On 7/07/2006 2:27 AM, Phil Steitz wrote:
2) Need to decide whether we want dated snaps or just overwriting. If
the latter, we would need a way to purge old stuff (like the crontab
that runs on Minotaur that purges out the old nightly distros).
I generally prefer dated (just in case something is broken with today's,
you can try yesterdays). However, it does give you the obligation to
clean up afterwards (not necessarily a bad thing).
Neither work in Maven 2 if you are downloading from a Maven 1 repo at
the moment (dated because there was never any facility for that,
SNAPSHOT because of the bug Jorg mentioned).
3) Ensure that the deploy target hosts are set correctly in all of the
POMs - maybe modify the script to check to avoid accidental
deployments to java-repository.
+1, and also check that currentVersion endsWith -SNAPSHOT.
4) Someone needs to remind me (or just patch the script) of the
correct maven 1 target to execute. (jar:snapshot-deploy or somesuch).
With the current plugins installed, jar:deploy will do a dated snapshot
by default I think, based on the end of the version.
5) I either need to get over reservations about signing myself, or be
OK with no sigs. Is it OK to deploy unsigned stuff to the snapshot
repo? The same actually applies to the zips, tars being generated by
the script now.
As Craig said, no need to sign them.
It's a false sense of security when they aren't any more secure (anyone
that can compromise the machine can compromise the key being used to
sign them if it is automated).
- Brett
--
Apache Maven - http://maven.apache.org/
Better Builds with Maven - http://library.mergere.com/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
