Scripts & instructions to craft official Apache source releases (#7054)

* Apache Releases https://github.com/mistercrunch/superset/blob/apache-releases/RELEASING.md#apache-releases * npm run prod -> npm run build
2026-06-03 22:59:21 +00:00 · 2019-03-25 16:21:26 -07:00
parent 4c5e6ca208
commit ebb32101c9
4 changed files with 121 additions and 55 deletions
--- a/scripts/sign.sh
+++ b/scripts/sign.sh
@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+# Use this to sign the tar balls generated from
+# python setup.py sdist --formats=gztar
+# ie. sign.sh <my_tar_ball>
+# you will still be required to type in your signing key password
+# or it needs to be available in your keychain
+
+NAME=${1}
+
+gpg --armor --output ${NAME}.asc --detach-sig ${NAME}
+gpg --print-md SHA512 ${NAME} > ${NAME}.sha512