You are viewing a plain text version of this content. The canonical link for it is here.

Posted to repo-maintainers@maven.apache.org by Tony Chemit <ch...@codelutin.com> on 2010/01/24 18:49:29 UTC

how to become an approved forge

Hello,

Our company Code Lutin [1] produces some LGPL and GPL projets using maven.

We actually maintains :

- two forges (Nuiton [2] , Chorem [3]), 
- a svn repostiroy [4], 
- our release repository [5] (groups org.nuiton and org.chorem).
- hudson for ci [6]
- sonar [7]

About our artifacts, respects I think all quality requirements to go to central :

- complete poms (complete projet info, scm, self-contained)
- deploy sources + jar
- gpg signatures (from 01-2010) 

We'd like to be able to synch our artifacts from org.nuiton to central.

Also, we don not want to host our maven repository to an approved force.

Can you explain us how to become an approved force.

Best regards,

-- 

Tony Chemit
--------------------
tél: +33 (0) 2 40 50 29 28
email: chemit@codelutin.com  
http://www.codelutin.com

Re: how to become an approved forge

Posted by Brian Fox <br...@sonatype.com>.

On Mon, Jan 25, 2010 at 3:03 AM, Tony Chemit <ch...@codelutin.com> wrote:
> Le Sun, 24 Jan 2010 20:14:31 -0500,
> Brian Fox <br...@infinity.nu> a écrit :
>
> Hi,
>
>> I think you're missing the links you intended.
>
> Yes my mistake..., here there are :
>
> [1] http://codelutin.com
> [2] http://nuiton.org
> [3] http://chorem.org
> [4] http://svn.nuiton.org/svn/
> [5] http://maven.nuiton.org/release
> [6] http://hudson.nuiton.org/hudson
> [7] http://sonar.nuiton.org/sonar
> [8] http://labs.libre-entreprise.org
>>
>> The criteria currently are:
>> 1) forges are open to oss projects
> Fine for us, we already host in our maven repository other open source projects from
> another open source forge [8]
>
> Actually, we do not use a maven repository manager, if it is necessary, we could
> use for example the nexus one.
>
> Would it be ok for you ?
>
>> 2) host multiple projects
> That's true for us :)
>
>> 3) have some way to enforce the quality of the artifacts and signatures.
> Does nexus do it for us ?
> Our release process assures us a good project quality I think.
> Signature of artifacts is still new to us, but we incoporate it to release time from now.

Nexus Pro does enforce the signature quality of the artifacts if you
use the staging support, and you can get an OSS license for public oss
use on forges.

I looked through your repos and there are a lot of artifacts that
probably shouldn't be there, including snapshots. I think getting
those imported and sorted out in a repo manager is a good first step.
We could then pick up the org/nuiton and org/chorem (and other
original) folders. There appear to be enough subprojects for this repo
to qualify. We're just trying to avoid having syncs setup for
individual projects.
>
> Best regards,
>
>> On Sun, Jan 24, 2010 at 12:49 PM, Tony Chemit <ch...@codelutin.com> wrote:
>> > Hello,
>> >
>> > Our company Code Lutin [1] produces some LGPL and GPL projets using maven.
>> >
>> > We actually maintains :
>> >
>> > - two forges (Nuiton [2] , Chorem [3]),
>> > - a svn repostiroy [4],
>> > - our release repository [5] (groups org.nuiton and org.chorem).
>> > - hudson for ci [6]
>> > - sonar [7]
>> >
>> > About our artifacts, respects I think all quality requirements to go to
>> > central :
>> >
>> > - complete poms (complete projet info, scm, self-contained)
>> > - deploy sources + jar
>> > - gpg signatures (from 01-2010)
>> >
>> > We'd like to be able to synch our artifacts from org.nuiton to central.
>> >
>> > Also, we don not want to host our maven repository to an approved force.
>> >
>> > Can you explain us how to become an approved force.
>> >
>> > Best regards,
>> >
>> > --
>> >
>> > Tony Chemit
>> > --------------------
>> > tél: +33 (0) 2 40 50 29 28
>> > email: chemit@codelutin.com
>> > http://www.codelutin.com
>> >
>
> --
>
> Tony Chemit
> --------------------
> tél: +33 (0) 2 40 50 29 28
> email: chemit@codelutin.com
> http://www.codelutin.com
>

Re: how to become an approved forge

Posted by Tony Chemit <ch...@codelutin.com>.

