Author: psharples
Date: Wed Oct 19 15:29:54 2011
New Revision: 1186270
URL: http://svn.apache.org/viewvc?rev=1186270&view=rev
Log:
New tasks added for signing release artifacts.
Refactored the sub-project builds to use different configurations as defined in
the local ivy.xml files. Only the 'publish-maven-release-artifacts' task found
in ivy-java-common actually uses the pgp signing task, but now the
configurations for publishlocal, publish-snapshot and publish-stagingarea are
separated out from each other. TODO - add this functionality to sign the build
found in the release ant script. (At present there is just a batch file to do
this)
See WOOKIE-269.
Modified:
incubator/wookie/trunk/ant/ivy-java-common.xml
incubator/wookie/trunk/ant/ivysettings.xml
incubator/wookie/trunk/connector/java/ivy.xml
incubator/wookie/trunk/parser/java/ivy.xml
Modified: incubator/wookie/trunk/ant/ivy-java-common.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/ant/ivy-java-common.xml?rev=1186270&r1=1186269&r2=1186270&view=diff
==============================================================================
--- incubator/wookie/trunk/ant/ivy-java-common.xml (original)
+++ incubator/wookie/trunk/ant/ivy-java-common.xml Wed Oct 19 15:29:54 2011
@@ -15,7 +15,7 @@
See the License for the specific language governing permissions and
limitations under the License.
-->
-<project xmlns:ivy="antlib:org.apache.ivy.ant"
xmlns:m="http://ant.apache.org/ivy/maven";>
+<project xmlns:ivy="antlib:org.apache.ivy.ant"
xmlns:m="http://ant.apache.org/ivy/maven";
xmlns:openpgp="antlib:org.apache.commons.openpgp.ant">
<import file="ivy-common.xml"/>
@@ -217,6 +217,11 @@
<equals arg1="${ant.project.name}" arg2="wookie"/>
</condition>
</target>
+
+ <target name="test-upload-credentials">
+ <fail unless="upload.user" message="supply upload.user on the
command line"/>
+ <fail unless="upload.password" message="supply upload.password
on the command line"/>
+ </target>
<target name="publish" depends="clean-build, jar" description="--> publish
this project in the ivy repository">
<ivy:publish
@@ -227,30 +232,68 @@
<echo message="project ${ant.project.name} released with version
${revision}" />
</target>
+
<!--
================================================================================
- We have 3 tasks that are almost identical, except one parameter - the
resolver
-
- publish-local
- publish-maven-snapshot-artifacts
- publish-maven-release-artifacts
-
- TODO - merge these into one task & pass the resolver as parameter
-
- Note to run either the...
- 'publish-maven-snapshot-artifacts' OR
- 'publish-maven-release-artifacts'
-
- ...tasks, you must first add your credentials on the command line
+ To use the target of sign-artifacts you must first add your pgp
credentials on the
+ command line, otherwise it will fail.
i.e.
- -Dupload.user=myusername -Dupload.password=mypassword
+ -Dpgp.password=yourpgppassword -Dpgp.keyId=yourpgpkeyId
================================================================================
-->
+ <target name="sign-artifacts">
+ <fail unless="pgp.password" message="supply
-Dpgp.password=yourpassword on the command line"/>
+ <fail unless="pgp.keyId" message="supply -Dpgp.keyId=yourkeyid
on the command line"/>
+
+ <ivy:settings id="sign.settingsId"
file="../../ant/ivysettings.xml"/>
+ <ivy:cachepath organisation="org.apache.commons"
settingsRef="sign.settingsId"
+ transitive="false" log="download-only"
module="commons-openpgp" revision="1.0-SNAPSHOT"
+ inline="true" pathid="openpgp.classpath"/>
+ <ivy:cachepath organisation="org.bouncycastle"
settingsRef="sign.settingsId" log="download-only"
+ module="bcprov-jdk16" revision="1.45" inline="true"
pathid="bouncycastle.bcprov.classpath"/>
+ <ivy:cachepath organisation="org.bouncycastle"
settingsRef="sign.settingsId" transitive="false"
+ log="download-only" module="bcpg-jdk16" revision="1.45"
inline="true" pathid="bouncycastle.bcpg.classpath"/>
+ <!--
+ For some reason, if we use the openpgp:signer task here
directly, the bouncycastle security
+ provider cannot be loaded. If we launch it as a forked process
everything works fine !?!
+
+ - NOTE: I guess it needs to be loaded into memory first hence
why you cant run it in the same thread.
