Description
At some point in the past, we started creating a snapshots of KEYS (taken from the auto-generated data from id.apache.org) in the release dir of each release...
http://www.apache.org/dist/lucene/solr/4.4.0/KEYS
http://www.apache.org/dist/lucene/java/4.4.0/KEYS
http://archive.apache.org/dist/lucene/java/4.3.0/KEYS
http://archive.apache.org/dist/lucene/solr/4.3.0/KEYS
etc...
But we also still have some "general" KEYS files...
https://www.apache.org/dist/lucene/KEYS
https://www.apache.org/dist/lucene/java/KEYS
https://www.apache.org/dist/lucene/solr/KEYS
...which (as i discovered when i went to add my key to them today) are stale and don't seem to be getting updated.
I vaguely remember someone (rmuir?) explaining to me at one point the reason we started creating a fresh copy of KEYS in each release dir, but i no longer remember what they said, and i can't find any mention of a reason in any of the release docs, or in any sort of comment in buildAndPushRelease.py
we probably do one of the following:
- remove these "general" KEYS files
- add a disclaimer to the top of these files that they are legacy files for verifying old releases and are no longer used for new releases
- ensure these files are up to date stop generating per-release KEYS file copies
- update our release process to ensure that the general files get updated on each release as well
Attachments
Attachments
Issue Links
- blocks
-
SOLR-5085 update ref guide release process to account for SHA1 checksum, PGP signing, and KEYS files
-
- Resolved
-