You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@sling.apache.org by kw...@apache.org on 2022/11/06 17:53:13 UTC
[sling-ide-tooling] branch feature/sign-jars created (now f7a0edf1)
This is an automated email from the ASF dual-hosted git repository.
kwin pushed a change to branch feature/sign-jars
in repository https://gitbox.apache.org/repos/asf/sling-ide-tooling.git
at f7a0edf1 SLING-10064 Sign JARs and build P2 repo in a dedicated stage
This branch includes the following new commits:
new f7a0edf1 SLING-10064 Sign JARs and build P2 repo in a dedicated stage
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[sling-ide-tooling] 01/01: SLING-10064 Sign JARs and build P2 repo in a dedicated stage
Posted by kw...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
kwin pushed a commit to branch feature/sign-jars
in repository https://gitbox.apache.org/repos/asf/sling-ide-tooling.git
commit f7a0edf1dc1cf6e8851572f006019b872f9da5b2
Author: Konrad Windszus <kw...@apache.org>
AuthorDate: Sun Nov 6 18:53:07 2022 +0100
SLING-10064 Sign JARs and build P2 repo in a dedicated stage
Leverage the PKCS#11 library from DigiCert ONE being set up with
https://issues.apache.org/jira/browse/INFRA-23844
---
Jenkinsfile | 15 ++++++++-
eclipse/p2update/pom.xml | 85 ++++++++++++++----------------------------------
eclipse/pom.xml | 1 -
3 files changed, 39 insertions(+), 62 deletions(-)
diff --git a/Jenkinsfile b/Jenkinsfile
index ce88ca21..a2c7ab22 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -20,6 +20,7 @@ def jobConfig = [
helper.runWithErrorHandling(jobConfig, {
parallel 'linux': generateStages('linux', mvnVersion, javaVersion),
'windows': generateStages('windows', mvnVersion, javaVersion)
+ buildSignedP2Repository( mvnVersion, javaVersion )
})
// generates os-specific stages
@@ -48,7 +49,7 @@ def generateStages(String os, def mvnVersion, def javaVersion) {
timeout(20) {
// workaround for https://issues.jenkins-ci.org/browse/JENKINS-39415
wrap([$class: 'Xvfb', autoDisplayName: true]) {
- runCmd 'mvn -f eclipse clean verify'
+ runCmd 'mvn -f eclipse clean install'
}
// workaround for https://issues.jenkins-ci.org/browse/JENKINS-55889
junit(testResults: 'eclipse/**/surefire-reports/*.xml', allowEmptyResults: true)
@@ -70,6 +71,18 @@ def generateStages(String os, def mvnVersion, def javaVersion) {
}
}
+def buildSignedP2Repository( def mvnVersion, def javaVersion ) {
+ node('pkcs11') {
+ stage(' Build Signed P2 Repository') {
+ checkout scm
+ withMaven(maven: mvnVersion, jdk: javaVersion, mavenLocalRepo: '.repository', options: [artifactsPublisher(disabled: true)]) {
+ timeout(20) {
+ runCmd 'mvn -f eclipse/p2update clean verify'
+ }
+ }
+ }
+ }
+}
def runCmd(def cmd) {
if (isUnix() ) {
sh cmd
diff --git a/eclipse/p2update/pom.xml b/eclipse/p2update/pom.xml
index 7a689260..000c0d85 100644
--- a/eclipse/p2update/pom.xml
+++ b/eclipse/p2update/pom.xml
@@ -60,66 +60,31 @@
<build>
<plugins>
<plugin>
- <groupId>net.jsign</groupId>
- <artifactId>jsign-maven-plugin</artifactId>
- <version>4.2</version>
- <executions>
- <execution>
- <goals>
- <goal>sign</goal>
- </goals>
- <configuration>
- <fileSet>
- <directory>target/repository</directory>
- <includes>
- <include>**/org.apache.sling.*.jar</include>
- </includes>
- </fileSet>
- <name>Apache Sling IDE Tooling for Eclipse</name>
- <url>https://sling.apache.org/documentation/development/ide-tooling.html</url>
- <alias>Sling-PMC-cert-2022-09_4f01e1ed-9fde-4f84-a5ac-adf82e114a3b</alias>
- <storepass>${settings.server.digicertoneasf.passphrase}|path</storepass>
- <storetype>DIGICERTONE</storetype>
- </configuration>
- </execution>
- </executions>
- </plugin>
-
- <!--
- This plugin is not yet released. To use this code signing, install the
- pluging locally and then run with the 'codesign' profile. See the Sling IDE
- tooling docs for more instructions
- <plugin>
- <groupId>org.apache.sling</groupId>
- <artifactId>codesign-maven-plugin</artifactId>
- <version>1.0.0-SNAPSHOT</version>
- <executions>
- <execution>
- <id>codesign</id>
- <phase>package</phase>
- <goals>
- <goal>sign</goal>
- </goals>
- </execution>
- </executions>
- <configuration>
- <applicationName>Apache Sling IDE Tooling for Eclipse</applicationName>
- <applicationVersion>${qualifiedVersion}</applicationVersion>
- <includeProjectArtifact>false</includeProjectArtifact>
- <artifactSets>
- <artifactSet>
- <directory>target/repository/features</directory>
- <include>org.apache.sling.*.jar</include>
- </artifactSet>
- <artifactSet>
- <directory>target/repository/plugins</directory>
- <include>org.apache.sling.*.jar</include>
- </artifactSet>
- </artifactSets>
- <signingService>Java TEST Signing Sha256</signingService>
- </configuration>
- </plugin>
- -->
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-jarsigner-plugin</artifactId>
+ <version>3.0.0</version>
+ <executions>
+ <execution>
+ <id>sign</id>
+ <goals>
+ <goal>sign</goal>
+ </goals>
+ </execution>
+ </executions>
+ <configuration>
+ <keystore>NONE</keystore>
+ <alias>Sling-PMC-cert-2022-09_4f01e1ed-9fde-4f84-a5ac-adf82e114a3b</alias>
+ <storepass>none</storepass>
+ <providerClass>sun.security.pkcs11.SunPKCS11</providerClass>
+ <storetype>PKCS11</storetype>
+ <providerArg>${env.PKCS11_CONFIG}</providerArg>
+ <tsa>http://timestamp.digicert.com</tsa>
+ <verbose>true</verbose>
+ <processMainArtifact>false</processMainArtifact>
+ <archiveDirectory>${project.build.directory}/repository</archiveDirectory>
+ </configuration>
+ </plugin>
+
<plugin>
<groupId>org.eclipse.tycho.extras</groupId>
<artifactId>tycho-p2-extras-plugin</artifactId>
diff --git a/eclipse/pom.xml b/eclipse/pom.xml
index 7081f767..bbb9abe0 100644
--- a/eclipse/pom.xml
+++ b/eclipse/pom.xml
@@ -47,7 +47,6 @@
<module>eclipse-sightly-core</module>
<module>eclipse-sightly-ui</module>
<module>sightly-feature</module>
- <module>p2update</module>
<!-- test modules activated per profile -->
</modules>