Community
Participate
Working Groups
The Linux Tools project makes use of the Dash Maven signing plugin. A build from a few hours ago gives the following error when I attempt to install the available updates in a 3.7RC1 Eclipse SDK: An error occurred while collecting items to be installed session context was:(profile=SDKProfile, phase=org.eclipse.equinox.internal.p2.engine.phases.Collect, operand=, action=). Problems downloading artifact: osgi.bundle,org.eclipse.linuxtools.cdt.autotools_docs,2.0.2.201105241252. MD5 hash is not as expected. Expected: 62b3a1224d3c5f409395bc0973cd4331 and found ef7ea91cab2c3709c59fda43367c492c. Problems downloading artifact: osgi.bundle,org.eclipse.linuxtools.cdt.libhover.library_docs,1.0.2.201105241252. MD5 hash is not as expected. Expected: 8b9f6a4f4f46cf673b05e4d1c1c2346b and found 13db2defada250e6936d64cd3a6bc7dc. Multiple problems occurred while downloading. No location for packed: osgi.bundle,org.eclipse.linuxtools.man,0.0.1.201105241252. Problems downloading artifact: osgi.bundle,org.eclipse.linuxtools.man,0.0.1.201105241252. MD5 hash is not as expected. Expected: 884322990d9118ea9f88803984815002 and found 00e8b78560328564a860844fb0596112. Multiple problems occurred while downloading. No location for packed: osgi.bundle,org.eclipse.linuxtools.rpmstubby,0.3.0.201105241252. Problems downloading artifact: osgi.bundle,org.eclipse.linuxtools.rpmstubby,0.3.0.201105241252. MD5 hash is not as expected. Expected: 0c786787aa7eda97110e0332a7d69a9d and found 70eecd905aa6f034666f3c82160c16b0. Problems downloading artifact: org.eclipse.update.feature,org.eclipse.linuxtools.cdt.libhover.devhelp,0.7.1.201105241252. MD5 hash is not as expected. Expected: 7b33c0c9c3836392910c614287b7a000 and found 886c8140103f066e0479cd1503148842. Problems downloading artifact: org.eclipse.update.feature,org.eclipse.linuxtools.man,0.0.1.201105241252. MD5 hash is not as expected. Expected: 00e8b78560328564a860844fb0596112 and found 2c1fa47bc23e5ff079927b36418d5a06. Problems downloading artifact: org.eclipse.update.feature,org.eclipse.linuxtools.rpm.ui.editor,0.4.3.201105241252. MD5 hash is not as expected. Expected: 7a7a6bd4f8a7b18dd7bfacfe36d06368 and found 19a5d5e97e7dd43b721b76e93c12ff94. Problems downloading artifact: org.eclipse.update.feature,org.eclipse.linuxtools.rpmstubby,0.3.0.201105241252. MD5 hash is not as expected. Expected: 70eecd905aa6f034666f3c82160c16b0 and found ebe7dae7faf630c9417b03cfc6f428a8. Our relevant pom.xml: http://git.eclipse.org/c/linuxtools/org.eclipse.linuxtools.git/tree/releng/org.eclipse.linuxtools.releng-site/pom.xml specifically: http://git.eclipse.org/c/linuxtools/org.eclipse.linuxtools.git/tree/releng/org.eclipse.linuxtools.releng-site/pom.xml#n45 The build: https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/318/ The build log: https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/318/console The p2 repo: https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/318/artifact/releng/org.eclipse.linuxtools.releng-site/target/repository/
the pack -> sign -> repack -> fix process chains together the first pack is given an input file, in your case: <inputFile>${project.build.directory}/org.eclipse.linuxtools.releng-site.zip</inputFile> that filename is then used throughout the process, but each mojo dumps its output into a subdir so the input to the sign mojo would be: <inputFile>${project.build.directory}/packed/org.eclipse.linuxtools.releng-site.zip</inputFile> and then the input into the repack mojo would be <inputFile>${project.build.directory}/signed/org.eclipse.linuxtools.releng-site.zip</inputFile> and lastly the input into the fix checksum mojo would be once more <inputFile>${project.build.directory}/packed/org.eclipse.linuxtools.releng-site.zip</inputFile> leaving you with a file product in <outputFile>${project.build.directory}/fixed/org.eclipse.linuxtools.releng-site.zip</outputFile> unless you change that last one...it ought to work like the others but I think I was a goober and didn't think of it at the time. It works without messing with any of these params (aside from the input into the repack) if you start the whole process with site_assembly.zip as the filename....so if you don't do that then you'll have to adjust the inputs and outputs accordingly for each mojo configuration. but it should make pretty good sense if you think of it as a bit of a chain of events. let me know if this helps!
