My problem is probably a misunderstanding on my part, and not an issue with gradle, but I’m not sure.
I have a gradle project (https://raw.github.com/barrybecker4/bb4-puzzles/master/build.gradle) that publishes a list of jar files to a Sonatype staging repository. The uploadArchives task appears to run successfully and upload everything, except for one little detail - some of the class jars appear to have gotten rearranged in the process of uploading.
To avoid a lot of duplication, I created a map which describes the jars to be published and the include/exclude directories that correspond to each like this
ext.appMap = new LinkedHashMap()
appMap.put('puzzle', [include:['com/barrybecker4/puzzle/common/**']])
appMap.put('adventure',
[include:['com/barrybecker4/puzzle/adventure/**'],
exclude:['com/barrybecker4/puzzle/adventure/**/*.pdf']])
appMap.put('hiq', [include:['com/barrybecker4/puzzle/hiq/**']])
appMap.put('maze', [include:['com/barrybecker4/puzzle/maze/**']])
appMap.put('redpuzzle', [include:['com/barrybecker4/puzzle/redpuzzle/**']])
appMap.put('sudoku', [include:['com/barrybecker4/puzzle/sudoku/**']])
appMap.put('tantrix', [include:['com/barrybecker4/puzzle/tantrix/**']])
Then I apply a common gradle file (https://raw.github.com/barrybecker4/bb4-common/master/bb4-publish.gradle) that will handle the publishing based on this map. I dynamically create tasks for creating the class jars, source jars, and javadoc jars based on the map structure. I thought this was a nice use of the ability to dynamically create tasks. The artifacts and signing configuration similarly use the map to make sure the right archives and signing entries are added. I believe these parts are all working fine.
The problem is most likely in the mavenDeployer configuration and it may be subtle. When I run uploadArchive, everything appears to be signed and uploaded to the Sonatype staging repository correctly, except that some of the jars that were uploaded are not the right size. Upon further inspection, I see that while some are correct, others have been swapped (for example the bb4-maze-1.1.2.jar was uploaded as the bb4-redpuzzle-1.1.2.jar). The manner of the swapping is not reproducible - different jars are wrong each time I upload archives. When I try to close the staging repo, (not surprisingly) it fails on the Signature Validation step with some random subset of the 7 jars reporting a message like
Invalid Signature: ‘/com/barrybecker4/bb4-sudoku/1.1.2/bb4-sudoku-1.1.2.jar.asc’ is not a valid signature for ‘bb4-sudoku-1.1.2.jar’.
It makes me think that there may be some sort of race condition going on, but I’m not sure. Here is what the uploadArchives task looks like:
uploadArchives {
repositories {
mavenDeployer {
beforeDeployment { MavenDeployment deployment ->
signing.signPom(deployment)
}
repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2/") {
authentication(userName: sonatypeUsername, password: sonatypePassword)
}
snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots/") {
authentication(userName: sonatypeUsername, password: sonatypePassword)
}
pom.project jarPomConfig
// creates filters for each jar produced by appMap entries (if any)
appMap.each { String key, Map value ->
def jarName = "bb4-$key"
def jarPom = addFilter("${key}Jar") { artifact, file ->
artifact.name == jarName
}
jarPom.project jarPomConfig
jarPom.artifactId = jarName
jarPom.name = jarName
def ascPom = addFilter("${key}Jar.asc") { artifact, file ->
artifact.name == "bb4-${key}-${version}.jar.asc"
}
ascPom.project jarPomConfig
ascPom.artifactId = jarName
ascPom.name = 'asc-' + jarName
def ascJavadocPom = addFilter("${key}JavadocJar.asc") { artifact, file ->
artifact.name == "bb4-${key}-${version}-javadoc.jar.asc"
}
ascJavadocPom.project jarPomConfig
ascJavadocPom.artifactId = jarName
ascJavadocPom.name = 'javadoc-' + jarName
def ascSourcesPom = addFilter("${key}SourcesJar.asc") { artifact, file ->
artifact.name == "bb4-${key}-${version}-sources.jar.asc"
}
ascSourcesPom.project jarPomConfig
ascSourcesPom.artifactId = jarName
ascSourcesPom.name = 'sources-' + jarName
}
}
}
}