Upload archives xmits .asc sign only for the .pom


(Blaine Simpson) #1

I have to convert my build to publish to Sonatype. I’m using the maven and signing plugins. This is a multiple-artifact/multiple-classifier project.

I see that all of the .asc signature files get created (locally), but for some reason only the POM’s .asc file gets uploaded. Seems to me that the plugins should realize that if I am building a “hsqldb” jar artifact, and it even generates the .asc file for the jar, that it should know to upload the corresponding .asc file. Maybe I have to tell something explicitly because of multiple-classifier or multiple-project? Here is the relevant Gradle uploadArchives code:

uploadArchives {

def authMap = [:]

if (project.hasProperty(‘mavenRepository.dest.username’))

authMap[‘userName’] = project.property(‘mavenRepository.dest.username’)

if (project.hasProperty(‘mavenRepository.dest.password’))

authMap[‘password’] = project.property(‘mavenRepository.dest.password’)

if (project.hasProperty(‘mavenRepository.dest.privateKey’))

authMap[‘privateKey’] =

project.property(‘mavenRepository.dest.privateKey’)

repositories.mavenDeployer {

configuration = configurations.deployJars

beforeDeployment { MavenDeployment deployment -> signPom(deployment) }

if (project.hasProperty(‘mavenRepository.dest.url’))

repository(url: project.property(‘mavenRepository.dest.url’)) {

authentication(authMap)

}

[

addFilter(‘hsqldb’) {artifact, file -> artifact.name == ‘hsqldb’},

addFilter(‘sqltool’) {artifact, file -> artifact.name == ‘sqltool’}

].each { pom -> pom.project {

// The hasProperty tests are necessary even for required variables

// because this code is evaluated even if the uploadArchives task

// will never be executed.

if (project.hasProperty(‘title’)) name project.property(‘title’)

if (project.hasProperty(‘description’))

description project.property(‘description’)

if (project.hasProperty(‘url’)) url project.property(‘url’)

if (project.hasProperty(‘inceptionYear’))

inceptionYear project.property(‘inceptionYear’)

scm {

if (project.hasProperty(‘scm.url’))

url project.property(‘scm.url’)

if (project.hasProperty(‘scm.connection’))

connection project.property(‘scm.connection’)

if (project.hasProperty(‘scm.tag’))

tag project.property(‘scm.tag’)

}

if (project.hasProperty(‘org.name’)

|| project.hasProperty(‘org.url’)) organization {

if (project.hasProperty(‘org.name’))

name project.property(‘org.name’)

if (project.hasProperty(‘org.url’))

url project.property(‘org.url’)

}

licenses {

license {

name ‘HSQLDB License, a BSD open source license’

url ‘http://hsqldb.org/web/hsqlLicense.html

distribution ‘repo’

}

}

if (project.hasProperty(‘developer.name’)

|| project.hasProperty(‘developer.email’)) developers {

developer {

if (project.hasProperty(‘developer.id’))

id project.property(‘developer.id’)

if (project.hasProperty(‘developer.name’))

name project.property(‘developer.name’)

if (project.hasProperty(‘developer.email’))

email project.property(‘developer.email’)

}

}

} }

}

}


(Luke Daley) #2

what does your ‘signing {}’ block look like?


(Blaine Simpson) #3

signing {

sign configurations.archives

}

Maybe I need to set the “artifacts” (or something else) before the signing statement?


(Luke Daley) #4

You shouldn’t have to do that.

I’m not sure why this is happening TBH. My guess would be that it’s because of the multiple artifacts. It definitely works for multiple of the same artifact with different classifiers.

Any chance you could put together a small sample build script that I can use to debug the problem?


(Blaine Simpson) #5

Will work on that on the weekend.


(Blaine Simpson) #6

This is a stripped down sample build script.

As currently commented, the script configures a single output artifact and the signer correctly writes two .asc files, one for the jar and one for the auto-generated pom.