+ -->
+ <java classname="org.apache.tools.ant.launch.Launcher"
fork="true">
+ <classpath>
+ <fileset dir="${ant.home}" includes="**/*.jar"/>
+ <path refid="bouncycastle.bcprov.classpath"/>
+ <path refid="bouncycastle.bcpg.classpath"/>
+ <path refid="openpgp.classpath"/>
+ <path refid="openpgp.classpath"/>
+ </classpath>
+ <arg line="-f ../../ant/ivy-java-common.xml"/>
+ <arg line="sign-internal"/>
+ <arg line="-Dpgp.password=${pgp.password}"/>
+ <arg line="-Dpgp.keyId=${pgp.keyId}"/>
+ <arg line="-Dlocal.dist.dir=${dist.dir}"/>
+ </java>
+ </target>
+
+ <target name="sign-internal">
+ <taskdef resource="org/apache/commons/openpgp/ant/antlib.xml"
uri="antlib:org.apache.commons.openpgp.ant"/>
+ <!-- NOTE - The two paths below are on windows, you may have to
change this - perhaps refactor to put into build.properties-->
+ <openpgp:signer
secring="${user.home}/AppData/Roaming/gnupg/secring.gpg"
+
pubring="${user.home}/AppData/Roaming/gnupg/pubring.gpg"
+ password="${pgp.password}"
+ keyid="${pgp.keyId}"
+ asciiarmor="true">
+ <fileset dir="${local.dist.dir}">
+ <include name="**/*.pom"/>
+ <include name="**/*.jar"/>
+ </fileset>
+ </openpgp:signer>
+ </target>
- <target name="publish-local" depends="test-calling-project, clean-dist,
jar" unless="not-subproject" description="--> publish this project in the local
ivy repository">
+ <target name="make-subproject-pom">
<echo>Locally publishing ${ant.project.name}-${version}</echo>
<delete file="${dist.dir}/ivy.xml"/> <!-- delete last produced
ivy file to be sure a new one will be generated -->
<tstamp>
@@ -261,63 +304,56 @@
pomfile="${dist.dir}/${ant.project.name}.pom">
<mapping conf="deploy" scope="compile"/>
</ivy:makepom>
-
+ </target>
+
+ <!--
+
================================================================================
+ Note to run either the...
+
+ 'publish-maven-snapshot-artifacts' OR
+ 'publish-maven-release-artifacts'
+
+ ...tasks, you must first add your apache credentials on the command
line
+
+ i.e.
+
+ -Dupload.user=myusername -Dupload.password=mypassword
+
================================================================================
+ -->
+ <target name="publish-local" depends="test-calling-project, clean-dist,
jar, make-subproject-pom" unless="not-subproject" description="--> publish this
project in the local ivy repository">
<ivy:publish resolver="local"
pubrevision="${version}"
forcedeliver="true"
publishivy="false"
srcivypattern="${dist.dir}/ivy.xml"
- pubdate="${now}"
+ pubdate="${now}"
+ conf="deploy"
overwrite="true"
artifactspattern="${dist.dir}/[artifact](-[classifier]).[ext]"/>
<echo message="project ${ant.project.name} published locally with
version ${version}" />
</target>
- <target name="publish-maven-snapshot-artifacts" depends="clean-dist, jar"
description="--> publishes this project in the apache snapshot repository. Dont
run this from the root, see instead
'publish-subproject-artifacts-to-snapshot-repo'">
- <echo>Locally publishing ${ant.project.name}-${version}</echo>
- <fail unless="upload.user" message="supply upload.user on the command
line"/>
- <fail unless="upload.password" message="supply upload.password on the
command line"/>
- <delete file="${dist.dir}/ivy.xml"/> <!-- delete last produced ivy file
to be sure a new one will be generated -->
- <tstamp>
- <format property="now" pattern="yyyyMMddHHmmss"/>
- </tstamp>
- <ivy:makepom ivyfile="${basedir}/ivy.xml"
- templatefile="${basedir}/pom-template.xml"
- pomfile="${dist.dir}/${ant.project.name}.pom">
- <mapping conf="deploy" scope="compile"/>
- </ivy:makepom>
-
+ <target name="publish-maven-snapshot-artifacts"
depends="test-upload-credentials, clean-dist, jar, make-subproject-pom"
description="--> publishes this project in the apache snapshot repository. Dont
run this from the root, see instead
'publish-subproject-artifacts-to-snapshot-repo'">
<ivy:publish resolver="apache-snapshot-artifacts"
pubrevision="${version}"
forcedeliver="true"
publishivy="false"
srcivypattern="${dist.dir}/ivy.xml"
pubdate="${now}"
+ conf="deploy, deploy-with-src-and-docs"
overwrite="true"
artifactspattern="${dist.dir}/[artifact](-[classifier]).[ext]"/>
