Re: [cbi-dev] Using signing webservice outside of eclipse

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [cbi-dev] Using signing webservice outside of eclipse

From: Dennis Hübner <dennis.huebner@xxxxxxxxx>
Date: Tue, 1 Mar 2016 15:58:31 +0100
Delivered-to: cbi-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/cbi-dev>
List-help: <mailto:cbi-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/cbi-dev>, <mailto:cbi-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/options/cbi-dev>, <mailto:cbi-dev-request@eclipse.org?subject=unsubscribe>

Am 01.03.2016 um 15:47 schrieb david.w.smiley@xxxxxxxxx:

Hello Dennis,

Hi David,

I recently did my first release as an Eclipse/LocationTech project and I had to tackle this. I have a special Hudson Job I invoke purely for signing purposes, along with some info in my pom.xml fully contained in a profile. I Tell the job to archive the pom.xml and all jar's it generates. After the job completes, I download a zip archive of these things. Then I sign each file with gpg. Then I create a jar of all these files together, a so-called "bundle" and then upload this to Sonatype. See:

http://central.sonatype.org/pages/manual-staging-bundle-creation-and-deployment.html

It's really not bad. I'm even able to partially make use of Maven's convenient "release" plugin; just not the perform phase.

That sounds interesting too. We are planing to produce a maintenance release this week, but I’m afraid all the setup and access

granting may take a while. So maybe your way is a good start solution for us to create a „preview“ signed maintenance release.

Thanks for your suggestions,

Dennis.

I have notes on Spatial4j's release process here:
https://github.com/locationtech/spatial4j/blob/master/devnotes.md

~ David

On Tue, Mar 1, 2016 at 2:53 AM Dennis Hübner <dennis.huebner@xxxxxxxxx> wrote:
Hi guys,
is it possible to use the eclipse signing webservice (tycho maven plugin) from outside of eclipse infra?

Im trying to sign our xtext maven artifacts with eclipse signature before uploading them to maven central.
I can’t run the deployment build on eclipse HIPP because I can’t share my maven central authentication data
and PGP signatur on a ’shared’ HIPP.

Somebody already tried this?

Best regards,
Dennis Hübner

_______________________________________________
cbi-dev mailing list
cbi-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/cbi-dev
--
Lucene/Solr Search Committer, Consultant, Developer, Author, Speaker
LinkedIn: http://linkedin.com/in/davidwsmiley | Book: http://www.solrenterprisesearchserver.com
_______________________________________________
cbi-dev mailing list
cbi-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/cbi-dev

Viele Grüße,

Dennis Hübner

Attachment: signature.asc
Description: Message signed with OpenPGP using GPGMail

References:
- [cbi-dev] Using signing webservice outside of eclipse
  - From: Dennis Hübner
- Re: [cbi-dev] Using signing webservice outside of eclipse
  - From: david.w.smiley@xxxxxxxxx

Prev by Date: Re: [cbi-dev] Using signing webservice outside of eclipse
Next by Date: [cbi-dev] OS X application signing
Previous by thread: Re: [cbi-dev] Using signing webservice outside of eclipse
Next by thread: [cbi-dev] OS X application signing
Index(es):
- Date
- Thread

Breadcrumbs