check for closed staging repository

[codefromthecrypt]

Twice I forgot to click close on the "convenience binary" staging repository which led to it being purged between vote and actual vote close. Recreating it is a pain. I wonder if we can script a check that the closed repo exists (even better have a maven plugin to close it! similar to our centralsync)

ex our scripts upload to here https://repository.apache.org/service/local/staging/deploy/maven2 currently you have to manually close the repo by logging on here https://repository.apache.org/

[abesto]

From what I understand, https://help.sonatype.com/repomanager2/staging-releases/configuring-your-project-for-deployment describes an existing plugin (conveniently provided by the same Sonatype that develops Nexus) that can do this. The important part seems to be the <stagingProfileId> property, which in our case seems to be 421febbf6b2612 (ref. https://repository.apache.org/#stagingProfiles;421febbf6b2612)

Does this pass your sanity filters? This is really just based on clicking around and searching (but it makes sense to me)

[abesto]

@adriancole Any thoughts on this?

Reason I'd first try to go the Maven way is that AFAICT to check from this verification tool, it'd need to authenticate to Nexus as a committer and bring in a Nexus client. It'd be nice to instead "just" ensure this situation never happens in the first place.

FWIW, I believe in defense in depth, so maybe even so, this check would make sense? Especially if even after adding that plugin, we still run into this in some cases.

[shakuzen]

I think the configuration of plugins to deploy to Nexus and such are largely controlled by the ASF parent POM. I wonder if this is a common problem for projects and could be handled by updating the configuration in the parent POM? Or if we could just modify our command a bit and the necessary plugin configuration is already there?