Return-Path: X-Original-To: apmail-commons-dev-archive@www.apache.org Delivered-To: apmail-commons-dev-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 171277C53 for ; Wed, 21 Dec 2011 18:03:51 +0000 (UTC) Received: (qmail 88984 invoked by uid 500); 21 Dec 2011 18:03:50 -0000 Delivered-To: apmail-commons-dev-archive@commons.apache.org Received: (qmail 88628 invoked by uid 500); 21 Dec 2011 18:03:50 -0000 Mailing-List: contact dev-help@commons.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Commons Developers List" Delivered-To: mailing list dev@commons.apache.org Received: (qmail 88616 invoked by uid 99); 21 Dec 2011 18:03:49 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Dec 2011 18:03:49 +0000 X-ASF-Spam-Status: No, hits=2.2 required=5.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of garydgregory@gmail.com designates 209.85.210.171 as permitted sender) Received: from [209.85.210.171] (HELO mail-iy0-f171.google.com) (209.85.210.171) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Dec 2011 18:03:45 +0000 Received: by iagw33 with SMTP id w33so42631345iag.30 for ; Wed, 21 Dec 2011 10:03:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=zy/KLpReapTlbCAnLZ842/mN6ACIw5u987VQ6twqDik=; b=rmJkzdEHAd0VVlxLKQ/GbkYMIc+8WMume53BZuKR4xvKa2KM54pfLcg5T1ngJ49fgY Wf7YTlcFNFT97ccwU+tPc2YBU/mJQeSp+gm2xUgU0o1dVZjpBl9cgd/OwPqQ0v2amrbQ hFxenE9US3vDo0zhLxwqtXKu3kGuRBU1dV/Iw= MIME-Version: 1.0 Received: by 10.42.244.1 with SMTP id lo1mr6075533icb.9.1324490604833; Wed, 21 Dec 2011 10:03:24 -0800 (PST) Received: by 10.43.48.193 with HTTP; Wed, 21 Dec 2011 10:03:24 -0800 (PST) In-Reply-To: References: <-6554969634218117115@unknownmsgid> Date: Wed, 21 Dec 2011 13:03:24 -0500 Message-ID: Subject: Re: [dbutils] sign-artifacts hangs during release:prepare From: Gary Gregory To: Commons Developers List Content-Type: multipart/alternative; boundary=90e6ba3fceff026a3304b49e0024 --90e6ba3fceff026a3304b49e0024 Content-Type: text/plain; charset=UTF-8 On Wed, Dec 21, 2011 at 12:23 PM, William Speirs wrote: > I was able to get past the SVN authentication issue by providing my > username and password on the command line like this: > > -Dusername=wspeirs -Dpassword=XXXXX > > However, I was still required to type my password ~10 times during the > upload process. Is there any way around this? I feel like my > settings.xml file is wrong: > > > > apache.releases.https > wspeirs > {XXXXXXXXXX} > 664 > 775 > > > apache.website > wspeirs > {XXXXXXXXXX} > 664 > 775 > > > apache.snapshots.https > wspeirs > {XXXXXXXXXX} > 664 > 775 > > > > > Gary, I have no clue what a "infra Jira" is... > > Here it is: https://issues.apache.org/jira/browse/INFRA?selectedTab=com.atlassian.jira.plugin.system.project%3Asummary-panel Gary > > Thanks! > > Bill- > > On Thu, Dec 15, 2011 at 7:13 AM, Gary Gregory > wrote: > > On Dec 15, 2011, at 4:42, sebb wrote: > > > >> On 15 December 2011 03:32, William Speirs wrote: > >>> Anyone have any idea on this? Should I be seeing basic auth for my > >>> challenge? Where can I set the password as I was never prompted to > >>> enter it. > >>> > >>> At this point, can someone else deploy RC1 while I figure out what is > >>> wrong on my end? > >> > >> I don't use the release plugin so cannot help directly. > >> > >> You could create the RC tag manually, as described in > >> > >> > http://wiki.apache.org/commons/UsingNexus#Create_the_SVN_tags_.28Manual_method.29 > >> > >> This has the advantage that trunk never loses the SNAPSHOT suffix, and > >> you have a clean workspace in which to build the code, and the SVN > >> commands are not buried in the Maven invocation. > >> > >> However, AFAICT dbutils is not currently set up to use Nexus - it's > >> not an o.a.c groupId - so you cannot use Nexus to stage and deploy the > >> Maven artifacts. > > > > You just need an infra Jira to create the nexus stuff for this group Id. > > > > Gary > > > >> > >> Be very careful you don't accidentally deploy the artifacts to the > >> live repo before the vote succeeds. > >> Sorry, but I don't know how deployment is done without Nexus. > >> > >>> Thanks... > >>> > >>> Bill- > >>> > >>> On Tue, Dec 13, 2011 at 4:32 PM, William Speirs > wrote: > >>>> First, thank you all again for the help! > >>>> > >>>> I got past the GPG step, now I'm stuck on password/auth issues now > with SVN :-( > >>>> > >>>> I thought the issue was that my password manager wasn't authed and > >>>> that svn was working in a non-interactive mode, so it couldn't get my > >>>> password; this was the reason for -r1213934. > >>>> > >>>> Anyway, output below... any/all ideas welcomed! > >>>> > >>>> Bill- > >>>> > >>>> [INFO] Checking in modified POMs... > >>>> [INFO] Executing: /bin/sh -c cd > >>>> /home/wspeirs/workspace/commons-dbutils && svn --non-interactive > >>>> commit --file /tmp/maven-scm-481300763.commit --targets > >>>> /tmp/maven-scm-3917786176898805146-targets > >>>> [INFO] Working directory: /home/wspeirs/workspace/commons-dbutils > >>>> [INFO] > ------------------------------------------------------------------------ > >>>> [ERROR] BUILD FAILURE > >>>> [INFO] > ------------------------------------------------------------------------ > >>>> [INFO] Unable to commit files > >>>> Provider message: > >>>> The svn command failed. > >>>> Command output: > >>>> svn: Commit failed (details follow): > >>>> svn: MKACTIVITY of > >>>> '/repos/asf/!svn/act/3b6f8370-abd6-4d88-adeb-7dc981ecd57f': > >>>> authorization failed: Could not authenticate to server: rejected Basic > >>>> challenge (https://svn.apache.org) > >>>> > >>>> > >>>> On Tue, Dec 13, 2011 at 10:28 AM, sebb wrote: > >>>>> On 13 December 2011 15:19, William Speirs > wrote: > >>>>>> I will try adding the additional elements: > >>>>>> > >>>>>> /path/to/secring.gpg > >>>>>> > >>>>>> gpg2 > >>>>> > >>>>> Sorry, should have clarified - the above requires gpg2 to be > installed > >>>>> and created. > >>>>> > >>>>> I installed both gpg1 and gpg2, and created gpg1 and gpg2 as copies > of > >>>>> their respective gpg executables. > >>>>> e.g. on Windows copy gpg.exe gpg.exe > >>>>> > >>>>> Both versions of gpg are on the execution path; running gpg picks the > >>>>> first one; running gpg1 or gpg2 picks only that version. > >>>>> > >>>>> This enables quick swapping between them as required. > >>>>> > >>>>>> And also try with gpg2. > >>>>>> > >>>>>> I'll try later today and update. > >>>>>> > >>>>>> Thanks again for all of the help! > >>>>>> > >>>>>> Bill- > >>>>>> > >>>>>> On Tue, Dec 13, 2011 at 9:23 AM, Gary Gregory < > garydgregory@gmail.com> wrote: > >>>>>>> FWIW: My set up is such that I always enter my password on the CLI > when > >>>>>>> Maven asks for it. > >>>>>>> > >>>>>>> Gary > >>>>>>> > >>>>>>> On Tue, Dec 13, 2011 at 9:20 AM, sebb wrote: > >>>>>>> > >>>>>>>> On 13 December 2011 13:53, William Speirs > wrote: > >>>>>>>>> On Tue, Dec 13, 2011 at 12:16 AM, Gary Gregory < > garydgregory@gmail.com> > >>>>>>>> wrote: > >>>>>>>>>> Did you do the whole master pass phrase/obfuscated stuff that > the top > >>>>>>>>>> of the Using Nexus wiki points to? > >>>>>>>>> > >>>>>>>>> I did not do this at first, but I have since tried. I setup my > >>>>>>>>> settings-security.xml file as show on the wiki page, and added > the > >>>>>>>>> encrypted passwords to my settings.xml file. Still doesn't work. > >>>>>>>>> > >>>>>>>>> Below is my entire settings.xml file (with passwords removed). By > >>>>>>>>> adding the element, it will not hang but > prompt me > >>>>>>>>> for a password if it's not supplied via . > However, > >>>>>>>>> even when I type my passphrase in, it still rejects it. Again, > if I > >>>>>>>>> use gpg -c somefile.txt and type in that same passphrase, > everything > >>>>>>>>> works. > >>>>>>>>> > >>>>>>>>> I'm testing this by running: mvn -Prc,apache package gpg:sign > >>>>>>>> > >>>>>>>> Not sure what the rc profile does compared with the release > profile. > >>>>>>>> > >>>>>>>> What version of GPG are you using? > >>>>>>>> > >>>>>>>> > >>>>>>>>> And I keep getting: > >>>>>>>>> > >>>>>>>>> [INFO] [gpg:sign {execution: default-cli}] > >>>>>>>>> gpg: skipped "B0EC1E65": bad passphrase > >>>>>>>>> gpg: signing failed: bad passphrase > >>>>>>>>> > >>>>>>>>> I'm at a loss at this point... > >>>>>>>>> > >>>>>>>>> Bill- > >>>>>>>>> > >>>>>>>>> * settings.xml * > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> >>>>>>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > >>>>>>>>> xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 > >>>>>>>>> http://maven.apache.org/xsd/settings-1.0.0.xsd"> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> apache.releases > >>>>>>>>> wspeirs > >>>>>>>>> {my encrypted Apache password here} > >>>>>>>>> 664 > >>>>>>>>> 775 > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> apache.website > >>>>>>>>> wspeirs > >>>>>>>>> {my encrypted Apache password here} > >>>>>>>>> 664 > >>>>>>>>> 775 > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> apache.snapshots > >>>>>>>>> wspeirs > >>>>>>>>> {my