Hope I'm not repeating what Jesse said (skim reading ... :) and I'm not familiar with "the signing plugin" but there has been surprises, in the past, that various steps in the general process will "touch" (even modify) jars in ways that are not always expected (for example, even if they have already been signed!). For some discussion, see bug 275094. As far as I know, the solution is to always run "p2.process.artifacts" as the final step (optionally, with 'pack' attribute). to quote a quote from bug 275094 <quote> A way to fix MD5 sums in the artifacts.xml is to run <p2.process.artifacts repositoryPath="file:/${repo}" /> </quote> Just in case the info/history helps.
(sorry, I unintentionally changed status flag, so now changing back to 'assigned').
Thanks for the clarification, Jesse! Chris Aniszczyk actually did this work and I hadn't looked at it in much detail until just now. I think I have the proper file-names fixed up for the <inputFile> sections but what about the maven-antrun-plugin call? At present we have (at [1]): <copy includeemptydirs="false" todir="/home/data/httpd/download.eclipse.org/technology/linuxtools/updates-nightly"> <fileset dir="target/checksumFix"> <include name="**" /> </fileset> but I wonder if this should be replaced with unzipping "${project.build.directory}/fixed/org.eclipse.linuxtools.releng-site.zip"? [1] http://git.eclipse.org/c/linuxtools/org.eclipse.linuxtools.git/tree/releng/org.eclipse.linuxtools.releng-site/pom.xml#n112
I've made some changes to our pom.xml [1] but the most recent build [2] still gives MD5sum errors. I tried using the contents of the checksumFix directory but also has md5sum errors. Anyone know what I'm doing wrong at [1]? I've made the build job's workspace [3] publicly accessible so anyone should be able to see it [3]. [1] http://git.eclipse.org/c/linuxtools/org.eclipse.linuxtools.git/tree/releng/org.eclipse.linuxtools.releng-site/pom.xml [2] https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/320/ [3] https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/ws/releng/org.eclipse.linuxtools.releng-site/target
looks like one issue is that _ is used in both package names and in osgi version strings with breaks the fix checksum bits of the mojo
A new snapshot has been deployed. 1.0.1.0-SNAPSHOT Update your repository for your maven plugins to pull from the following location. http://maven.eclipse.org/nexus/content/groups/public/
This latest version appears to have worked! I was able to install without md5sum errors and verify that things are signed. Thanks!
Has anyone had success with an 'eclipse-repository' project and would mind sharing such a project?
(In reply to comment #9) > Has anyone had success with an 'eclipse-repository' project and would mind > sharing such a project? Linux Tools uses such a project: http://git.eclipse.org/c/linuxtools/org.eclipse.linuxtools.git/tree/releng/org.eclipse.linuxtools.releng-site/pom.xml mvn -fn -Dmaven.test.failure.ignore=true -U -e clean install We append "-P build-server" on hudson.eclipse.org to use this plugin: https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/
(In reply to comment #10) > (In reply to comment #9) > > Has anyone had success with an 'eclipse-repository' project and would mind > > sharing such a project? > > Linux Tools uses such a project: > > http://git.eclipse.org/c/linuxtools/org.eclipse.linuxtools.git/tree/releng/org.eclipse.linuxtools.releng-site/pom.xml > > mvn -fn -Dmaven.test.failure.ignore=true -U -e clean install > > We append "-P build-server" on hudson.eclipse.org to use this plugin: > > https://hudson.eclipse.org/hudson/job/cbi-linuxtools-Indigo/ Thanks a lot Andrew. We will be following your example at RTP: bug 347242
Re-Opening, as I want to deploy this to a milestone repository. If anybody else gets the current snapshot working successfully, please comment here, as I would like another verification point besides Linux tools. Once verified, I'll, deploy a 1.0.1 version of the plugin.
Re-Assigning to myself for the final deployment.
The plugin worked for RTP. Be aware that only the published repository contains the signed artifacts. For example if you are generating some product archives they won't contain the signed artifacts: http://dev.eclipse.org/mhonarc/lists/tycho-user/msg00259.html
Dave, Jesse, before you do a release could you look into bug 347591: The MD5 checksums are correct but it looks like there are a couple of issues remaining. Andrew, I looked into the builds of linuxtools and I suspect that they are also affected. I have added you in cc of that bug.
Thanks, Hugues.
This has been deployed to the milestone repo. Everybody should be using 1.0.1 now.
(In reply to comment #1) > > and lastly the input into the fix checksum mojo would be once more > > <inputFile>${project.build.directory}/packed/org.eclipse.linuxtools.releng-site.zip</inputFile> > > leaving you with a file product in > > <outputFile>${project.build.directory}/fixed/org.eclipse.linuxtools.releng-site.zip</outputFile> I'm using the signing plugin to sign and fix MD5 checksum but I can't find a zip file in the ${project.build.directory}/fixed directory. Am I missing something? I'm using the 1.0.1.2 SNAPSHOT: http://git.eclipse.org/c/cdt/org.eclipse.cdt.git/tree/releng/org.eclipse.cdt.repo/pom.xml?h=cdt_7_0
