| Re: [cross-project-issues-dev] PGP Signing on ci.eclipse.org |
Christian,
Thanks for the confirmation that action needs to be taken by the IT staff! I can stop banging my head. :-) I know most of the Foundation staff is in Ottawa this week, so they're very busy...
Cheers,
Ed
@ed you may check what we have done for mwe
(the problem there was centos8)
we also had problems with that combi in xtext
and xpecthttps://github.com/eclipse/Xpect/commit/241afc416771950a35d98a8c16e319159414f338
https://github.com/eclipse/mwe/commit/130decb78eb11577aa850cdbdc10f7d4ec92f5a1
in xtext we use
withCredentials([string(credentialsId: 'gpg_passphrase', variable: 'GPG_PASSPHRASE')]) {
the gpg_passphrase credential available and thus
to make the KEYRING_PASSPHRASE passphrase thing running you need to
open a gitlab issue on foundation helpdesk
Am 14.07.22 um 08:01 schrieb Ed Merks:
Hi,
WindowBuilder started to use direct-from-maven content so it needs to PGP sign that content but does not yet do so:
https://github.com/eclipse/windowbuilder/issues/302
To support that, the ci instance needs to be enabled which I requested via this:
https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/issues/1474
Even with that enabled, I have not been successful in getting it to actually work.
I have the following "test" job but I can't get past the issue of needing, and not knowing, the passphrase:
https://ci.eclipse.org/windowbuilder/job/test-gpg/
I tried to replicate what the platform does via a Jenkins file with this job:
https://ci.eclipse.org/windowbuilder/job/gpg-pipeline/
But still there are problems with the passphrase. Some magic must exist to get this part to work:
withCredentials([string(credentialsId: 'gpg-passphrase', variable: 'KEYRING_PASSPHRASE')]) {
Has anyone else successfully gotten this to work? In particular, how does one configure access to the passphrase of the GPG keystore? Is that another thing that the IT staff needs to enable for the instance?
Clearly the platform has gotten this to work so someone must have an answer. I've just not been able to track down that someone...
----------------
The answers to this question will become increasingly important to the projects downstream from the platform as the the platform actively is replacing as many Orbit dependencies with direct-from-maven dependencies as possible. See the history here:
https://github.com/eclipse-platform/eclipse.platform.releng.aggregator/commits/master/eclipse.platform.releng.prereqs.sdk/eclipse-sdk-prereqs.target
One concern with this approach is that the direct-from-maven bundles typically have no version qualifier so if it's the "same" minor version as the Orbit one, it will look older rather than newer...
Regards,
Ed
_______________________________________________
cross-project-issues-dev mailing list
cross-project-issues-dev@xxxxxxxxxxx
To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev
Vorstand/Board: Jens Wagener (Vors./chairman), Dr. Stephan Eberle, Abdelghani El-Kacimi, Wolfgang Neuhaus, Franz-Josef SchuermannAufsichtsrat/Supervisory Board: Michael Neuhaus (Vors./chairman), Harald Goertz, Eric SwehlaSitz der Gesellschaft/Registered Office: Am Brambusch 15-24, 44536 Lünen (Germany)Registergericht/Registry Court: Amtsgericht Dortmund | HRB 20621
_______________________________________________ cross-project-issues-dev mailing list cross-project-issues-dev@xxxxxxxxxxx To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/cross-project-issues-dev