>>>>> >>>
> >>>>>> >>>
> >>>>>> >>> On 1/13/19 6:27 AM, Wangda Tan wrote:
> >>>>>> >>>> Uploaded sample file and signature.
> >>>>>> >>>>
> >>>>>> >>>>
> >>>>>> >>>>
> >>>>>> >>>> On Sat, Jan 12, 2019 at 9:18 PM Wangda Tan
<
> wheeleast@gmail.com
> >>>>>> >>>> <mailto:wheeleast@gmail.com>> wrote:
> >>>>>> >>>>
> >>>>>> >>>>     Actually, among the hundreds of failed
messages, the "No
> public key"
> >>>>>> >>>>     issues still occurred several times:
> >>>>>> >>>>
> >>>>>> >>>>         failureMessage  No public key: Key
with id:
> (b3fa653d57300d45)
> >>>>>> >>>>         was not able to be located on http://gpg-keyserver.de/.
> Upload
> >>>>>> >>>>         your public key and try the operation
again.
> >>>>>> >>>>         failureMessage  No public key: Key
with id:
> (b3fa653d57300d45)
> >>>>>> >>>>         was not able to be located on
> >>>>>> >>>>         http://pool.sks-keyservers.net:11371.
Upload your
> public key
> >>>>>> >>> and
> >>>>>> >>>>         try the operation again.
> >>>>>> >>>>         failureMessage  No public key: Key
with id:
> (b3fa653d57300d45)
> >>>>>> >>>>         was not able to be located on http://pgp.mit.edu:11371.
> Upload
> >>>>>> >>>>         your public key and try the operation
again.
> >>>>>> >>>>
> >>>>>> >>>>     Once the close operation returned, I will
upload sample
> files which
> >>>>>> >>>>     may help troubleshoot the issue.
> >>>>>> >>>>
> >>>>>> >>>>     Thanks,
> >>>>>> >>>>
> >>>>>> >>>>     On Sat, Jan 12, 2019 at 9:04 PM Wangda
Tan <
> wheeleast@gmail.com
> >>>>>> >>>>     <mailto:wheeleast@gmail.com>>
wrote:
> >>>>>> >>>>
> >>>>>> >>>>         Thanks David for the quick response!
> >>>>>> >>>>
> >>>>>> >>>>         I just retried, now the "No public
key" issue is gone.
> However,
> >>>>>> >>>>         the issue:
> >>>>>> >>>>
> >>>>>> >>>>             failureMessage  Failed to validate
the pgp
> signature of
> >>>>>> >>>>
> >>>>>> >>>
> '/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2-tests.jar',
> >>>>>> >>>>             check the logs.
> >>>>>> >>>>             failureMessage  Failed to validate
the pgp
> signature of
> >>>>>> >>>>
> >>>>>> >>>
> '/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2-test-sources.jar',
> >>>>>> >>>>             check the logs.
> >>>>>> >>>>             failureMessage  Failed to validate
the pgp
> signature of
> >>>>>> >>>>
> >>>>>> >>>
> '/org/apache/hadoop/hadoop-mapreduce-client-jobclient/3.1.2/hadoop-mapreduce-client-jobclient-3.1.2.pom',
> >>>>>> >>>>             check the logs.
> >>>>>> >>>>
> >>>>>> >>>>
> >>>>>> >>>>         Still exists and repeated hundreds
of times. Do you
> know how to
> >>>>>> >>>>         access the logs mentioned by above
log?
> >>>>>> >>>>
> >>>>>> >>>>         Best,
> >>>>>> >>>>         Wangda
> >>>>>> >>>>
> >>>>>> >>>>         On Sat, Jan 12, 2019 at 8:37 PM David
Nalley <
> david@gnsa.us
> >>>>>> >>>>         <mailto:david@gnsa.us>> wrote:
> >>>>>> >>>>
> >>>>>> >>>>             On Sat, Jan 12, 2019 at 9:09 PM
Wangda Tan
> >>>>>> >>>>             <wheeleast@gmail.com <mailto:wheeleast@gmail.com>>
> wrote:
> >>>>>> >>>>             >
> >>>>>> >>>>             > Hi Devs,
> >>>>>> >>>>             >
> >>>>>> >>>>             > I'm currently rolling Hadoop
3.1.2 release
> candidate,
> >>>>>> >>>>             however, I saw an issue when I
try to close repo
> in Nexus.
> >>>>>> >>>>             >
> >>>>>> >>>>             > Logs of
> >>>>>> >>> https://repository.apache.org/#stagingRepositories
> >>>>>> >>>>             (orgapachehadoop-1183) shows hundreds
of lines of
> the
> >>>>>> >>>>             following error:
> >>>>>> >>>>             >
> >>>>>> >>>>             > failureMessage  No public
key: Key with id:
> >>>>>> >>>>             (b3fa653d57300d45) was not able
to be located on
> >>>>>> >>>>             http://gpg-keyserver.de/. Upload
your public key
> and try
> >>>>>> >>> the
> >>>>>> >>>>             operation again.
