How to Verify a Release
Each Apache Iceberg release is validated by the community by holding a vote. A community release manager will prepare a release candidate and call a vote on the Iceberg dev list. To validate the release candidate, community members will test it out in their downstream projects and environments. It’s recommended to report the Java, Scala, Spark, Flink and Hive versions you have tested against when you vote.
In addition to testing in downstream projects, community members also check the release’s signatures, checksums, and license documentation.
Validating a source release candidate
Release announcements include links to the following:
- A source tarball
- A signature (.asc)
- A checksum (.sha512)
- KEYS file
- GitHub change comparison
After downloading the source tarball, signature, checksum, and KEYS file, here are instructions on how to verify signatures, checksums, and documentation.
Verifying Signatures
First, import the keys.
curl https://dist.apache.org/repos/dist/dev/iceberg/KEYS -o KEYS
gpg --import KEYS
Next, verify the .asc file.
gpg --verify apache-iceberg-0.13.2.tar.gz.asc
Verifying Checksums
shasum -a 512 --check apache-iceberg-0.13.2.tar.gz.sha512
Verifying License Documentation
Untar the archive and change into the source directory.
tar xzf apache-iceberg-0.13.2.tar.gz
cd apache-iceberg-0.13.2
Run RAT checks to validate license headers.
dev/check-license
Verifying Build and Test
To verify that the release candidate builds properly, run the following command.
./gradlew build
Testing release binaries
Release announcements will also include a maven repository location. You can use this location to test downstream dependencies by adding it to your maven or gradle build.
To use the release in your maven build, add the following to your POM or settings.xml:
...
<repositories>
<repository>
<id>iceberg-release-candidate</id>
<name>Iceberg Release Candidate</name>
<url>${MAVEN_URL}</url>
</repository>
</repositories>
...
To use the release in your gradle build, add the following to your build.gradle:
repositories {
mavenCentral()
maven {
url "${MAVEN_URL}"
}
}
!!! Note
Replace ${MAVEN_URL} with the URL provided in the release announcement
Verifying with Spark
To verify using spark, start a spark-shell with a command like the following command (use the appropriate
spark-runtime jar for the Spark installation):
spark-shell \
--conf spark.jars.repositories=${MAVEN_URL} \
--packages org.apache.iceberg:iceberg-spark3-runtime:0.13.2 \
--conf spark.sql.extensions=org.apache.iceberg.spark.extensions.IcebergSparkSessionExtensions \
--conf spark.sql.catalog.local=org.apache.iceberg.spark.SparkCatalog \
--conf spark.sql.catalog.local.type=hadoop \
--conf spark.sql.catalog.local.warehouse=${LOCAL_WAREHOUSE_PATH} \
--conf spark.sql.catalog.local.default-namespace=default \
--conf spark.sql.defaultCatalog=local
Verifying with Flink
To verify using Flink, start a Flink SQL Client with the following command:
wget ${MAVEN_URL}/iceberg-flink-runtime/0.13.2/iceberg-flink-runtime-0.13.2.jar
sql-client.sh embedded \
-j iceberg-flink-runtime-0.13.2.jar \
-j ${FLINK_CONNECTOR_PACKAGE}-${HIVE_VERSION}_${SCALA_VERSION}-${FLINK_VERSION}.jar \
shell
Voting
Votes are cast by replying to the release candidate announcement email on the dev mailing list
with either +1, 0, or -1.
[ ] +1 Release this as Apache Iceberg 0.13.2 [ ] +0 [ ] -1 Do not release this because…
In addition to your vote, it’s customary to specify if your vote is binding or non-binding. Only members of the Project Management Committee have formally binding votes. If you’re unsure, you can specify that your vote is non-binding. To read more about voting in the Apache framework, checkout the Voting information page on the Apache foundation’s website.