openjpa-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Patrick Linskey <plins...@gmail.com>
Subject Re: Maven plugin config to sign artifacts (was: OpenJPA 1.1.0 release planning)
Date Wed, 14 May 2008 18:37:01 GMT
Hi,

I've had some troubles getting this patch working:

1. with the <parent> section enabled, I get errors about not finding  
a ../pom.xml file. Do we need to make other environmental changes for  
that to work?

2. with the maven-gpg-plugin, I get an error when signing one of the  
release artifacts:

[INFO] [gpg:sign {execution: default}]
gpg: can't create `/Users/pcl/src/openjpa/branches/1.1.0/openjpa- 
project/target/gpg/../target/site/downloads/apache-openjpa-1.1.0- 
binary.zip.asc': No such file or directory

Note that there is no 'gpg' directory in openjpa-project/target. The  
correct path should probably be /Users/pcl/src/openjpa/branches/1.1.0/ 
openjpa-project/target/../target/site/downloads/apache-openjpa-1.1.0- 
binary.zip.asc

Any idea why that extra 'gpg' directory would insinuate itself into  
the patch? Any suggestions about how to get rid of it?

Other than that, there are tons of new .asc and .md5 files created for  
all sorts of intermediate artifacts, so the plugin is probably working  
for the most part.

-Patrick

On Apr 8, 2008, at 8:30 AM, Wendy Smoak wrote:

> On Fri, Apr 4, 2008 at 12:40 PM, Wendy Smoak <wsmoak@gmail.com> wrote:
>
>> Please review the release process to make sure that detached
>> signatures (.asc files) are produced for all artifacts in the Maven
>> repo, as well for as the normal release distributions.
>
> Hello again.  I met up with Craig at the AC EU hackathon and took a
> look at http://openjpa.apache.org/releasing-openjpa.html and the
> build.
>
> Here's what I've got so far for the top-level pom.  This adds the ASF
> organizational pom as a parent, and configures the GPG plugin to sign
> the artifacts.  Unfortunately I'm not set up to build the entire thing
> with the release profile enabled, so I can't be sure this doesn't
> break anything else...
>
> Index: pom.xml
> ===================================================================
> --- pom.xml	(revision 645306)
> +++ pom.xml	(working copy)
> @@ -22,6 +22,11 @@
>          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
>             http://maven.apache.org/maven-v4_0_0.xsd">
>     <modelVersion>4.0.0</modelVersion>
> +    <parent>
> +        <groupId>org.apache</groupId>
> +        <artifactId>apache</artifactId>
> +        <version>4</version>
> +    </parent>
>     <prerequisites>
>         <maven>2.0.4</maven>
>     </prerequisites>
> @@ -104,6 +109,25 @@
>             <modules>
>                 <module>openjpa-project</module>
>             </modules>
> +            <build>
> +                <plugins>
> +                    <plugin>
> +                      <groupId>org.apache.maven.plugins</groupId>
> +                      <artifactId>maven-gpg-plugin</artifactId>
> +                      <version>1.0-alpha-4</version>
> +                      <configuration>
> +                        <passphrase>${gpg.passphrase}</passphrase>
> +                      </configuration>
> +                      <executions>
> +                        <execution>
> +                          <goals>
> +                            <goal>sign</goal>
> +                          </goals>
> +                        </execution>
> +                      </executions>
> +                    </plugin>
> +                </plugins>
> +            </build>
>         </profile>
>
>         <!--
>
> After this, you should be able to remove the Antrun plugin config
> that's doing the signatures in the openjpa-project module.
>
> (Signatures for the artifacts in the central repo are my main concern,
> but if there is interest in reducing the number of steps involved in
> the release process, I can make some suggestions.)
>
> -- 
> Wendy

-- 
Patrick Linskey
202 669 5907


Mime
View raw message