Bugzilla – Full Text Bug Listing
| Summary: | Configure the Hudson build to generate p2 repository with signed jars | ||
|---|---|---|---|
| Product: | z_Archived | Reporter: | Kaloyan Raev <kaloyan> |
| Component: | Libra | Assignee: | Kaloyan Raev <kaloyan> |
| Status: | CLOSED FIXED | QA Contact: | Kaloyan Raev <kaloyan> |
| Severity: | enhancement | ||
| Priority: | P3 | CC: | caniszczyk, david_williams |
| Version: | unspecified | ||
| Target Milestone: | --- | ||
| Hardware: | PC | ||
| OS: | Windows Vista | ||
| Whiteboard: | |||
| Bug Depends on: | |||
| Bug Blocks: | 338060 | ||
|
Description
Kaloyan Raev
I'll add that eventually you will want to sign each build ... or, at the least, each build "declared" for public testing. The reason being that once a bundle version/qualifier exists unsigned "in the wild", it will not normally be "replaced" by the signed version using normal p2 install or mirror operations. And while I've not done it from Hudson, I've heard that hudson jobs _can_ sign on eclipse infrastructure ... you just need a "copy and wait then copy back" sort of script ... but, what they can not do so easily is copy/upload to "downloads" server, which is what the ACL solution is for. At least, this is my impression from reading the bugs and cross-project list. HTH We are working on having a maven signing plug-in available for eclipse.org projects... it's in the CQ process now though... https://dev.eclipse.org/ipzilla/show_bug.cgi?id=5096 https://bugs.eclipse.org/bugs/show_bug.cgi?id=342336 This will also help with publishing. Thanks for the info - I will watch the progress. Thanks to the new eclipse-maven-signing-plugin Maven plugin, the libra-indigo job now creates a signed build that is available on the following p2 repository: http://download.eclipse.org/libra/nightly |