On Dec 15, 2011, at 4:42, sebb <seb...@gmail.com> wrote: > On 15 December 2011 03:32, William Speirs <wspe...@apache.org> wrote: >> Anyone have any idea on this? Should I be seeing basic auth for my >> challenge? Where can I set the password as I was never prompted to >> enter it. >> >> At this point, can someone else deploy RC1 while I figure out what is >> wrong on my end? > > I don't use the release plugin so cannot help directly. > > You could create the RC tag manually, as described in > > http://wiki.apache.org/commons/UsingNexus#Create_the_SVN_tags_.28Manual_method.29 > > This has the advantage that trunk never loses the SNAPSHOT suffix, and > you have a clean workspace in which to build the code, and the SVN > commands are not buried in the Maven invocation. > > However, AFAICT dbutils is not currently set up to use Nexus - it's > not an o.a.c groupId - so you cannot use Nexus to stage and deploy the > Maven artifacts.
You just need an infra Jira to create the nexus stuff for this group Id. Gary > > Be very careful you don't accidentally deploy the artifacts to the > live repo before the vote succeeds. > Sorry, but I don't know how deployment is done without Nexus. > >> Thanks... >> >> Bill- >> >> On Tue, Dec 13, 2011 at 4:32 PM, William Speirs <wspe...@apache.org> wrote: >>> First, thank you all again for the help! >>> >>> I got past the GPG step, now I'm stuck on password/auth issues now with SVN >>> :-( >>> >>> I thought the issue was that my password manager wasn't authed and >>> that svn was working in a non-interactive mode, so it couldn't get my >>> password; this was the reason for -r1213934. >>> >>> Anyway, output below... any/all ideas welcomed! >>> >>> Bill- >>> >>> [INFO] Checking in modified POMs... >>> [INFO] Executing: /bin/sh -c cd >>> /home/wspeirs/workspace/commons-dbutils && svn --non-interactive >>> commit --file /tmp/maven-scm-481300763.commit --targets >>> /tmp/maven-scm-3917786176898805146-targets >>> [INFO] Working directory: /home/wspeirs/workspace/commons-dbutils >>> [INFO] >>> ------------------------------------------------------------------------ >>> [ERROR] BUILD FAILURE >>> [INFO] >>> ------------------------------------------------------------------------ >>> [INFO] Unable to commit files >>> Provider message: >>> The svn command failed. >>> Command output: >>> svn: Commit failed (details follow): >>> svn: MKACTIVITY of >>> '/repos/asf/!svn/act/3b6f8370-abd6-4d88-adeb-7dc981ecd57f': >>> authorization failed: Could not authenticate to server: rejected Basic >>> challenge (https://svn.apache.org) >>> >>> >>> On Tue, Dec 13, 2011 at 10:28 AM, sebb <seb...@gmail.com> wrote: >>>> On 13 December 2011 15:19, William Speirs <wspe...@apache.org> wrote: >>>>> I will try adding the additional elements: >>>>> >>>>> <gpg.secretKeyring>/path/to/secring.gpg</gpg.secretKeyring> >>>>> <!-- must be on the execution path --> >>>>> <gpg.executable>gpg2</gpg.executable> >>>> >>>> Sorry, should have clarified - the above requires gpg2 to be installed >>>> and created. >>>> >>>> I installed both gpg1 and gpg2, and created gpg1 and gpg2 as copies of >>>> their respective gpg executables. >>>> e.g. on Windows copy gpg.exe gpg<n>.exe >>>> >>>> Both versions of gpg are on the execution path; running gpg picks the >>>> first one; running gpg1 or gpg2 picks only that version. >>>> >>>> This enables quick swapping between them as required. >>>> >>>>> And also try with gpg2. >>>>> >>>>> I'll try later today and update. >>>>> >>>>> Thanks again for all of the help! >>>>> >>>>> Bill- >>>>> >>>>> On Tue, Dec 13, 2011 at 9:23 AM, Gary Gregory <garydgreg...