Open hboutemy opened 12 months ago
Thanks for the issue! HK2 3.0.5 is long overdue. I'll take a look at releasing it soon. I'll take a look at the release script as well.
Hi @arjantijms , IIUC, next Glassfish release is happening soon: can you make sure that the release scripts have been updated, please? This is what is causing the most issues Of course, HK2 3.0.5 release and use in Glassfish would also be great, but to me, release script is first priority
Of course, HK2 3.0.5 release and use in Glassfish would also be great, but to me, release script is first priority
HK2 3.0.5 has been released and will be used in the next release of GF (7.0.10):
https://repo1.maven.org/maven2/org/glassfish/hk2/hk2-bom/3.0.5/
in the second phase, clean before deploy:
This was done a while ago, it's now:
mvn -B -U -q -Poss-release,release-phase2 ${MVN_STAGING} \
-DskipTests -Ddoclint=none -Dmaven.javadoc.failOnError=false \
-DstagingProfileId=1c0c18a0fc339 \
clean deploy
FYI, HK2 3.0.5 release itself is reproducible https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/glassfish/hk2/README.md (README will be updated in 24h) you'll see in the buildspec that I had to tweak directory permissions to add setgid flag, which is not ideal, but works
Environment Details
Problem Description
release binaries cannot be reproduced: see https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/glassfish/main/README.md
Steps to reproduce
if you want to rebuild, you can clone https://github.com/jvm-repo-rebuild/reproducible-central and run
Impact of Issue
how to solve
s/deploy/clean deploy/
release hk2 3.0.5 that includes https://github.com/eclipse-ee4j/glassfish-hk2/pull/821 and upgrade in Glassfish
eventually, in the release script, when cloning the Git repository, remove the setguid bit that brings unusual permissions
With these 3 steps done, next release should be near fully reproducible (we'll probably find a few remaining issues, given the size of the build)