Community
Participate
Working Groups
In bug 471835 it was seen that a long time ago a bug was introduced that made our builds less than reproducible. It was due to the "leaking" a repository where bundles could find "pre-reqs" from previously built versions of Eclipse. While that root bug was fixed (in a very nice way), it occurs to me a simple protection against future regressions, is during our production builds, we should "disable" the "individual bundle URL" (also used for Gerrit builds, of "one repo"). Simplest way to do that is to pass -Declipse-p2-repo.url="" on the mvn command line. Then, in future, if someone changes a pom or adds something that (accidentally) depends on previous build, then even if it succeeds locally, will fail the production build, so we will know the error has occurred. Note: if something does depend on eclipse-p2-repo.url (even if accidentally) the build may not actually fail ... but, in theory could give a different result. Not to use the previous build, is of course the most accurate build and the most reproducible.
Fixed in master. Will back port to maintenance builds as part of bug 478496.
Just to document it, instead of empty string, as stated in comment 0, I used -Declipse-p2-repo.url="NOT_FOR_PRODUCTION_USE" so it would "stand out more", if ever used during production (or, if production value "slipped in" (somehow) to Gerrit builds. I also added this variable to the "maven.properties" file so the value should be saved for each build, in case there is ever any question.
