I agree on not auto-signing (the script does not do it, on purpose). I was referring to deploying release artifact JARs.
OK, then we are done then. Thanks. On Thu, Jan 30, 2014 at 5:02 PM, Roman Shaposhnik <r...@apache.org> wrote: > On Thu, Jan 30, 2014 at 4:43 PM, Alejandro Abdelnur <t...@cloudera.com> > wrote: > > We could improve this script further to deploy the built JARs to the > Maven > > repo. I don't know how to do this, so it would be great if somebody that > > know how jumps on that. Maybe a s a follow up JIRA, so we have something > > going. > > If you're talking about -SNAPSHOT bits -- there's nothing to do. All > official > build slaves on builds.apache.org are supposed to be setup with the > right configs so that mvn deploy will do the trick. If you're talking about > release artifacts -- it is absolutely NOT a good idea to automate that. > Just like its not a good idea to automate signing the release bits with > your personal key. > > Thanks, > Roman. > -- Alejandro