> >>>>>> >>>>             > failureMessage  No public
key: Key with id:
> >>>>>> >>>>             (b3fa653d57300d45) was not able
to be located on
> >>>>>> >>>>             http://pool.sks-keyservers.net:11371.
Upload your
> public
> >>>>>> >>> key
> >>>>>> >>>>             and try the operation again.
> >>>>>> >>>>             > failureMessage  No public
key: Key with id:
> >>>>>> >>>>             (b3fa653d57300d45) was not able
to be located on
> >>>>>> >>>>             http://pgp.mit.edu:11371. Upload
your public key
> and try
> >>>>>> >>> the
> >>>>>> >>>>             operation again.
> >>>>>> >>>>             > ...
> >>>>>> >>>>             > failureMessage  Failed to
validate the pgp
> signature of
> >>>>>> >>>>
> >>>>>> >>>
> '/org/apache/hadoop/hadoop-yarn-registry/3.1.2/hadoop-yarn-registry-3.1.2-tests.jar',
> >>>>>> >>>>             check the logs.
> >>>>>> >>>>             > failureMessage  Failed to
validate the pgp
> signature of
> >>>>>> >>>>
> >>>>>> >>>
> '/org/apache/hadoop/hadoop-yarn-registry/3.1.2/hadoop-yarn-registry-3.1.2-test-sources.jar',
> >>>>>> >>>>             check the logs.
> >>>>>> >>>>             > failureMessage  Failed to
validate the pgp
> signature of
> >>>>>> >>>>
> >>>>>> >>>
> '/org/apache/hadoop/hadoop-yarn-registry/3.1.2/hadoop-yarn-registry-3.1.2-sources.jar',
> >>>>>> >>>>             check the logs.
> >>>>>> >>>>             >
> >>>>>> >>>>             >
> >>>>>> >>>>             > This is the same key I used
before (and finished
> two
> >>>>>> >>>>             releases), the same environment
I used before.
> >>>>>> >>>>             >
> >>>>>> >>>>             > I have tried more than 10
times in the last two
> days, no
> >>>>>> >>>>             luck. And closing the repo takes
almost one hour
> (Regular
> >>>>>> >>>>             time is less than 1 min) and always
fail at the
> last.
> >>>>>> >>>>             >
> >>>>>> >>>>             > I used following commands
to validate key exists
> on key
> >>>>>> >>>>             servers
> >>>>>> >>>>             >
> >>>>>> >>>>             > gpg --keyserver pgp.mit.edu
<http://pgp.mit.edu>
> >>>>>> >>>>             --recv-keys 57300D45
> >>>>>> >>>>             > gpg: WARNING: unsafe permissions
on homedir
> >>>>>> >>>>             '/Users/wtan/.gnupg'
> >>>>>> >>>>             > gpg: key B3FA653D57300D45:
1 signature not
> checked due to
> >>>>>> >>>>             a missing key
> >>>>>> >>>>             > gpg: key B3FA653D57300D45:
"Wangda tan <
> wangda@apache.org
> >>>>>> >>>>             <mailto:wangda@apache.org>>"
not changed
> >>>>>> >>>>             > gpg: Total number processed:
1
> >>>>>> >>>>             > gpg:              unchanged:
1
> >>>>>> >>>>             >
> >>>>>> >>>>             > gpg --keyserver pool.sks-keyservers.net
> >>>>>> >>>>             <http://pool.sks-keyservers.net>
--recv-keys
> >>>>>> >>> B3FA653D57300D45
> >>>>>> >>>>             > gpg: WARNING: unsafe permissions
on homedir
> >>>>>> >>>>             '/Users/wtan/.gnupg'
> >>>>>> >>>>             > gpg: key B3FA653D57300D45:
1 signature not
> checked due to
> >>>>>> >>>>             a missing key
> >>>>>> >>>>             > gpg: key B3FA653D57300D45:
"Wangda tan <
> wangda@apache.org
> >>>>>> >>>>             <mailto:wangda@apache.org>>"
not changed
> >>>>>> >>>>             > gpg: Total number processed:
1
> >>>>>> >>>>             > gpg:              unchanged:
1
> >>>>>> >>>>             >
> >>>>>> >>>>
> >>>>>> >>>>             Both of these report that your
key was not found.
> >>>>>> >>>>             I took the key from the KEYS file
and uploaded it
> to both of
> >>>>>> >>>>             those servers.
> >>>>>> >>>>
> >>>>>> >>>>             You might try the release again
and see if this
> resolves the
> >>>>>> >>>>             issue.
> >>>>>> >>>>
> >>>>>> >>>>
> >>>>>> >>>>
> >>>>>> >>>>
> ---------------------------------------------------------------------
> >>>>>> >>>> To unsubscribe, e-mail: hdfs-dev-unsubscribe@hadoop.apache.org
> >>>>>> >>>> For additional commands, e-mail:
> hdfs-dev-help@hadoop.apache.org
> >>>>>> >>>>
> >>>>>> >>>
> >>>>>> >>
> >>>>>> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message