<echo message="project ${ant.project.name} published to nexus snapshot
repo with version ${version}" />
</target>
- <target name="publish-maven-release-artifacts" depends="clean-dist, jar"
description="--> publishes this project in the apache staging area repository
(prior to release). Dont run this from the root, see instead
'publish-subproject-artifacts-to-release-repo'">
- <echo>Locally publishing ${ant.project.name}-${version}</echo>
- <fail unless="upload.user" message="supply upload.user on the command
line"/>
- <fail unless="upload.password" message="supply upload.password on the
command line"/>
- <delete file="${dist.dir}/ivy.xml"/> <!-- delete last produced ivy file
to be sure a new one will be generated -->
- <tstamp>
- <format property="now" pattern="yyyyMMddHHmmss"/>
- </tstamp>
- <ivy:makepom ivyfile="${basedir}/ivy.xml"
- templatefile="${basedir}/pom-template.xml"
- pomfile="${dist.dir}/${ant.project.name}.pom">
- <mapping conf="deploy" scope="compile"/>
- </ivy:makepom>
-
+ <target name="publish-maven-release-artifacts"
depends="test-upload-credentials, clean-dist, jar, make-subproject-pom,
sign-artifacts" description="--> publishes this project in the apache staging
area repository (prior to release). Dont run this from the root, see instead
'publish-subproject-artifacts-to-release-repo'">
<ivy:publish resolver="apache-release-artifacts"
pubrevision="${version}"
forcedeliver="true"
publishivy="false"
srcivypattern="${dist.dir}/ivy.xml"
pubdate="${now}"
+ conf="deploy, deploy-with-src-and-docs, deploy-signed"
overwrite="true"
artifactspattern="${dist.dir}/[artifact](-[classifier]).[ext]"/>
<echo message="project ${ant.project.name} published to nexus snapshot
repo with version ${version}" />
Modified: incubator/wookie/trunk/ant/ivysettings.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/ant/ivysettings.xml?rev=1186270&r1=1186269&r2=1186270&view=diff
==============================================================================
--- incubator/wookie/trunk/ant/ivysettings.xml (original)
+++ incubator/wookie/trunk/ant/ivysettings.xml Wed Oct 19 15:29:54 2011
@@ -19,8 +19,15 @@
<property name="apache.repo.release.url"
value="https://repository.apache.org/service/local/staging/deploy/maven2";
override="false" />
<property name="apache.repo.snapshot.url"
value="https://repository.apache.org/content/repositories/snapshots/";
override="false" />
<credentials host="repository.apache.org" realm="Sonatype Nexus Repository
Manager" username="${upload.user}" passwd="${upload.password}"/>
- <property name="maven2.pattern"
value="[organisation]/[module]/[revision]/[module]-[revision](-[classifier])" />
+ <!--<property name="maven2.pattern"
value="[organisation]/[module]/[revision]/[module]-[revision](-[classifier])"
/>-->
+ <property name="maven2.pattern"
value="[organisation]/[module]/[revision]/[artifact]-[revision](-[classifier])"
/>
<property name="maven2.pattern.ext" value="${maven2.pattern}.[ext]" />
+ <!--
+ <property name="pgp.keyId" value="auto" override="false"/>
+ <signers>
+ <pgp name="apache-sig"
secring="${user.home}/AppData/Roaming/gnupg/secring.gpg"
password="${pgp.password}" keyId="${pgp.keyId}"/>
+ </signers>
+ -->
<settings defaultResolver="wookie-chain" />
<caches>
<cache useOrigin="true" name="null"/>
@@ -40,7 +47,7 @@
<artifact
pattern="${apache.repo.snapshot.url}/${maven2.pattern.ext}"/>
</url>
-->
- <ibiblio name="apache-snapshot-artifacts"
root="${apache.repo.snapshot.url}" pattern="${maven2.pattern.ext}"
m2compatible="true" />
+ <ibiblio usepoms="true" name="apache-snapshot-artifacts"
root="${apache.repo.snapshot.url}" pattern="${maven2.pattern.ext}"
m2compatible="true" />
<ibiblio name="apache-release-artifacts"
root="${apache.repo.release.url}" pattern="${maven2.pattern.ext}"
m2compatible="true" />
</chain>
</resolvers>
Modified: incubator/wookie/trunk/connector/java/ivy.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/connector/java/ivy.xml?rev=1186270&r1=1186269&r2=1186270&view=diff
==============================================================================
--- incubator/wookie/trunk/connector/java/ivy.xml (original)