To evoke the problem, replace the “pom.project” statement with the commented-out addFilter/each looper (and balance the closing quotes). (Note that one of the addFilters is commented out to purposefully write only a single artifact set). After doing this, 1 jars and 1 pom still created, but only one .asc file gets created.

You can uncomment the artifacts block at the bottom and the 2nd addFilter to write the “two” artifact set (the problem remains), but the test case is more simple with just one artifact set.

// Test Gradle file.

// Current directory named “one” so project takes its name from that.

apply plugin: ‘java’

apply plugin: ‘maven’

apply plugin: ‘signing’

signing {

sign configurations.archives

}

project.setProperty(‘signing.secretKeyRingFile’, ‘/home/blaine/.gnupg/secring.gpg’)

project.setProperty(‘signing.password’, ‘508wil2u’)

project.setProperty(‘signing.keyId’, ‘2516C4D3’)

project.setProperty(‘group’, ‘grp’)

project.setProperty(‘version’, ‘1.2.3’)

task noop // Quiet task for testing root-level Groovy/Gradle development

noop.description = ‘Noop for testing Gradle’

defaultTasks ‘uploadArchives’

configurations {

deployJars

}

project.description = ‘A Project Description’

title = ‘A project title’

project.setProperty(‘mavenRepository.dest.url’, new URL(“file:/tmp/fakeMvn”));

uploadArchives {

def authMap = [:]

repositories.mavenDeployer {

configuration = configurations.deployJars

beforeDeployment { MavenDeployment deployment -> signPom(deployment) }

repository(url: project.property(‘mavenRepository.dest.url’)) {

authentication(authMap)

}

/*

[

addFilter(‘one’) {artifact, file -> artifact.name == ‘one’},

//addFilter(‘two’) {artifact, file -> artifact.name == ‘two’}

].each { pom -> pom.project {

*/

pom.project {

name project.property(‘title’)

description project.property(‘description’)

url new URL(“http://cnn.com”)

inceptionYear ‘2001’

scm {

url new URL(“http://cnn.com”)

connection ‘scm:svn:http://one.svn.sourceforge.net/svnroot/one/base

tag ‘TRUNK’

}

organization {

name ‘Org name’

url new URL(“http://cnn.com”)

}

licenses {

license {

name ‘One License, a BSD open source license’

url ‘http://one.org/web/hsqlLicense.html

distribution ‘repo’

}

}

//

} }

}

}

}

if (project.hasProperty(‘classifier’)) jar.classifier = project.classifier

task two {

print “noop”

}

task twoJar(dependsOn: [two], type: Jar) {

baseName = ‘two’

if (project.hasProperty(‘classifier’)) classifier = project.classifier

}

/*

artifacts {

archives twoJar

}

*/


(Blaine Simpson) #7

CORRECTION TO MY ORIGINAL EXPLANATION ABOVE:

It creates the .asc file for the .pom. The one that’s missing is the .asc for the .jar.


(Blaine Simpson) #8

Ping.

Luke?..


(Luke Daley) #9

Sorry, missed this when it came in.

The sample works for me. If I change the publication destination to be:

repository(url: "file://${buildDir}/repo")

I see an .asc file for the jar.

Where are you looking for the .asc jar in your environment?


(Blaine Simpson) #10

(As shown in the provided build file), my repository URL value is effectively: new URL(“file:/tmp/fakeMvn”)

With that value here is where I am looking for the .asc’s:

beyla$ find /tmp/fakeMvn -name ‘*.asc’

/tmp/fakeMvn/grp/one/1.2.3/one-1.2.3.pom.asc

beyla$

I am running 1.0-milestone-6. I really, really do not want to upgrade Gradle for this because this is to publish an app build that has been validated and stamped with 1.0-milestone-6 (and app binaries built with 1.0-milestone-6 are already distributed). If you are confident that a Gradle upgrade will make it write the other .asc, I’ll upgrade. Please advise.


(Peter Niederwieser) #11

Can’t you just try?


(Blaine Simpson) #12

It creates the 2 .asc files like it should with 1.2. Now I hope I can update my build scripts from milestone 6 in the time I have available.