On 27 February 2012 21:22, Gilles Sadowski <gil...@harfang.homelinux.org> wrote: >> > I couldn't tell you now because installing maven3 implied desinstalling >> > maven2. >> >> I've got both installed (Win XP) with no issues; I just change the >> PATH as needed to switch between them. > > It's Debian GNU/Linux here. > >> > [...] > >> > [INFO] >> > ------------------------------------------------------------------------ >> > [INFO] Building Commons Math 3.0-SNAPSHOT >> > [INFO] >> > ------------------------------------------------------------------------ >> > [INFO] >> > [INFO] --- maven-gpg-plugin:1.1:sign (default-cli) @ commons-math3 --- >> > GPG Passphrase: ******************************* >> >> Good, so it does prompt. >> >> > [INFO] >> > ------------------------------------------------------------------------ >> > [INFO] BUILD FAILURE >> > [INFO] >> > ------------------------------------------------------------------------ >> > [INFO] Total time: 11.345s >> > [INFO] Finished at: Mon Feb 27 13:05:15 CET 2012 >> > [INFO] Final Memory: 9M/105M >> > [INFO] >> > ------------------------------------------------------------------------ >> > [ERROR] Failed to execute goal >> > org.apache.maven.plugins:maven-gpg-plugin:1.1:sign (default-cli) on project >> > commons-math3: The project artifact has not been assembled yet. Please do >> > not invoke this goal before the lifecycle phase "package". -> [Help 1] >> > [ERROR] >> > [ERROR] To see the full stack trace of the errors, re-run Maven with the -e >> > switch. >> > [ERROR] Re-run Maven using the -X switch to enable full debug logging. >> > [ERROR] >> > [ERROR] For more information about the errors and possible solutions, >> > please read the following articles: >> > [ERROR] [Help 1] >> > http://cwiki.apache.org/confluence/display/MAVEN/MojoFailureException >> > ---CUT--- >> > >> > However, when I run >> > >> > $ mvn clean deploy -Papache-release -Ptest-deploy >> >> Try using >> >> mvn clean package deploy -Prelease -Ptest-deploy >> >> instead. > > Same error (bad passphrase). > >> [...] >> Some encrypted passphrases can contain invalid characters; check that >> {} only appear at the ends. > > There are no "{" or "}" inside the encrypted passphrase. > >> [Very poor design of the Maven decrypt routine - it should only check >> for {} at the ends of the value and so avoid the hassle of escaping >> chars] >> >> > [INFO] >> > ------------------------------------------------------------------------ >> > [INFO] BUILD FAILURE >> > [INFO] >> > ------------------------------------------------------------------------ >> > [INFO] Total time: 2:20.088s >> > [INFO] Finished at: Mon Feb 27 13:15:10 CET 2012 >> > [INFO] Final Memory: 36M/370M >> > [INFO] >> > ------------------------------------------------------------------------ >> > [ERROR] Failed to execute goal >> > org.apache.maven.plugins:maven-gpg-plugin:1.1:sign (default) on project >> > commons-math3: Exit code: 2 -> [Help 1] >> > ---CUT--- >> > >> >> >> >> Better than plain text, but still not ideal if your host is not >> >> physically secure. >> > >> > It would have been good enough if it worked. >> > I must be missing some additional configuration... >> >> Does the encryption setup work for logins, e.g. can you deploy snapshots? > > When there is no GPG step, it seems to work; here is a listing of the > created files: > > $ ls -1 target/deploy/org/apache/commons/commons-math3/3.0-SNAPSHOT/ > commons-math3-3.0-20120227.204940-1.jar > commons-math3-3.0-20120227.204940-1.jar.md5 > commons-math3-3.0-20120227.204940-1.jar.sha1 > commons-math3-3.0-20120227.204940-1.pom > commons-math3-3.0-20120227.204940-1.pom.md5 > commons-math3-3.0-20120227.204940-1.pom.sha1 > commons-math3-3.0-20120227.204940-1-site.xml > commons-math3-3.0-20120227.204940-1-site.xml.md5 > commons-math3-3.0-20120227.204940-1-site.xml.sha1 > maven-metadata.xml > maven-metadata.xml.md5 > maven-metadata.xml.sha1 > > > I only tried "test-deploy"; can I just try "deploy" as is, and see what is > going to happen?
AFAIK, there is no point - the gpg stage happens before deploy; changing the deploy target won't change anything to do with gpg. > I was wary of messing with Nexus until it could at least > work flawlessly with "test-deploy"... Nexus is the safety net; it's not possible to accidentally deploy when using Nexus, as the release upload has to be closed and then released before it gets sent further. > I think that this, indeed, did not test the use of the encrypted password > for login. To test the login encryption, I suggest you try deploying a snapshot release instead (e.g. install from trunk, which should remain a snapshot). >> > [...] > > > Gilles > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
