Based on looking at other projects' in the ASF snapshots repo, it looks like we don't need to sign snapshot jars, so yeah, that's pretty easy.
And I've created /www/www.apache.org/dist/incubator/jclouds/KEYS, with my key initially - by the time we actually get to doing a release, I'll set up a wiki page a la https://cwiki.apache.org/WHIRR/how-to-release.htmlexplaining all the steps, signing, etc - and yes, I'm sucking it up and tentatively offering to release manage our first ASF release. =) A. On Sun, May 12, 2013 at 7:51 AM, Andrew Bayer <[email protected]>wrote: > Do we need to sign snapshots too? If so, how do other ASF projects deal > with automated snapshot deployment? > > A. > > > On Sun, May 12, 2013 at 3:00 AM, Olivier Lamy <[email protected]> wrote: > >> Hi, >> You say ".... staging/releases ...". >> Really ? >> You want to share a gpg key which can sign official Apache release in >> an external system where you don't have any control on who has access >> and read files ? >> Not sure asf infra folks will agree (note I'm usually less security >> paranoid than infra folks as my wife can access to my laptop :-) ) >> >> >> 2013/5/12 Adrian Cole <[email protected]>: >> > I opened https://issues.apache.org/jira/browse/INFRA-6260 to see what >> infra >> > folks will say :) >> > >> > Thanks for starting the wheels on this, Andrew. >> > >> > -A >> > >> > >> > On Fri, May 10, 2013 at 5:16 PM, Andrew Bayer <[email protected] >> >wrote: >> > >> >> And re: creds - as I asked on JCLOUDS-15 - what creds should we be >> using >> >> for deploying from a Jenkins other than the main ASF one? I don't >> really >> >> want to put my own creds in settings.xml (and for that matter, we'd >> have to >> >> make sure we can make changes to the settings.xml on the CloudBees >> dynamic >> >> slaves)... >> >> >> >> A. >> >> >> >> On Fri, May 10, 2013 at 3:47 PM, Andrew Bayer <[email protected] >> >> >wrote: >> >> >> >> > https://issues.apache.org/jira/browse/INFRA-6254 opened to get push >> >> > rights. >> >> > >> >> > A. >> >> > >> >> > >> >> > On Fri, May 10, 2013 at 10:17 AM, Adrian Cole < >> [email protected] >> >> >wrote: >> >> > >> >> >> ok I created a jira with the steps as I understand them. >> >> >> >> >> >> Anybody available to run them through? >> >> >> >> >> >> https://issues.apache.org/jira/browse/JCLOUDS-15 >> >> >> >> >> >> -A >> >> >> >> >> >> >> >> >> On Thu, May 9, 2013 at 6:44 PM, Suresh Marru <[email protected]> >> wrote: >> >> >> >> >> >> > On May 9, 2013, at 7:04 PM, Olivier Lamy <[email protected]> >> wrote: >> >> >> > >> >> >> > > Hi, >> >> >> > > >> >> >> > > We must inherit the Apache parent pom. >> >> >> > > >> >> >> > > <parent> >> >> >> > > <groupId>org.apache</groupId> >> >> >> > > <artifactId>apache</artifactId> >> >> >> > > <version>13</version> >> >> >> > > </parent> >> >> >> > > >> >> >> > > Then have this section in your pom: >> >> >> > > <server> >> >> >> > > <id>apache.snapshots.https</id> >> >> >> > > <username></username> >> >> >> > > <password></password> >> >> >> > > </server> >> >> >> > > >> >> >> > > With username/password ASF valid ones. >> >> >> > >> >> >> > Its highly recommended to have this server settings in maven >> >> >> settings.xml >> >> >> > as described in - >> >> >> > http://www.apache.org/dev/publishing-maven-artifacts.html#dev-env >> >> >> > >> >> >> > We need to craft some releases instructions. Unfortunately i only >> have >> >> >> svn >> >> >> > based release experience, I do not think git will be much >> different >> >> but >> >> >> > need to make sure how the automate tags work. Here is an example - >> >> >> > http://airavata.apache.org/development/release-management.html >> >> >> > >> >> >> > Suresh >> >> >> > >> >> >> > > >> >> >> > > I think we have to change the groupId to something like >> >> >> > org.apache.jclouds. >> >> >> > > Then load an infra issue for setup this groupId. >> >> >> > > >> >> >> > > The trouble is still the user/password store somewhere (doh you >> will >> >> >> > > think I'm security paranoid :-) ). >> >> >> > > But the Jenkins asf instance use a generic user/password so >> deploy >> >> to >> >> >> > > asf snapshot repo is easy. >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > 2013/5/10 Adrian Cole <[email protected]>: >> >> >> > >> Hi, team. >> >> >> > >> >> >> >> > >> relating to: https://issues.apache.org/jira/browse/JCLOUDS-4 >> >> >> > >> >> >> >> > >> We are now publishing snapshots of 1.5.x, 1.6.x, and 1.7.x to >> >> >> sonatype >> >> >> > from >> >> >> > >> our ASF repositories. I've tentatively set the build fail >> email to >> >> >> dev. >> >> >> > >> >> >> >> > >> Note that karaf build has been broke for some time, so this is >> >> >> hopefully >> >> >> > >> one of the first fixes we can address here! >> >> >> > >> >> >> >> > >> Cheers, >> >> >> > >> -A >> >> >> > > >> >> >> > > >> >> >> > > >> >> >> > > -- >> >> >> > > Olivier Lamy >> >> >> > > Ecetera: http://ecetera.com.au >> >> >> > > http://twitter.com/olamy | http://linkedin.com/in/olamy >> >> >> > >> >> >> > >> >> >> >> >> > >> >> > >> >> >> >> >> >> -- >> Olivier Lamy >> Ecetera: http://ecetera.com.au >> http://twitter.com/olamy | http://linkedin.com/in/olamy >> > >