@gmail.com> >>>>> wrote: >>>>>> FWIW: My set up is such that I always enter my password on the CLI when >>>>>> Maven asks for it. >>>>>> >>>>>> Gary >>>>>> >>>>>> On Tue, Dec 13, 2011 at 9:20 AM, sebb <seb...@gmail.com> wrote: >>>>>> >>>>>>> On 13 December 2011 13:53, William Speirs <wspe...@apache.org> wrote: >>>>>>>> On Tue, Dec 13, 2011 at 12:16 AM, Gary Gregory <garydgreg...@gmail.com> >>>>>>> wrote: >>>>>>>>> Did you do the whole master pass phrase/obfuscated stuff that the top >>>>>>>>> of the Using Nexus wiki points to? >>>>>>>> >>>>>>>> I did not do this at first, but I have since tried. I setup my >>>>>>>> settings-security.xml file as show on the wiki page, and added the >>>>>>>> encrypted passwords to my settings.xml file. Still doesn't work. >>>>>>>> >>>>>>>> Below is my entire settings.xml file (with passwords removed). By >>>>>>>> adding the <mavenExecutorId> element, it will not hang but prompt me >>>>>>>> for a password if it's not supplied via <gpg.passphrase>. However, >>>>>>>> even when I type my passphrase in, it still rejects it. Again, if I >>>>>>>> use gpg -c somefile.txt and type in that same passphrase, everything >>>>>>>> works. >>>>>>>> >>>>>>>> I'm testing this by running: mvn -Prc,apache package gpg:sign >>>>>>> >>>>>>> Not sure what the rc profile does compared with the release profile. >>>>>>> >>>>>>> What version of GPG are you using? >>>>>>> >>>>>>> >>>>>>>> And I keep getting: >>>>>>>> >>>>>>>> [INFO] [gpg:sign {execution: default-cli}] >>>>>>>> gpg: skipped "B0EC1E65": bad passphrase >>>>>>>> gpg: signing failed: bad passphrase >>>>>>>> >>>>>>>> I'm at a loss at this point... >>>>>>>> >>>>>>>> Bill- >>>>>>>> >>>>>>>> * settings.xml * >>>>>>>> >>>>>>>> <?xml version="1.0"?> >>>>>>>> <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"; >>>>>>>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >>>>>>>> xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 >>>>>>>> http://maven.apache.org/xsd/settings-1.0.0.xsd";> >>>>>>>> <servers> >>>>>>>> <server> >>>>>>>> <id>apache.releases</id> >>>>>>>> <username>wspeirs</username> >>>>>>>> <password>{my encrypted Apache password here}</password> >>>>>>>> <filePermissions>664</filePermissions> >>>>>>>> <directoryPermissions>775</directoryPermissions> >>>>>>>> </server> >>>>>>>> <server> >>>>>>>> <id>apache.website</id> >>>>>>>> <username>wspeirs</username> >>>>>>>> <password>{my encrypted Apache password here}</password> >>>>>>>> <filePermissions>664</filePermissions> >>>>>>>> <directoryPermissions>775</directoryPermissions> >>>>>>>> </server> >>>>>>>> <server> >>>>>>>> <id>apache.snapshots</id> >>>>>>>> <username>wspeirs</username> >>>>>>>> <password>{my encrypted Apache password here}</password> >>>>>>>> <filePermissions>664</filePermissions> >>>>>>>> <directoryPermissions>775</directoryPermissions> >>>>>>>> </server> >>>>>>>> </servers> >>>>>>>> <profiles> >>>>>>>> <profile> >>>>>>>> <id>apache</id> >>>>>>>> <activation> >>>>>>>> <activeByDefault>false</activeByDefault> >>>>>>>> </activation> >>>>>>>> <properties> >>>>>>>> <mavenExecutorId>forked-path</mavenExecutorId> >>>>>>>> <commons.deployment.protocol>scp</commons.deployment.protocol> >>>>>>>> <gpg.keyname>B0EC1E65</gpg.keyname> >>>>>>>> <gpg.passphrase>{my encrypted GPG password >>>>>>>> here}</gpg.passphrase> >>>>>>>> </properties> >>>>>>>> </profile> >>>>>>>> </profiles> >>>>>>>> </settings> >>>>>>> >>>>>>> I