Regarding GPG signing, I use a removable drive to hold the private key. Provide the path name on the Ant command line: -Dgpg.secretKeyring=path-to-keyring
On macos one can also use a password protected disk image file which is only mounted when needed. For Maven passwords (e.g. Nexus upload) one can use the relocation feature in ~/.m2/settings-security.xml: <settingsSecurity> <relocation>path to real settings-security.xml</relocation> </settingsSecurity> Note that it is vital that the signing is done on the user's own system. ** Check with Infra, but I think they also require the build to be done on the user's system. ** Regarding svnmucc on macos, I think I used the WANDisco build which includes it. On 30 August 2018 at 10:41, Vladimir Sitnikov <sitnikov.vladi...@gmail.com> wrote: > Milamber>I don't talk about maven, but the steps about gpg sign and ant > rc_upload/publish. > > Sorry, I just made a couple of typos in "Ant". > I'm sure there are lots of possibilities to make Ant gpg sign automated, > and we need to investigate if that is possible to do that in Apache. > > Milamber>Currently a javadoc warning don't stop the release creation. I > don't > know if we can configure to stop if a warning occur. > > maven-javadoc-plugin has failOnWarnings=true > <https://github.com/pgjdbc/pgjdbc-parent-poms/commit/597fdbe445d1d1defda5032ba64322b1c16d3cce> > option, and it works. > I'm sure Ant has something similar. > > Milamber>Verify that the source and binary archives contains the good files > and > Milamber>that's no missing (new) files. > > It looks like final decision has to be made by a human, however it does > sound like a #2 from my mail. > That is staging archive preparation could be made automatic. > On top of that, it could prepare a report for "new, deleted" files, for the > files that have dramatic changes in sizes, and it could flag "file flag > changes" (e.g. executable-plain) as well. > > Milamber>+1 if we could find the good way to manage the credential (gpg and > ASF > Milamber>login/pass). Perhaps ask to the Infra team or ASF member list if a > way > Milamber>already exists (I can do this if you want) > > It would be great if you could do that. > > Vladimir
