maven-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ruben Garat <ruben01....@gmail.com>
Subject Re: Helping projects get into maven central
Date Wed, 02 Mar 2011 15:25:34 GMT
I have looked at those options currently I am using the 7c option of 
invoking the maven gpg plugin with sign-and-deploy from ant but that has 
the problems that I indicated in the first mail, and is not as friendly 
to add to an ant build as just using the maven ant tasks like 
artifact:deploy

One of the projects that I am helping had something like the 
simpleantdeploy.txt attachment.
To deploy to central I had to add something like signanddeploy.txt

The one from the signanddeploy.txt has the advantage that I can install 
or deploy without duplicate configuration.
The one from the simpleantdeploy.txt has the advantage that I can add a 
wagon and deploy to a repo using scp, or another method (needed because 
while getting everything to work I don't want to break the current 
support they had for deploying to a custom repo).

To me the ideal situation would be to be able to add a line to the 
simpleantdeploy.txt one, that said <artifact:gpg /> or something like 
that and have the maven ant tasks automatically sign the deployed artifacts.

Using the maven ant task directly has been the way until now to get ant 
people to deploy to a maven repository and make their libraries 
available, and I think that making that work with the current way (using 
oss.sonatype.org which requires gpg signing) work is the best solution.

Rubén


On 03/02/2011 12:56 PM, Anders Hammar wrote:
> Did you have a look at 7b or 7c of this usage guide? One of these should be
> a fit for you!
>
> /Anders
>
> On Wed, Mar 2, 2011 at 15:19, Ruben Garat<ruben01.dev@gmail.com>  wrote:
>
>> Hi, I am already using oss.sonatype.org and following this guide. But this
>> are projects that are not using maven, they use ant and have no interest to
>> move their build process to maven, even though they are willing to make the
>> effort to get their libraries released into maven central.
>>
>> I think that making it super easy to get non-maven projects released into
>> maven central should be a priority because if have a dependency that isn't
>> there you can't deploy your own proyect. You could use the 3rd party
>> dependency support from oss.sonatype.org but I think it is way better to
>> enable the original project to get into maven central by itself in the
>> easiest way so that they don't see it as a hassle, and everyone gets the
>> best support for the libraries.
>>
>> Rubén
>>
>>
>> On 03/01/2011 08:41 PM, Jochen Wiedmann wrote:
>>
>>> I suggest that you use the Nexus repository manager on
>>> oss.sonatype.org for that. If you follow the instructions at
>>>
>>>
>>> https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide
>>>
>>> then the maven-release-plugin should be able to do anything what you need.
>>>
>>>
>>> On Tue, Mar 1, 2011 at 11:30 PM, Ruben Garat<ruben01.dev@gmail.com>
>>>   wrote:
>>>
>>>> Hi I am trying to help some projects get into maven central, starting
>>>> with
>>>> LWJGL<http://lwjgl.org/>   (opengl binding for java) and Jinput
>>>> <http://jinput.java.net>   (input abstraction, keyboard, mouse, gamepads,
>>>> joystick, etc).
>>>>
>>>> What I am currently doing is using the maven gpg plugin to sign and
>>>> deploy
>>>> but am having some trouble with those two steps being folded into one
>>>> (trying to deploy using scp for example because the mvn invocation of the
>>>> gpg plugin just hangs instead of asking stuff like trusting a host
>>>> signature).
>>>>
>>>> Ideally I would like to be able to use the maven ant tasks to first sign
>>>> the
>>>> artifacts and then deploy them using the artifact:deploy tasks. In order
>>>> to
>>>> be able to do this, I think we would need:
>>>>
>>>>    *       a task for signing files would be needed (or at least a way
>>>>      to sign an artifact/file/files using the maven gpg plugin but not
>>>>      deploying them)
>>>>    *       a way to tell the artifact:deploy task to also deploy the
>>>>      existing signatures (this would allow to use the
>>>>      artifact:install-provider task to add custom wagons).
>>>>
>>>> I think that adding this support to the maven ant tasks would go a long
>>>> way
>>>> to help deploy libraries not made with maven to maven central, seeing as
>>>> gpg
>>>> signing is now a requirement for this.
>>>>
>>>> thanks for your help
>>>>
>>>> Rubén Garat
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe@maven.apache.org
>> For additional commands, e-mail: dev-help@maven.apache.org
>>
>>


Mime
View raw message