[OSSRH-3010] CLONE - launch4j-maven-plugin Created: 02/23/12  Updated: 02/27/12  Resolved: 02/27/12

Status: Closed
Project: Community Support - Open Source Project Repository Hosting
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: New Project Priority: Major
Reporter: Michael Vorburger Assignee: Juven Xu
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Attachments: Java Archive File launch4j-maven-plugin-1.5.1-bundle.jar     Java Archive File launch4j-maven-plugin-1.5.1-bundle.jar    
Group Id: com.akathist.maven.plugins.launch4j
Project URL: https://github.com/vorburger/launch4j-maven-plugin
SCM url: https://vorburger@github.com/vorburger/launch4j-maven-plugin.git
Username(s): vorburger
Already Synced to Central: No

 Description   

Please see http://launch4j.sourceforge.net/ -> http://9stmaryrd.com/tools/launch4j-maven-plugin/ -> https://github.com/vorburger/launch4j-demo

Needed for http://mifosforge.jira.com/browse/MIFOS-5157

Let me know if any questions.



 Comments   
Comment by Michael Vorburger [ 02/24/12 ]

[This is to continue OSSRH-2849 which timed out - may be you could have a Re-Open transition in your JIRA workflow?]

Hello, sorry for the delay in getting back to you, I've tried preparing a launch4j-maven-plugin-1.5.1-bundle.jar which I'll attached here, but am having trouble with Generating PGP Signatures With Maven as per https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven, https://oss.sonatype.org/index.html#staging-upload says:

Staging Signature Validation

-Invalid Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-workdir-linux.jar.asc' is not a valid signature for 'launch4j-maven-plugin-1.5.1-workdir-linux.jar'.
-Invalid Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1.jar.asc' is not a valid signature for 'launch4j-maven-plugin-1.5.1.jar'.
-Invalid Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-src.zip.asc' is not a valid signature for 'launch4j-maven-plugin-1.5.1-src.zip'.
-Missing Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-javadoc.jar.asc' does not exist for 'launch4j-maven-plugin-1.5.1-javadoc.jar'.
-Invalid Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-workdir-mac.jar.asc' is not a valid signature for 'launch4j-maven-plugin-1.5.1-workdir-mac.jar'.
-Invalid Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-workdir-solaris.jar.asc' is not a valid signature for 'launch4j-maven-plugin-1.5.1-workdir-solaris.jar'.
-Invalid Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-workdir-win32.jar.asc' is not a valid signature for 'launch4j-maven-plugin-1.5.1-workdir-win32.jar'.
-Missing Signature: '/com/akathist/maven/plugins/launch4j/launch4j-maven-plugin/1.5.1/launch4j-maven-plugin-1.5.1-sources.jar.asc' does not exist for 'launch4j-maven-plugin-1.5.1-sources.jar'.

I've obtained this launch4j-maven-plugin-1.5.1-bundle.jar from commit 557560b933a41a63bc3561db05bc0ad3951bc521 from git://github.com/vorburger/launch4j-maven-plugin.git (https://github.com/vorburger/launch4j-maven-plugin) by doing 'mvn clean verify source:jar javadoc:jar repository:bundle-create' - can you help with advising what I am doing wrong? Can you drop the requirement to have it signed?

Comment by Juven Xu [ 02/24/12 ]

first you need to make your bundle contains something which format follows:
https://docs.sonatype.org/display/Repository/Uploading+3rd-party+Artifacts+to+The+Central+Repository#Uploading3rd-partyArtifactstoTheCentralRepository-BundleFormat
this means you don't have to use the repository:bundle-create, you can always manually create sources.jar, javadoc.jar and then sign all them.

regarding pgp signature validation failure, I can reproduce at my side as well:

[juven@sonatype-ossrh01 tmp]$ gpg --verify launch4j-maven-plugin-1.5.1.jar.asc
gpg: Signature made Fri 24 Feb 2012 01:47:29 AM CST using RSA key ID 7F15E52F
gpg: BAD signature from "Michael Vorburger <mike@vorburger.ch>"

Did you sign your files (within the bundle) with command gpg -ab launch4j-maven-plugin-1.5.1.jar?

thanks,
Juven

Comment by Michael Vorburger [ 02/25/12 ]

Hopefully this (attached) better? Also went through on https://oss.sonatype.org/content/repositories/central_bundles-233/ now. Apologies for the confusion.

Comment by Juven Xu [ 02/27/12 ]

staging repository promoted, will be synced to central in 1 hour.

Generated at Sun Sep 24 06:48:46 UTC 2017 using JIRA 7.3.3#73014-sha1:d5be8da522213be2ca9ad7b043c51da6e4cc9754.