Verify Apache Release

To verify the release, following checklist can used to reference:

  1. Download links are valid.
  2. Checksums and PGP signatures are valid.
  3. DISCLAIMER-WIP is included.
  4. Source code artifacts have correct names matching the current release.
  5. LICENSE and NOTICE files are correct for the repository.
  6. All files have license headers if necessary.
  7. No compiled archives bundled in source archive.
  8. Building is OK.

1. Download source package, signature file, hash file and KEYS

Download all artifacts, take a.b.c-incubating as an example:

  1. wget https://www.apache.org/dyn/mirrors/mirrors.cgi?action=download&filename=/incubator/doris/a.b.c-incubating/apache-doris-a.b.c-incubating-src.tar.gz
  3. wget https://www.apache.org/dist/incubator/doris/a.b.c-incubating/apache-doris-a.b.c-incubating-src.tar.gz.sha512
  5. wget https://www.apache.org/dist/incubator/doris/a.b.c-incubating/apache-doris-a.b.c-incubating-src.tar.gz.asc
  7. wget https://www.apache.org/dist/incubator/doris/KEYS

2. Verify signature and hash

GnuPG is recommended, which can install by yum install gnupg or apt-get install gnupg.

  1. gpg --import KEYS
  2. gpg --verify apache-doris-a.b.c-incubating-src.tar.gz.asc apache-doris-a.b.c-incubating-src.tar.gz
  3. sha512sum --check apache-doris-a.b.c-incubating-src.tar.gz.sha512

3. Verify license header

Apache RAT is recommended to verify license header, which can download as following command.

  1. wget http://mirrors.tuna.tsinghua.edu.cn/apache/creadur/apache-rat-0.13/apache-rat-0.13-bin.tar.gz
  2. tar zxvf apache-rat-0.13-bin.tar.gz

Given your source dir is apache-doris-a.b.c-incubating-src, you can check with following command. It will output a file list which don’t include ASF license header, and these files used other licenses.

  1. /usr/java/jdk/bin/java  -jar apache-rat-0.13/apache-rat-0.13.jar -a -d apache-doris-a.b.c-incubating-src -E apache-doris-a.b.c-incubating-src/.rat-excludes

4. Verify building

To compile the Doris, please read Compilation