-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 +1 We set up ogce.m2.all some time back to remove ibiblio and other undependable dependencies, but I'm in favor of phasing this out.
Marlon On 4/25/12 11:31 AM, Suresh Marru wrote: > > On Apr 25, 2012, at 11:25 AM, Mattmann, Chris A (388J) wrote: > >> Hi Guys, >> >> Related to this, it's really important to get jars into Maven Central. See >> this post from Sonatype: >> >> http://www.sonatype.com/people/2010/03/why-external-repos-are-being-phased-out-of-central/ >> >> External non Central repos are being phased out. There are several ways to >> get 3rd party jars >> into Central, and yes, it's a pain, but IMHO too, a necessary one. We >> shouldn't have deps to >> non Central repositories. >> >> In OODT we are down to like 1 of these (or 2 at max) after having TONs >> coming into Apache. >> In Tika, I believe we have 0 (thanks to Jukka and others). So I think we >> should strive to get >> there in Airavata. >> >> Whether it should block a release however, versus something that should be >> done before >> we exit the Incubator, is up for debate. I don't feel strongly that this >> should block an Incubator >> release, however I do feel strongly it should be dealt with before we get >> out of the Incubator. > > Thanks Chris. This is laborious task for sure, but in the interest of > speeding up the build and to adhere to compliance, I vote for getting rid of > this now. Unless some one else can get it to it before tomorrow, I will start > on this one tomorrow and will take care of it. If you have pointers to any > other documentation on getting external jars into maven central please send > them. > > Suresh > >> >> Cheers, >> Chris >> >> On Apr 25, 2012, at 8:19 AM, Ate Douma wrote: >> >>> On 04/23/2012 01:28 PM, Suresh Marru wrote: >>>> Hi All, >>>> >>>> Jenkins is failing randomly trying to pull j2ssh jars from ibiblio - >>>> "Could not transfer artifact j2ssh:j2ssh-core:pom:0.2.9 from/to ibiblio >>>> (http://mirrors.ibiblio.org/pub/mirrors/maven2): Error transferring file: >>>> Connection refused" >>>> >>>> Any alternative maven repo for these jars? >>> >>> Yeah: like maven central? >>> >>> I saw you later comment you now uploaded these to the ogce.m2.all maven >>> repo to 'fix' this. However IMO this is a bad practice if the *default* >>> repository (Maven Central) already provides these as well. >>> >>> It looks like airavata uses many 3rd party repositories for its build but I >>> doubt they are or should be needed in many/most cases. Also note that the >>> more repositories you need/configure, the longer a build will take... >>> >>> The problem here is that the maven central repository is not (also) defined >>> in the root pom which causes maven to *first* check those defined >>> repositories *before* it will fall-back to Maven Central. >>> >>> As a test, I successfully build airavata with no local repository and a >>> local settings.xml which enables/predefines central and *disables* ibiblio, >>> which indeed is notoriously slow and AFAIK nobody should use or even need >>> anymore: >>> >>> <?xml version="1.0" encoding="UTF-8"?> >>> <settings xmlns="http://maven.apache.org/POM/4.0.0";> >>> <profiles> >>> <profile> >>> <id>default-profile</id> >>> <activation> >>> <activeByDefault>true</activeByDefault> >>> </activation> >>> <repositories> >>> <repository> >>> <id>ibiblio</id> >>> <name>ibiblio Repository</name> >>> <url>http://mirrors.ibiblio.org/pub/mirrors/maven2</url> >>> <releases><enabled>false</enabled></releases> >>> <snapshots><enabled>false</enabled></snapshots> >>> </repository> >>> <repository> >>> <id>central</id> >>> <name>Maven Central</name> >>> <url>http://repo1.maven.org/maven2</url> >>> <releases><enabled>true</enabled></releases> >>> <snapshots><enabled>false</enabled></snapshots> >>> </repository> >>> </repositories> >>> </profile> >>> </profiles> >>> </settings> >>> >>> So, I strongly suggest removing the ibiblio repo from the airavata build >>> all together and probably also add the central repo as *first* in the root >>> pom. >>> And it would also be smart to check/validate if possibly you can cleanup in >>> the ogce.m2.all repo... >>> >>> Also, I see usage of a personal repository from Lahiru: >>> >>> http://people.apache.org/~lahiru/maven-repo >>> >>> AFAIK this type of personal repositories on people.apache.org is not >>> endorsed and maybe even not allowed (already now or else in the future) by >>> ASF Infra... >>> I'm not saying this is a blocker right now but why would this be needed in >>> the first place and why are the needed artifacts not available from a >>> general/central repository, preferably Maven Central? >>> >>> Thanks, Ate >> >> >> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >> Chris Mattmann, Ph.D. >> Senior Computer Scientist >> NASA Jet Propulsion Laboratory Pasadena, CA 91109 USA >> Office: 171-266B, Mailstop: 171-246 >> Email: [email protected] >> WWW: http://sunset.usc.edu/~mattmann/ >> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >> Adjunct Assistant Professor, Computer Science Department >> University of Southern California, Los Angeles, CA 90089 USA >> ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ >> > -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJPmBodAAoJEEfVXEODPFID6g8H/3kWMbGP9g4J1P2Flj1VgZV5 SFz/x4Px9ChNCz0bOeIt1VtSKxPI4Hu9VHfudnelNCaYE4EW+oTXJUBxQwmo1yrz xBjJej15A8CPLe9znuu74V3By4BSTSWaQrfvVS0H6gH1jyRfrco5LoSm0gXx/2Pa br6i7VbKZh/BAXl16BKWM0mWFLSoWsko6DZqMSkwer914VFUxwojtCeq1N2vR9qu FNaNhwJBh5DjMY9SfxRRh/dRXNQPN49NRpmSgD7qATsAcPRg3oWkj7XohpXYmn3z bulnkeS/oHJwe3q3qdX+anelhtJEFLMagCWYE+Mfr4ai7xi+3mwG1TasCiXLbS4= =8crp -----END PGP SIGNATURE-----
