Twitter github

Eclipse.org Signing Support for Maven Tycho

I’m happy to announce that we have a first release of eclipse-maven-signing-plugin. If your project needs to sign your bundles as part of the Eclipse Indigo release, please give the plug-in a try. To get started with the plug-in, please add the proper maven.eclipse.org repository to your pom.xml…

  <pluginRepositories>
    <pluginRepository>
      <id>maven.eclipse.org</id>
      <url>http://maven.eclipse.org/nexus/content/repositories/milestone-indigo</url>
    </pluginRepository>
  </pluginRepositories>

After that, in the module that you generate your p2 repository, add this profile…

   <profiles>
    <profile>
     <id>build-server</id>
     <build>
       <plugins>
         <plugin>
           <groupId>org.eclipse.dash.maven</groupId>
           <artifactId>eclipse-maven-signing-plugin</artifactId>
           <version>1.0.0</version>
           <executions>
             <execution>
               <id>pack</id>
               <configuration>
                 <inputFile>${project.build.directory}/github-updatesite.zip</inputFile>
               </configuration>
               <phase>package</phase>
               <goals>
                 <goal>pack</goal>
               </goals>
             </execution>
             <execution>
               <id>sign</id>
               <configuration>
                 <inputFile>${project.build.directory}/github-updatesite.zip</inputFile>
                 <signerInputDirectory>/home/data/httpd/download-staging.priv/egit-github</signerInputDirectory>
               </configuration>
               <phase>package</phase>
               <goals>
                 <goal>sign</goal>
               </goals>
             </execution>
             <execution>
               <id>repack</id>
               <configuration>
                 <inputFile>${project.build.directory}/signed/site_assembly.zip</inputFile>
               </configuration>
               <phase>package</phase>
               <goals>
                 <goal>pack</goal>
               </goals>
             </execution>
             <execution>
               <id>fixCheckSums</id>
               <phase>package</phase>
               <goals>
                 <goal>fixCheckSums</goal>
               </goals>
             </execution>
           </executions>
         </plugin>
         <plugin>
             <artifactId>maven-antrun-plugin</artifactId>
             <executions>
               <execution>
                 <id>deploy</id>
                 <phase>install</phase>
                 <goals>
                   <goal>run</goal>
                 </goals>
                 <configuration>
                   <tasks>
                     <delete includeemptydirs="false">
                       <fileset
                         dir="/home/data/httpd/download.eclipse.org/egit/github/updates-nightly">
                         <include name="**" />
                       </fileset>
                     </delete>
                     <copy includeemptydirs="false"
                       todir="/home/data/httpd/download.eclipse.org/egit/github/updates-nightly">
                       <fileset dir="target/checksumFix">
                         <include name="**" />
                       </fileset>
                     </copy>
                   </tasks>
                 </configuration>
               </execution>
             </executions>
           </plugin>
    </plugins>
  </build>
  </profile>
  </profiles>

Then all you need to do is run your maven build with ‘-P build-server’ as an added goal.

There are a couple things you need to watch for in regards to paths. The first is to ensure that you have a directory on the build server where signing can happen, in the example above, it was /home/data/httpd/download-staging.priv/egit-github. If you don’t have the proper permissions to create a directory under /home/data/httpd/download-staging.priv, please open a bug against the webmaster. You also need to ensure that you point to the archived p2 repository that is generated as part of the maven build. In the case of our example above, it’s ${project.build.directory}/github-updatesite.zip. The second part of the profile publishes the results on download.eclipse.org so you need to ensure that the directory there (e.g., /home/data/httpd/download.eclipse.org/egit/github/updates-nightly) is writable by Hudson (e.g., chmod 777).

I hope that gets you started. I plan on updating the Minerva example by next week to include all of this information and have it migrated to the eclipse.org Dash project where everyone can use it. A special thanks goes to David Carver and Jesse McConnell in helping get this in place in time for the Eclipse Indigo release.