Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [equinox-dev] Maven snapshot repository available ?

Hi Stephan,

Have you seen this article: http://blog.osgi.org/2017/02/osgi-api-snapshots-are-live.html ?


best regards,

Cristiano


On 11/04/2017 16:47, Stephan Herrmann wrote:
On 11.04.2017 18:11, Cristiano Gavião wrote:
Hello Stephan, hope I have understood your question...

Sorry, if I was unclear.

On 11/04/2017 11:26, Stephan Herrmann wrote:

In particular: if someone references a repo with
    <snapshots><enabled>false</enabled></snapshots>
how exactly must a snapshot be marked in order to remain invisible?
if you set the repository as false it won't be considered by maven in order to looking for remote artfacts/bundles. but maven can
still use already downloaded ones.

Here I wasn't asking about disabling a repo, but about restricting downloads
from it so that you only get release artifacts, not snapshots.
More precisely, what rules Maven applies when it finds the above element
in a repository declaration, or: how exactly does Maven recognize an
artifact as a snapshot.


Consider a company repository manager standing between you and
the outside, i.e., you can't directly turn on/off your connection
to OSSRH snapshots, but need to excluded snapshots in a given build.
if you have Nexus OSS free(https://www.sonatype.com/download-oss-sonatype), you can start and stop a snapshot that is exposed to the
world or internal network.

I don't operate the nexus. In that role I just need to ensure that the
intended versions are fetched from it. Consider this scenario as an
illustration for the above question.


and if we use thirty-part snapshot repo or p2 bundles, what I normally used to do at dev time (briefly) are:

  * Download the bundles from the http links provided by Eclipse and create a local maven repository and point nexus to it (the most
    boring part);
  * create a new branch in our releng project in git where I will change the FPOM ( a fragment POM with only dependencyManagement
    and version that I want to work). Normally I declare every dependency, including transitive ones.  Then I install those fpom in
    maven snapshot repo;

  * create a branch for consumer projects and change every multi-project root pom that imports fpom to use the snapshot and
    consequently all hierarchy below it will have the right versions ( I use versions plugin for that):

       <dependencyManagement>
            <dependencies>
                <dependency>
                    <groupId>com.c8tech.releng.maven</groupId>
                    <artifactId>com.c8tech-maven-fpom-node-equinox</artifactId>
                    <version>${com.c8tech.releng.version}</version>
                    <scope>import</scope>
                    <type>pom</type>
                </dependency>
            </dependencies>
        </dependencyManagement>

Up-to this point this roughly corresponds to what I wrote about a huge dependencyManagement
as a stand-in for a target platform definition. We seem to be on the same page, good.

Thinking more about it, we might consider publishing this kind of target platform definition
in the future, s.t. like
    org.eclipse.platform:eclipse-sdk-dependencies:4.7.0:pom
containing dependencyManagement with all exact versions as of Oxygen GA.
I filed https://bugs.eclipse.org/515137


[...]

In that repo I see artifacts like this:

https://oss.sonatype.org/content/repositories/snapshots/org/eclipse/tycho/org.eclipse.jdt.core/3.10.0.v20140528-1959-SNAPSHOT/org.eclipse.jdt.core-3.10.0.v20140528-1959-20140625.081446-8.jar


which exhibits two variants of the version: directory mentions SNAPSHOT,
artifact expands that to a time stamp. Is this artifact enabled/disabled
by the <snapshots> element? If so, then this could help avoid the problem
I mentioned in my first mail.

The first variation that you see is the directory. inside that directory you can have one or more different timestamped versions.
what defines which one is the latest is the
https://oss.sonatype.org/content/repositories/snapshots/org/eclipse/tycho/org.eclipse.jdt.core/3.10.0.v20140528-1959-SNAPSHOT/maven-metadata.xml
file.

I know what is a directory ;p

But I still don't know how exactly versions in directory names and/or artifact names
must be constructed to be (negatively) affected by
    <snapshots><enabled>false</enabled></snapshots>

I'm insisting in this point, because only if this is fully understood,
someone may publish snapshots to a global repository without affecting
consumers who rely on receiving release artifacts only.


best,
Stephan

_______________________________________________
equinox-dev mailing list
equinox-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/equinox-dev


Back to the top