jmeter-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Schumacher <felix.schumac...@internetallee.de>
Subject Re: Let's release a 5.1 ?
Date Thu, 07 Feb 2019 06:57:54 GMT


Am 6. Februar 2019 22:39:24 MEZ schrieb Philippe Mouawad <p.mouawad@ubik-ingenierie.com>:
>Hello,
>
>We now have :
>
>   - 30 enhancements
>   - 51 bugfixes
>
>I think the nightly is ready to be released.
>
>What's your opinion ?

Yes. We should do a release. 

>Is there a volunteer for release management ?

I would be willing to do so, but I would need a pgp key like you do :) 

>If not I'll try to , but I see there are some steps where I'll need
>help
>from usual release manager:
>I don't understand this:
>
>   -
>
> If necessary, update the META file with your GPG key id (if you act as
>   the release manager for the first time. Please visit
>https://checker.apache.org/doc/README.html )  => HOW DO I GET The key
>id
>   ?

You generate a pgp/gpg key pair. The key from that pair has an ID that is assigned automatically
upon generation. 

The public part of the pair will have to be signed by some known keys, so that it can be verified
by others that have no direct contact to you (but trust the known keys). 

>   -
>    - The META file needs to be signed by the PMC Chair of project with
>      this command:
>
>gpg -u emailOfPmcChairJMeter@apache.org --armor --output META.asc
>--detach-sig META

This is done to have a known place where our key ids can be found. Those key ids are signed
by the chair, so others can verify that the project trusts those values. 

>
>=> Can I sign it or must it be milamber ?

The meta file seems to be signed by milamber (but only when the id's are added) 

>
>
>   - To verify the good signature, use this command:
>
>$ gpg --verify META.asc METAgpg: Signature made mar. 12 sept. 2017
>18:05:19 WESTgpg:                using RSA key
>C4923F9ABFB2F1A06F08E88BAC214CAA0612B399gpg:                issuer
>"milamber@apache.org"gpg: Good signature from "Milamber (ASF)
><milamber@apache.org>" [ultimate]gpg:                 aka "Milamber
>(Milamberspace) <milamberspace@gmail.com>" [ultimate]
>
>=> When I do it
>gpg --verify META.asc META
>gpg: Signature made Tue 12 Sep 2017 05:05:19 PM UTC using RSA key ID
>0612B399
>gpg: Can't check signature: No public key

I haven't tried that one, will have to do it when I am home again. 

>
>
>Sorry for stupid questions.

PGP is hard to understand and to get correctly handled. 

Regards, 
 Felix 

>
>
>Regards
>Philippe
>
>
>
>
>
>
>
>
><https://www.openstreetmap.org/#map=18/50.69454/3.16455>

Mime
View raw message