You are viewing a plain text version of this content. The canonical link for it is here.
Posted to reviews@kudu.apache.org by "Mike Percy (Code Review)" <ge...@cloudera.org> on 2019/03/07 19:11:12 UTC
[kudu-CR] binary jar: publish script should sign artifacts
Hello Grant Henke,
I'd like you to do a code review. Please visit
http://gerrit.cloudera.org:8080/12691
to review the following change.
Change subject: binary jar: publish script should sign artifacts
......................................................................
binary jar: publish script should sign artifacts
The publish script for the binary jar needs to sign each artifact before
it can be released in a non-snapshot repository. This patch changes the
script to sign the artifacts when invoking it in deploy mode.
Additional changes:
* Default to the release staging repo instead of the snapshot repo
* Fix some script comments
Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
---
M build-support/mini-cluster/publish_mini_cluster_binaries.sh
1 file changed, 10 insertions(+), 7 deletions(-)
git pull ssh://gerrit.cloudera.org:29418/kudu refs/changes/91/12691/1
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: newchange
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Grant Henke (Code Review)" <ge...@cloudera.org>.
Grant Henke has posted comments on this change. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
Patch Set 1: Code-Review+2
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Mike Percy <mp...@apache.org>
Gerrit-Comment-Date: Tue, 12 Mar 2019 17:00:52 +0000
Gerrit-HasComments: No
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Mike Percy (Code Review)" <ge...@cloudera.org>.
Mike Percy has submitted this change and it was merged. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
binary jar: publish script should sign artifacts
The publish script for the binary jar needs to sign each artifact before
it can be released in a non-snapshot repository. This patch changes the
script to sign the artifacts when invoking it in deploy mode.
Additional changes:
* Default to the release staging repo instead of the snapshot repo
* Fix some script comments
Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Reviewed-on: http://gerrit.cloudera.org:8080/12691
Tested-by: Kudu Jenkins
Reviewed-by: Grant Henke <gr...@apache.org>
---
M build-support/mini-cluster/publish_mini_cluster_binaries.sh
1 file changed, 10 insertions(+), 7 deletions(-)
Approvals:
Kudu Jenkins: Verified
Grant Henke: Looks good to me, approved
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 2
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Mike Percy <mp...@apache.org>
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Grant Henke (Code Review)" <ge...@cloudera.org>.
Grant Henke has posted comments on this change. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
Patch Set 1:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG
Commit Message:
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG@15
PS1, Line 15: * Default to the release staging repo instead of the snapshot repo
> Shouldn't we default to the snapshot repo though? Most downstream consumers
This was done on purpose so that the steps to use the release repo was explicit and opt in.
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Thu, 07 Mar 2019 20:27:05 +0000
Gerrit-HasComments: Yes
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Mike Percy (Code Review)" <ge...@cloudera.org>.
Mike Percy has posted comments on this change. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
Patch Set 1:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG
Commit Message:
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG@15
PS1, Line 15: * Default to the release staging repo instead of the snapshot repo
> This was done on purpose so that the steps to use the release repo was expl
I have a hard time seeing the utility. When was the last time you pushed a snapshot artifact of, say, the java client? This script will normally be run once every release and rarely if ever otherwise. The release process is already complicated and giving the RM fewer things to screw up should be a priority.
AFAICT, there is little risk of accidentally deploying release artifacts because the person running this would have to update the version to a non-SNAPSHOT version, run this script with their ASF credentials, log into ASF Nexus, select this version, click Close, and then click Release to actually release the artifacts. If they do that, I guess they must be the RM running the release.
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Mike Percy <mp...@apache.org>
Gerrit-Comment-Date: Thu, 07 Mar 2019 22:49:56 +0000
Gerrit-HasComments: Yes
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Mike Percy (Code Review)" <ge...@cloudera.org>.
Mike Percy has posted comments on this change. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
Patch Set 1:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG
Commit Message:
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG@15
PS1, Line 15: * Default to the release staging repo instead of the snapshot repo
> The other reason I defaulted to the snapshot repo is that I thought it migh
Grant, IIUC you are referring to the release process. What I found out this release cycle is that if you push with multiple scripts to the same staging repo, as long as you push as the same user and from the same computer everything is supposed to end up in the same staging repo. If for some reason stuff ends up in multiple staging repos, as long as the artifacts don't overlap then you can still push them independently and it will work fine (Andrew and I did it that way for the 1.9.0 release).
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Mike Percy <mp...@apache.org>
Gerrit-Comment-Date: Fri, 08 Mar 2019 18:33:30 +0000
Gerrit-HasComments: Yes
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Adar Dembo (Code Review)" <ge...@cloudera.org>.
Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
Patch Set 1:
(1 comment)
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG
Commit Message:
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG@15
PS1, Line 15: * Default to the release staging repo instead of the snapshot repo
Shouldn't we default to the snapshot repo though? Most downstream consumers will likely be consuming releases rather than snapshots, so accidentally publishing to the release repo would cause more problems than an accidental publish to the snapshot repo.
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Comment-Date: Thu, 07 Mar 2019 19:16:38 +0000
Gerrit-HasComments: Yes
[kudu-CR] binary jar: publish script should sign artifacts
Posted by "Grant Henke (Code Review)" <ge...@cloudera.org>.
Grant Henke has posted comments on this change. ( http://gerrit.cloudera.org:8080/12691 )
Change subject: binary jar: publish script should sign artifacts
......................................................................
Patch Set 1: Code-Review+1
(1 comment)
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG
Commit Message:
http://gerrit.cloudera.org:8080/#/c/12691/1//COMMIT_MSG@15
PS1, Line 15: * Default to the release staging repo instead of the snapshot repo
> I have a hard time seeing the utility. When was the last time you pushed a
The other reason I defaulted to the snapshot repo is that I thought it might be common to publish these jars to the repo generated during the gradle Java publishing. If that were the case, we wouldn't have a single URL we could default to. I didn't test that process though, so my understanding of how it works may be wrong.
--
To view, visit http://gerrit.cloudera.org:8080/12691
To unsubscribe, visit http://gerrit.cloudera.org:8080/settings
Gerrit-Project: kudu
Gerrit-Branch: master
Gerrit-MessageType: comment
Gerrit-Change-Id: I205765a6a9bedba11a7c96d5a56435f7aed5071e
Gerrit-Change-Number: 12691
Gerrit-PatchSet: 1
Gerrit-Owner: Mike Percy <mp...@apache.org>
Gerrit-Reviewer: Adar Dembo <ad...@cloudera.com>
Gerrit-Reviewer: Grant Henke <gr...@apache.org>
Gerrit-Reviewer: Kudu Jenkins (120)
Gerrit-Reviewer: Mike Percy <mp...@apache.org>
Gerrit-Comment-Date: Fri, 08 Mar 2019 15:57:01 +0000
Gerrit-HasComments: Yes