Hi Rodney,
Thanks for that, looks very similar to what I had to do for my project
(Ikasan). I'll contact Sonatype and see how the sync with the SF repo works.
I know they now prefer everything to go through their Nexus repo as they're
able to put quality constraints on the artifacts (ensuring the sources jar,
javadoc jar, decent pom meta-data etc).
Will keep you all posted!
Cheers,
Martijn
On Tue, Jan 18, 2011 at 1:41 AM, Rodney Beede
<[email protected]>wrote:
> My project is at:
>
> http://chop-chophttpcl.sourceforge.net/maven2/net/sourceforge/chopchophttpclient/chopchophttpclient/1.0.1/chopchophttpclient-1.0.1.pom
>
> You'll need a GPG public key that you can post on the project's
> sourceforge.net web site. The use of com/jcraft versus
> net/sourceforge should be fine and preferred.
>
> Since Maven Central already has some versions up there you may need to
> mention that in the Maven Central sync request ticket. They may have
> to update an old sync. Not sure.
>
> Here are the things your pom.xml needs:
>
> The <URL> tag which points to jcraft.com should have the public GPG
> key that is used to sign the project build on the website in addition
> to the sf.net project page. They like to prove ownership of the
> domain/project by being able to download the GPG key from it.
>
> A <developers> would be nice to have.
>
>
> The magic plugin you want:
>
> <plugin>
> <groupId>org.apache.maven.plugins</groupId>
> <artifactId>maven-gpg-plugin</artifactId>
> <executions>
> <execution>
> <id>sign-artifacts</id>
> <phase>verify</phase>
> <goals>
> <goal>sign</goal>
> </goals>
> </execution>
> </executions>
> </plugin>
>
> I can't remember if you have to have GPG installed in your system path
> or not. But when you kickoff the build it will ask for which gpg key
> to sign with and the password. Your build output from "mvn deploy"
> will have the .gpg signatures that are required to allow the rsync
> from sf.net into repo1.maven. If you mess up the mvn deploy you have
> some time before the rsync to delete the copy in your sf.net maven
> repo and redeploy it. I usually practice with a "mvn install" into my
> local machine's repo first and check it manually.
>
> The <scm> in my pom.xml may also be needed. I can't remember for sure.
>
>
>
>
> On Mon, Jan 17, 2011 at 8:13 AM, Martijn Verburg
> <[email protected]> wrote:
> > Hi Yamanake-san,
> > That's a good temporary compromise, as people will be able to configure
> > their settings.xml or pom.xml to point to your maven repo in order to get
> > 0.1.44. I'll continue to work on the Nexus Sonatype solution in the
> > background.
> > Cheers,
> > Martijn
> >
> > On Mon, Jan 17, 2011 at 3:05 PM, Atsuhiko Yamanaka <[email protected]>
> wrote:
> >>
> >> Hi,
> >>
> >> +-From: Martijn Verburg <[email protected]> --
> >> |_Date: Mon, 17 Jan 2011 14:56:55 +0000 _____________
> >> |
> >> |That link appears to be broken.
> >>
> >> Oops, it should be
> >> http://jsch.sf.net/maven2/com/jcraft/jsch/
> >>
> >>
> >> Sincerely,
> >> --
> >> Atsuhiko Yamanaka
> >> JCraft,Inc.
> >> 1-14-20 HONCHO AOBA-KU,
> >> SENDAI, MIYAGI 980-0014 Japan.
> >> Tel +81-22-723-2150
> >> +1-415-578-3454
> >> Skype callto://jcraft/
> >> Twitter: http://twitter.com/ymnk
> >
> >
> >
> ------------------------------------------------------------------------------
> > Protect Your Site and Customers from Malware Attacks
> > Learn about various malware tactics and how to avoid them. Understand
> > malware threats, the impact they can have on your business, and how you
> > can protect your company and customers by using code signing.
> > http://p.sf.net/sfu/oracle-sfdevnl
> > _______________________________________________
> > JSch-users mailing list
> > [email protected]
> > https://lists.sourceforge.net/lists/listinfo/jsch-users
> >
> >
>
>
> ------------------------------------------------------------------------------
> Protect Your Site and Customers from Malware Attacks
> Learn about various malware tactics and how to avoid them. Understand
> malware threats, the impact they can have on your business, and how you
> can protect your company and customers by using code signing.
> http://p.sf.net/sfu/oracle-sfdevnl
> _______________________________________________
> JSch-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/jsch-users
>
------------------------------------------------------------------------------
Protect Your Site and Customers from Malware Attacks
Learn about various malware tactics and how to avoid them. Understand
malware threats, the impact they can have on your business, and how you
can protect your company and customers by using code signing.
http://p.sf.net/sfu/oracle-sfdevnl
_______________________________________________
JSch-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jsch-users