use an external GPG database (on a USB stick); but for test purposes >>>>>>> I have a dummy signing key using a local database. >>>>>>> >>>>>>> <profile> >>>>>>> <id>keyTest</id> >>>>>>> <properties> >>>>>>> <gpg.keyname>Deploy Test User</gpg.keyname> >>>>>>> <gpg.passphrase>password in clear</gpg.passphrase> >>>>>>> <gpg.useagent>false</gpg.useagent> >>>>>>> </properties> >>>>>>> </profile> >>>>>>> >>>>>>> Here's the real key profile: >>>>>>> >>>>>>> <profile> >>>>>>> <id>keyReal</id> >>>>>>> <properties> >>>>>>> <gpg.keyname>4FAD5F62</gpg.keyname> >>>>>>> <gpg.secretKeyring>/path/to/secring.gpg</gpg.secretKeyring> >>>>>>> <!-- must be on the execution path --> >>>>>>> <gpg.executable>gpg2</gpg.executable> >>>>>>> <gpg.useagent>false</gpg.useagent> >>>>>>> </properties> >>>>>>> </profile> >>>>>>> >>>>>>> I found gpg2 worked better for me, but I still use gpg1 sometimes. >>>>>>> >>>>>>> The real gpg password is not stored anywhere; I have to enter it at >>>>>>> run-time. >>>>>>> >>>>>>> For example, if I remove the test password, I see the following: >>>>>>> >>>>>>> mvn package gpg:sign -PkeyTest >>>>>>> ... >>>>>>> [INFO] [jar:jar {execution: default-jar}] >>>>>>> [INFO] [jar:test-jar {execution: default}] >>>>>>> [INFO] [gpg:sign {execution: default-cli}] >>>>>>> GPG Passphrase: * <= enter the passphrase here. >>>>>>> >>>>>>> The same applies to gpg1 and gpg2, but if I use gpg2, I also get the >>>>>>> following warnings: >>>>>>> >>>>>>> gpg: WARNING: "--no-use-agent" is an obsolete option - it has no effect >>>>>>> gpg: WARNING: "--no-use-agent" is an obsolete option - it has no effect >>>>>>> gpg: WARNING: "--no-use-agent" is an obsolete option - it has no effect >>>>>>> >>>>>>> The settings-security.xml file is not needed for GPG passwords. >>>>>>> And I've not tried it. >>>>>>> >>>>>>> I suggest you set up a dummy local key and password as per my example. >>>>>>> Get that working, then try specifying the secret key ring to point to >>>>>>> the dummy key. >>>>>>> When that works, drop the password. >>>>>>> Then fix the secret key ring tag to point to your real secret key ring. >>>>>>> >>>>>>>> >>>>>>>> --------------------------------------------------------------------- >>>>>>>> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >>>>>>>> For additional commands, e-mail: dev-h...@commons.apache.org >>>>>>>> >>>>>>> >>>>>>> --------------------------------------------------------------------- >>>>>>> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >>>>>>> For additional commands, e-mail: dev-h...@commons.apache.org >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> E-Mail: garydgreg...@gmail.com | ggreg...@apache.org >>>>>> JUnit in Action, 2nd Ed: <http://goog_1249600977>http://bit.ly/ECvg0 >>>>>> Spring Batch in Action: <http://s.apache.org/HOq>http://bit.ly/bqpbCK >>>>>> Blog: http://garygregory.wordpress.com >>>>>> Home: http://garygregory.com/ >>>>>> Tweet! http://twitter.com/GaryGregory >>>>> >>>>> --------------------------------------------------------------------- >>>>> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >>>>> For additional commands, e-mail: dev-h...@commons.apache.org >>>>> >>>> >>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >>>> For additional commands, e-mail: dev-h...@commons.apache.org >>>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org >> For additional commands, e-mail: dev-h...@commons.apache.org >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
