On Fri, Apr 4, 2008 at 12:40 PM, Wendy Smoak <[EMAIL PROTECTED]> wrote:
> Please review the release process to make sure that detached > signatures (.asc files) are produced for all artifacts in the Maven > repo, as well for as the normal release distributions. Hello again. I met up with Craig at the AC EU hackathon and took a look at http://openjpa.apache.org/releasing-openjpa.html and the build. Here's what I've got so far for the top-level pom. This adds the ASF organizational pom as a parent, and configures the GPG plugin to sign the artifacts. Unfortunately I'm not set up to build the entire thing with the release profile enabled, so I can't be sure this doesn't break anything else... Index: pom.xml =================================================================== --- pom.xml (revision 645306) +++ pom.xml (working copy) @@ -22,6 +22,11 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd";> <modelVersion>4.0.0</modelVersion> + <parent> + <groupId>org.apache</groupId> + <artifactId>apache</artifactId> + <version>4</version> + </parent> <prerequisites> <maven>2.0.4</maven> </prerequisites> @@ -104,6 +109,25 @@ <modules> <module>openjpa-project</module> </modules> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-gpg-plugin</artifactId> + <version>1.0-alpha-4</version> + <configuration> + <passphrase>${gpg.passphrase}</passphrase> + </configuration> + <executions> + <execution> + <goals> + <goal>sign</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> </profile> <!-- After this, you should be able to remove the Antrun plugin config that's doing the signatures in the openjpa-project module. (Signatures for the artifacts in the central repo are my main concern, but if there is interest in reducing the number of steps involved in the release process, I can make some suggestions.) -- Wendy