encrypted Apache password here} > >>>>>>>>> 664 > >>>>>>>>> 775 > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> apache > >>>>>>>>> > >>>>>>>>> false > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> forked-path > >>>>>>>>> > scp > >>>>>>>>> B0EC1E65 > >>>>>>>>> {my encrypted GPG password > here} > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>>> > >>>>>>>> > >>>>>>>> I use an external GPG database (on a USB stick); but for test > purposes > >>>>>>>> I have a dummy signing key using a local database. > >>>>>>>> > >>>>>>>> > >>>>>>>> keyTest > >>>>>>>> > >>>>>>>> Deploy Test User > >>>>>>>> password in clear > >>>>>>>> false > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> Here's the real key profile: > >>>>>>>> > >>>>>>>> > >>>>>>>> keyReal > >>>>>>>> > >>>>>>>> 4FAD5F62 > >>>>>>>> /path/to/secring.gpg > >>>>>>>> > >>>>>>>> gpg2 > >>>>>>>> false > >>>>>>>> > >>>>>>>> > >>>>>>>> > >>>>>>>> I found gpg2 worked better for me, but I still use gpg1 sometimes. > >>>>>>>> > >>>>>>>> The real gpg password is not stored anywhere; I have to enter it > at > >>>>>>>> run-time. > >>>>>>>> > >>>>>>>> For example, if I remove the test password, I see the following: > >>>>>>>> > >>>>>>>> mvn package gpg:sign -PkeyTest > >>>>>>>> ... > >>>>>>>> [INFO] [jar:jar {execution: default-jar}] > >>>>>>>> [INFO] [jar:test-jar {execution: default}] > >>>>>>>> [INFO] [gpg:sign {execution: default-cli}] > >>>>>>>> GPG Passphrase: * <= enter the passphrase here. > >>>>>>>> > >>>>>>>> The same applies to gpg1 and gpg2, but if I use gpg2, I also get > the > >>>>>>>> following warnings: > >>>>>>>> > >>>>>>>> gpg: WARNING: "--no-use-agent" is an obsolete option - it has no > effect > >>>>>>>> gpg: WARNING: "--no-use-agent" is an obsolete option - it has no > effect > >>>>>>>> gpg: WARNING: "--no-use-agent" is an obsolete option - it has no > effect > >>>>>>>> > >>>>>>>> The settings-security.xml file is not needed for GPG passwords. > >>>>>>>> And I've not tried it. > >>>>>>>> > >>>>>>>> I suggest you set up a dummy local key and password as per my > example. > >>>>>>>> Get that working, then try specifying the secret key ring to > point to > >>>>>>>> the dummy key. > >>>>>>>> When that works, drop the password. > >>>>>>>> Then fix the secret key ring tag to point to your real secret key > ring. > >>>>>>>> > >>>>>>>>> > >>>>>>>>> > --------------------------------------------------------------------- > >>>>>>>>> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > >>>>>>>>> For additional commands, e-mail: dev-help@commons.apache.org > >>>>>>>>> > >>>>>>>> > >>>>>>>> > --------------------------------------------------------------------- > >>>>>>>> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > >>>>>>>> For additional commands, e-mail: dev-help@commons.apache.org > >>>>>>>> > >>>>>>>> > >>>>>>> > >>>>>>> > >>>>>>> -- > >>>>>>> E-Mail: garydgregory@gmail.com | ggregory@apache.org > >>>>>>> JUnit in Action, 2nd Ed: > http://bit.ly/ECvg0 > >>>>>>> Spring Batch in Action: > http://bit.ly/bqpbCK > >>>>>>> Blog: http://garygregory.wordpress.com > >>>>>>> Home: http://garygregory.com/ > >>>>>>> Tweet! http://twitter.com/GaryGregory > >>>>>> > >>>>>> > --------------------------------------------------------------------- > >>>>>> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > >>>>>> For additional commands, e-mail: dev-help@commons.apache.org > >>>>>> > >>>>> > >>>>> --------------------------------------------------------------------- > >>>>> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > >>>>> For additional commands, e-mail: dev-help@commons.apache.org > >>>>> > >>> > >>> --------------------------------------------------------------------- > >>> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > >>> For additional commands, e-mail: dev-help@commons.apache.org > >>> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > >> For additional commands, e-mail: dev-help@commons.apache.org > >> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > > For additional commands, e-mail: dev-help@commons.apache.org > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org > For additional commands, e-mail: dev-help@commons.apache.org > > -- E-Mail: garydgregory@gmail.com | ggregory@apache.org JUnit in Action, 2nd Ed: http://bit.ly/ECvg0 Spring Batch in Action: http://bit.ly/bqpbCK Blog: http://garygregory.wordpress.com Home: http://garygregory.com/ Tweet! http://twitter.com/GaryGregory --90e6ba3fceff026a3304b49e0024--