Le Sun, 24 Jan 2010 20:14:31 -0500,
Brian Fox <br...@infinity.nu> a écrit :

Hi,

> I think you're missing the links you intended.

Yes my mistake..., here there are :

[1] http://codelutin.com
[2] http://nuiton.org
[3] http://chorem.org
[4] http://svn.nuiton.org/svn/ 
[5] http://maven.nuiton.org/release
[6] http://hudson.nuiton.org/hudson
[7] http://sonar.nuiton.org/sonar
[8] http://labs.libre-entreprise.org
> 
> The criteria currently are:
> 1) forges are open to oss projects
Fine for us, we already host in our maven repository other open source projects from
another open source forge [8]

Actually, we do not use a maven repository manager, if it is necessary, we could 
use for example the nexus one.

Would it be ok for you ?

> 2) host multiple projects
That's true for us :)

> 3) have some way to enforce the quality of the artifacts and signatures.
Does nexus do it for us ?
Our release process assures us a good project quality I think.
Signature of artifacts is still new to us, but we incoporate it to release time from now. 

Best regards,

> On Sun, Jan 24, 2010 at 12:49 PM, Tony Chemit <ch...@codelutin.com> wrote:
> > Hello,
> >
> > Our company Code Lutin [1] produces some LGPL and GPL projets using maven.
> >
> > We actually maintains :
> >
> > - two forges (Nuiton [2] , Chorem [3]),
> > - a svn repostiroy [4],
> > - our release repository [5] (groups org.nuiton and org.chorem).
> > - hudson for ci [6]
> > - sonar [7]
> >
> > About our artifacts, respects I think all quality requirements to go to
> > central :
> >
> > - complete poms (complete projet info, scm, self-contained)
> > - deploy sources + jar
> > - gpg signatures (from 01-2010)
> >
> > We'd like to be able to synch our artifacts from org.nuiton to central.
> >
> > Also, we don not want to host our maven repository to an approved force.
> >
> > Can you explain us how to become an approved force.
> >
> > Best regards,
> >
> > --
> >
> > Tony Chemit
> > --------------------
> > tél: +33 (0) 2 40 50 29 28
> > email: chemit@codelutin.com
> > http://www.codelutin.com
> >

-- 

Tony Chemit
--------------------
tél: +33 (0) 2 40 50 29 28
email: chemit@codelutin.com  
http://www.codelutin.com

Re: how to become an approved forge

Posted by Brian Fox <br...@infinity.nu>.

I think you're missing the links you intended.

The criteria currently are:
1) forges are open to oss projects
2) host multiple projects
3) have some way to enforce the quality of the artifacts and signatures.

On Sun, Jan 24, 2010 at 12:49 PM, Tony Chemit <ch...@codelutin.com> wrote:
> Hello,
>
> Our company Code Lutin [1] produces some LGPL and GPL projets using maven.
>
> We actually maintains :
>
> - two forges (Nuiton [2] , Chorem [3]),
> - a svn repostiroy [4],
> - our release repository [5] (groups org.nuiton and org.chorem).
> - hudson for ci [6]
> - sonar [7]
>
> About our artifacts, respects I think all quality requirements to go to central :
>
> - complete poms (complete projet info, scm, self-contained)
> - deploy sources + jar
> - gpg signatures (from 01-2010)
>
> We'd like to be able to synch our artifacts from org.nuiton to central.
>
> Also, we don not want to host our maven repository to an approved force.
>
> Can you explain us how to become an approved force.
>
> Best regards,
>
> --
>
> Tony Chemit
> --------------------
> tél: +33 (0) 2 40 50 29 28
> email: chemit@codelutin.com
> http://www.codelutin.com
>