diff --git a/scripts/README.md b/scripts/README.md index cb3f1339ce8..a62f2454efe 100644 --- a/scripts/README.md +++ b/scripts/README.md @@ -13,14 +13,6 @@ NOTES: all scripts must be running at root folder of OpenDAL project. > Before running release, please make sure you have bump all versions. -## Check - -```shell -./scripts/check.py -``` - -> Before running the check, please ensure that you have completed the following preparations. - ### Preparations Import gpg key diff --git a/scripts/check.py b/scripts/check.py deleted file mode 100755 index 0bd185b35b8..00000000000 --- a/scripts/check.py +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/env python3 -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -import subprocess -import os - -# Define colors for output -YELLOW = "\033[37;1m" -GREEN = "\033[32;1m" -ENDCOLOR = "\033[0m" - - -def check_signature(pkg): - """Check the GPG signature of the package.""" - try: - subprocess.check_call(["gpg", "--verify", f"{pkg}.asc", pkg]) - print(GREEN + "Success to verify the gpg sign for " + pkg + ENDCOLOR) - except subprocess.CalledProcessError: - print(YELLOW + "Failed to verify the gpg sign for " + pkg + ENDCOLOR) - - -def check_sha512sum(pkg): - """Check the sha512 checksum of the package.""" - try: - subprocess.check_call(["sha512sum", "--check", f"{pkg}.sha512"]) - print(GREEN + "Success to verify the checksum for " + pkg + ENDCOLOR) - except subprocess.CalledProcessError: - print(YELLOW + "Failed to verify the checksum for " + pkg + ENDCOLOR) - - -def main(): - # Get a list of all files in the current directory - files = [f for f in os.listdir(".") if os.path.isfile(f)] - - for pkg in files: - # Skip files that don't have a corresponding .asc or .sha512 file - if not os.path.exists(f"{pkg}.asc") or not os.path.exists(f"{pkg}.sha512"): - continue - - print(f"> Checking {pkg}") - - # Perform the checks - check_signature(pkg) - check_sha512sum(pkg) - - -if __name__ == "__main__": - main() diff --git a/scripts/verify.py b/scripts/verify.py index f778bc4ce47..7563bc9933f 100755 --- a/scripts/verify.py +++ b/scripts/verify.py @@ -24,14 +24,49 @@ BASE_DIR = Path(os.getcwd()) +# Define colors for output +YELLOW = "\033[37;1m" +GREEN = "\033[32;1m" +ENDCOLOR = "\033[0m" -def extract_packages(): - print("Start extracting packages") +def check_signature(pkg): + """Check the GPG signature of the package.""" + try: + subprocess.check_call(["gpg", "--verify", f"{pkg}.asc", pkg]) + print(f"{GREEN}> Success to verify the gpg sign for {pkg}{ENDCOLOR}") + except subprocess.CalledProcessError: + print(f"{YELLOW}> Failed to verify the gpg sign for {pkg}{ENDCOLOR}") + + +def check_sha512sum(pkg): + """Check the sha512 checksum of the package.""" + try: + subprocess.check_call(["sha512sum", "--check", f"{pkg}.sha512"]) + print(f"{GREEN}> Success to verify the checksum for {pkg}{ENDCOLOR}") + except subprocess.CalledProcessError: + print(f"{YELLOW}> Failed to verify the checksum for {pkg}{ENDCOLOR}") + + +def extract_packages(): for file in BASE_DIR.glob("*.tar.gz"): subprocess.run(["tar", "-xzf", file], check=True) +def check_license(dir): + print(f"> Start checking LICENSE file in {dir}") + if not (dir / "LICENSE").exists(): + raise f"{YELLOW}> LICENSE file is not found{ENDCOLOR}" + print(f"{GREEN}> LICENSE file exists in {dir}{ENDCOLOR}") + + +def check_notice(dir): + print(f"> Start checking NOTICE file in {dir}") + if not (dir / "NOTICE").exists(): + raise f"{YELLOW}> NOTICE file is not found{ENDCOLOR}" + print(f"{GREEN}> NOTICE file exists in {dir}{ENDCOLOR}") + + def check_rust(): try: subprocess.run(["cargo", "--version"], check=True) @@ -44,7 +79,7 @@ def check_rust(): def check_java(): try: - subprocess.run(["java", "--version"], check=True) + subprocess.run(["java", "-version"], check=True) return True except FileNotFoundError: return False @@ -55,7 +90,13 @@ def check_java(): def build_core(dir): print("Start building opendal core") - subprocess.run(["cargo", "build", "--release"], cwd=dir/"core", check=True) + subprocess.run( + ["cargo", "build", "--release"], + cwd=dir / "core", + check=True, + stderr=subprocess.DEVNULL, + ) + print(f"{GREEN}Success to build opendal core{ENDCOLOR}") def build_java_binding(dir): @@ -70,14 +111,34 @@ def build_java_binding(dir): "-Dcargo-build.profile=release", ], check=True, - cwd=dir/"bindings/java", + cwd=dir / "bindings/java", + stderr=subprocess.DEVNULL, + stdout=subprocess.DEVNULL, ) + print(f"> {GREEN}Success to build opendal java binding{ENDCOLOR}") if __name__ == "__main__": + # Get a list of all files in the current directory + files = [f for f in os.listdir(".") if os.path.isfile(f)] + + for pkg in files: + # Skip files that don't have a corresponding .asc or .sha512 file + if not os.path.exists(f"{pkg}.asc") or not os.path.exists(f"{pkg}.sha512"): + continue + + print(f"> Checking {pkg}") + + # Perform the checks + check_signature(pkg) + check_sha512sum(pkg) + extract_packages() for dir in BASE_DIR.glob("apache-opendal-*-src/"): + check_license(dir) + check_notice(dir) + if check_rust(): build_core(dir) else: @@ -87,8 +148,6 @@ def build_java_binding(dir): print("Visit https://www.rust-lang.org/tools/install for more information") sys.exit(1) - build_core(dir) - if check_java(): build_java_binding(dir) else: diff --git a/website/community/committers/release.md b/website/community/committers/release.md index 1b8f9c833b7..591b6e9a28e 100644 --- a/website/community/committers/release.md +++ b/website/community/committers/release.md @@ -311,7 +311,7 @@ https://downloads.apache.org/opendal/KEYS Git tag for the release: -https://github.com/apache/opendal/releases/tag/${release_version} +https://github.com/apache/opendal/releases/tag/v${release_version} Maven staging repo: @@ -341,15 +341,12 @@ Checklist for reference: [ ] All source files have ASF headers [ ] Can compile from source -More detailed checklist please refer to: -https://github.com/apache/opendal/tree/main/scripts +Use our verify.py to assist in the verify process: -To compile from source, please refer to: -https://github.com/apache/opendal/blob/main/CONTRIBUTING.md - -Here is a Python script in release to help you verify the release candidate: - -./scripts/verify.py +svn co https://dist.apache.org/repos/dist/dev/opendal/${release_version}/ opendal-dev +cd opendal-dev +curl -sSL https://github.com/apache/opendal/raw/v${release_version}/scripts/verify.py -o verify.py +python verify.py Thanks diff --git a/website/community/committers/verify.md b/website/community/committers/verify.md index b96a94a97e4..abdeeb47215 100644 --- a/website/community/committers/verify.md +++ b/website/community/committers/verify.md @@ -103,7 +103,7 @@ git clone https://github.com/apache/opendal Run the script in a specific release candidate's folder: ```shell -./scripts/check.py +./scripts/verify.py ``` You will see the following output if the verification is successful: