The step by step that is being followed is here,

* http://struts.apache.org/2.x/docs/creating-and-signing-a-distribution.html

which includes using the release profile. I don't know why it isn't
working for me.

My PuTTY SSL setup is fine now, but there is still something wrong
with Cygwin, since it can't find or use my private key. But that
should not have affected the gpg signatures.

I signed the struts2-core-2.0.6.jar by hand and uploaded it.

* 
http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/struts/struts2-core/2.0.6/

If someone could verify that this is correct, that would be helpful.

I think I might have to step away from the release manager role. Or,
at least the deployment of the Maven artifacts. I have a lot of
trouble getting the Maven signing plugins or scripts to work.  Signing
all these Maven artifacts by hand is not something I can do on a
regular basis. I'll fix 2.0.6, but, otherwise, this might have to be
my last Maven distribution.

-Ted.


On 2/25/07, Wendy Smoak <[EMAIL PROTECTED]> wrote:
There seems to be a step missing in the Struts 2 release process.  The
jars in the rsynced Maven repo are missing pgp/gpg signatures, for
example:

http://people.apache.org/repo/m2-ibiblio-rsync-repository/org/apache/struts/struts2-core/2.0.5/

All the jars for both the 2.0.5 and 2.0.6 releases need to be signed.

For future builds, there is a 'release' profile in the struts2-parent
pom that will use maven-gpg-plugin to sign all the artifacts when they
are deployed to the staging repo.  Or it can be done by signing the
jars in your local repo, and uploading the signatures.

Thanks,
--
Wendy

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to