Open codefromthecrypt opened 5 years ago
From what I understand, https://help.sonatype.com/repomanager2/staging-releases/configuring-your-project-for-deployment describes an existing plugin (conveniently provided by the same Sonatype that develops Nexus) that can do this. The important part seems to be the <stagingProfileId>
property, which in our case seems to be 421febbf6b2612
(ref. https://repository.apache.org/#stagingProfiles;421febbf6b2612)
Does this pass your sanity filters? This is really just based on clicking around and searching (but it makes sense to me)
@adriancole Any thoughts on this?
Reason I'd first try to go the Maven way is that AFAICT to check from this verification tool, it'd need to authenticate to Nexus as a committer and bring in a Nexus client. It'd be nice to instead "just" ensure this situation never happens in the first place.
FWIW, I believe in defense in depth, so maybe even so, this check would make sense? Especially if even after adding that plugin, we still run into this in some cases.
I think the configuration of plugins to deploy to Nexus and such are largely controlled by the ASF parent POM. I wonder if this is a common problem for projects and could be handled by updating the configuration in the parent POM? Or if we could just modify our command a bit and the necessary plugin configuration is already there?
Twice I forgot to click close on the "convenience binary" staging repository which led to it being purged between vote and actual vote close. Recreating it is a pain. I wonder if we can script a check that the closed repo exists (even better have a maven plugin to close it! similar to our centralsync)
ex our scripts upload to here https://repository.apache.org/service/local/staging/deploy/maven2 currently you have to manually close the repo by logging on here https://repository.apache.org/