+++ incubator/wookie/trunk/connector/java/ivy.xml Wed Oct 19 15:29:54 2011
@@ -21,13 +21,19 @@
<conf name="deploy" description="Provide the necessary files and
libraries to deploy in a production environment"/>
<conf name="dev" extends="deploy" description="Provide the necessary
files and libraries to run in standalone (development) mode"/>
<conf name="test" extends="dev" visibility="private" description="for
our testing framework"/>
+ <conf name="deploy-with-src-and-docs" extends="deploy"
description="Used for publishing maven artifacts to the snapshot repo"/>
+ <conf name="deploy-signed" extends="deploy-with-src-and-docs"
description="Used for publishing maven artifacts to the staging area repo"/>
</configurations>
<publications xmlns:e="urn:ant.apache.org:ivy-extras">
- <artifact name="wookie-java-connector" type="pom" ext="pom"
conf="deploy"/>
- <artifact name="wookie-java-connector" type="jar" conf="deploy"/>
- <artifact name="wookie-java-connector" type="sources" conf="deploy"
ext="jar" e:classifier="sources"/>
- <artifact name="wookie-java-connector" type="javadoc" conf="deploy"
ext="jar" e:classifier="javadoc"/>
+ <artifact name="wookie-java-connector" conf="deploy" type="pom"
ext="pom" />
+ <artifact name="wookie-java-connector" conf="deploy" type="jar" />
+ <artifact name="wookie-java-connector" conf="deploy-with-src-and-docs"
type="sources" ext="jar" e:classifier="sources"/>
+ <artifact name="wookie-java-connector" conf="deploy-with-src-and-docs"
type="javadoc" ext="jar" e:classifier="javadoc"/>
+ <artifact name="wookie-java-connector" conf="deploy-signed"
type="pom.asc" ext="pom.asc"/>
+ <artifact name="wookie-java-connector" conf="deploy-signed"
type="jar.asc" ext="jar.asc"/>
+ <artifact name="wookie-java-connector" conf="deploy-signed"
type="sources.asc" ext="jar.asc" e:classifier="sources"/>
+ <artifact name="wookie-java-connector" conf="deploy-signed"
type="javadoc.asc" ext="jar.asc" e:classifier="javadoc"/>
</publications>
<dependencies>
Modified: incubator/wookie/trunk/parser/java/ivy.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/parser/java/ivy.xml?rev=1186270&r1=1186269&r2=1186270&view=diff
==============================================================================
--- incubator/wookie/trunk/parser/java/ivy.xml (original)
+++ incubator/wookie/trunk/parser/java/ivy.xml Wed Oct 19 15:29:54 2011
@@ -20,14 +20,20 @@
<configurations>
<conf name="deploy" description="Provide the necessary files and
libraries to deploy in a production environment"/>
<conf name="dev" extends="deploy" description="Provide the necessary
files and libraries to run in standalone (development) mode"/>
- <conf name="test" extends="dev" visibility="private" description="for
our testing frameowrk"/>
+ <conf name="test" extends="dev" visibility="private" description="for
our testing framework"/>
+ <conf name="deploy-with-src-and-docs" extends="deploy"
description="Used for publishing maven artifacts to the snapshot repo"/>
+ <conf name="deploy-signed" extends="deploy-with-src-and-docs"
description="Used for publishing maven artifacts to the staging area repo"/>
</configurations>
<publications>
<artifact name="wookie-parser" conf="deploy" type="pom" ext="pom"/>
<artifact name="wookie-parser" conf="deploy" type="jar"/>
- <artifact name="wookie-parser" conf="deploy" type="sources" ext="jar"
m:classifier="sources"/>
- <artifact name="wookie-parser" conf="deploy" type="javadoc" ext="jar"
m:classifier="javadoc"/>
+ <artifact name="wookie-parser" conf="deploy-with-src-and-docs"
type="sources" ext="jar" m:classifier="sources"/>
+ <artifact name="wookie-parser" conf="deploy-with-src-and-docs"
type="javadoc" ext="jar" m:classifier="javadoc"/>
+ <artifact name="wookie-parser" conf="deploy-signed" type="pom.asc"
ext="pom.asc"/>
+ <artifact name="wookie-parser" conf="deploy-signed" type="jar.asc"
ext="jar.asc"/>
+ <artifact name="wookie-parser" conf="deploy-signed" type="sources.asc"
ext="jar.asc" m:classifier="sources"/>
+ <artifact name="wookie-parser" conf="deploy-signed"
type="javadoc.asc" ext="jar.asc" m:classifier="javadoc"/>
</publications>
<dependencies>
