Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cbi-dev] Signing CHE artifacts

Hi, thank you for response!
Yes I have some kind of access to build.eclipse.org but only a few commands are available, not sure If I can sign binaries this way.
We are using our own CI infrastructure and it seems adding maven plugins to our project's poms will not help.
So  can you please enumerate steps which I need to perform to sign Eclipse Che binaries? btw we've uploaded few RC versions using
scp -i ~/.ssh/eclipse_upload eclipse-che-4.0.0-RC11.tar.gz riuvshin@xxxxxxxxxxxxxxx:downloads/che/
Is there a way sign already uploaded bundle?

Thanks! 

On Wed, Mar 9, 2016 at 12:25 AM, Gunnar Wagenknecht <gunnar@xxxxxxxxxxxxxxx> wrote:
Hi Roman,

> Am 08.03.2016 um 15:51 schrieb Roman Iuvshin <riuvshin@xxxxxxxxxxx>:
> curl -o eclipse-che-4.0.0-RC11-signed.zip -F file=@eclipse-che-4.0.0-RC11.zip http://build.eclipse.org:31338/sign
> But it seems that this service available only within your special network.

This is correct. It's only available internally. Otherwise everyone on the internet would be able to sign artifacts with the Eclipse Foundation certificate. Do you have shell access to build.eclipse.org?

> Then I've found the maven plugin but I'm not sure where to add it and how to make sure that it works.

Have you seen the following article?
http://www.codetrails.com/blog/sign-your-eclipse-project

-Gunnar
_______________________________________________
cbi-dev mailing list
cbi-dev@xxxxxxxxxxx
To change your delivery options, retrieve your password, or unsubscribe from this list, visit
https://dev.eclipse.org/mailman/listinfo/cbi-dev


Back to the top