This is an automated email from the ASF dual-hosted git repository. kwin pushed a commit to branch feature/sign-jars in repository https://gitbox.apache.org/repos/asf/sling-ide-tooling.git
commit f7a0edf1dc1cf6e8851572f006019b872f9da5b2 Author: Konrad Windszus <[email protected]> AuthorDate: Sun Nov 6 18:53:07 2022 +0100 SLING-10064 Sign JARs and build P2 repo in a dedicated stage Leverage the PKCS#11 library from DigiCert ONE being set up with https://issues.apache.org/jira/browse/INFRA-23844 --- Jenkinsfile | 15 ++++++++- eclipse/p2update/pom.xml | 85 ++++++++++++++---------------------------------- eclipse/pom.xml | 1 - 3 files changed, 39 insertions(+), 62 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index ce88ca21..a2c7ab22 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -20,6 +20,7 @@ def jobConfig = [ helper.runWithErrorHandling(jobConfig, { parallel 'linux': generateStages('linux', mvnVersion, javaVersion), 'windows': generateStages('windows', mvnVersion, javaVersion) + buildSignedP2Repository( mvnVersion, javaVersion ) }) // generates os-specific stages @@ -48,7 +49,7 @@ def generateStages(String os, def mvnVersion, def javaVersion) { timeout(20) { // workaround for https://issues.jenkins-ci.org/browse/JENKINS-39415 wrap([$class: 'Xvfb', autoDisplayName: true]) { - runCmd 'mvn -f eclipse clean verify' + runCmd 'mvn -f eclipse clean install' } // workaround for https://issues.jenkins-ci.org/browse/JENKINS-55889 junit(testResults: 'eclipse/**/surefire-reports/*.xml', allowEmptyResults: true) @@ -70,6 +71,18 @@ def generateStages(String os, def mvnVersion, def javaVersion) { } } +def buildSignedP2Repository( def mvnVersion, def javaVersion ) { + node('pkcs11') { + stage(' Build Signed P2 Repository') { + checkout scm + withMaven(maven: mvnVersion, jdk: javaVersion, mavenLocalRepo: '.repository', options: [artifactsPublisher(disabled: true)]) { + timeout(20) { + runCmd 'mvn -f eclipse/p2update clean verify' + } + } + } + } +} def runCmd(def cmd) { if (isUnix() ) { sh cmd diff --git a/eclipse/p2update/pom.xml b/eclipse/p2update/pom.xml index 7a689260..000c0d85 100644 --- a/eclipse/p2update/pom.xml +++ b/eclipse/p2update/pom.xml @@ -60,66 +60,31 @@ <build> <plugins> <plugin> - <groupId>net.jsign</groupId> - <artifactId>jsign-maven-plugin</artifactId> - <version>4.2</version> - <executions> - <execution> - <goals> - <goal>sign</goal> - </goals> - <configuration> - <fileSet> - <directory>target/repository</directory> - <includes> - <include>**/org.apache.sling.*.jar</include> - </includes> - </fileSet> - <name>Apache Sling IDE Tooling for Eclipse</name> - <url>https://sling.apache.org/documentation/development/ide-tooling.html</url> - <alias>Sling-PMC-cert-2022-09_4f01e1ed-9fde-4f84-a5ac-adf82e114a3b</alias> - <storepass>${settings.server.digicertoneasf.passphrase}|path</storepass> - <storetype>DIGICERTONE</storetype> - </configuration> - </execution> - </executions> - </plugin> - - <!-- - This plugin is not yet released. To use this code signing, install the - pluging locally and then run with the 'codesign' profile. See the Sling IDE - tooling docs for more instructions - <plugin> - <groupId>org.apache.sling</groupId> - <artifactId>codesign-maven-plugin</artifactId> - <version>1.0.0-SNAPSHOT</version> - <executions> - <execution> - <id>codesign</id> - <phase>package</phase> - <goals> - <goal>sign</goal> - </goals> - </execution> - </executions> - <configuration> - <applicationName>Apache Sling IDE Tooling for Eclipse</applicationName> - <applicationVersion>${qualifiedVersion}</applicationVersion> - <includeProjectArtifact>false</includeProjectArtifact> - <artifactSets> - <artifactSet> - <directory>target/repository/features</directory> - <include>org.apache.sling.*.jar</include> - </artifactSet> - <artifactSet> - <directory>target/repository/plugins</directory> - <include>org.apache.sling.*.jar</include> - </artifactSet> - </artifactSets> - <signingService>Java TEST Signing Sha256</signingService> - </configuration> - </plugin> - --> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jarsigner-plugin</artifactId> + <version>3.0.0</version> + <executions> + <execution> + <id>sign</id> + <goals> + <goal>sign</goal> + </goals> + </execution> + </executions> + <configuration> + <keystore>NONE</keystore> + <alias>Sling-PMC-cert-2022-09_4f01e1ed-9fde-4f84-a5ac-adf82e114a3b</alias> + <storepass>none</storepass> + <providerClass>sun.security.pkcs11.SunPKCS11</providerClass> + <storetype>PKCS11</storetype> + <providerArg>${env.PKCS11_CONFIG}</providerArg> + <tsa>http://timestamp.digicert.com</tsa> + <verbose>true</verbose> + <processMainArtifact>false</processMainArtifact> + <archiveDirectory>${project.build.directory}/repository</archiveDirectory> + </configuration> + </plugin> + <plugin> <groupId>org.eclipse.tycho.extras</groupId> <artifactId>tycho-p2-extras-plugin</artifactId> diff --git a/eclipse/pom.xml b/eclipse/pom.xml index 7081f767..bbb9abe0 100644 --- a/eclipse/pom.xml +++ b/eclipse/pom.xml @@ -47,7 +47,6 @@ <module>eclipse-sightly-core</module> <module>eclipse-sightly-ui</module> <module>sightly-feature</module> - <module>p2update</module> <!-- test modules activated per profile --> </modules>
