Difference between revisions of "Common Build Infrastructure/Jar Signing"

From Eclipsepedia

Jump to: navigation, search
(New page: How does the Athena builder handle signing? If the build is run in Hudson on build.eclipse.org, the Hudson user initiates the signing process from a folder within the job's workspace. I...)
 
 
(2 intermediate revisions by one user not shown)
Line 1: Line 1:
 +
{{:DocumentationGuidelines/DraftHeader}}
 +
 
How does the Athena builder handle signing?  
 
How does the Athena builder handle signing?  
  
Line 7: Line 9:
 
Here's a snippet of [http://dev.eclipse.org/viewcvs/index.cgi/org.eclipse.dash/athena/org.eclipse.dash.commonbuilder/org.eclipse.dash.common.releng/tools/scripts/buildAllHelper.xml?root=Technology_Project&view=markup the buildAllHelper.xml code]:
 
Here's a snippet of [http://dev.eclipse.org/viewcvs/index.cgi/org.eclipse.dash/athena/org.eclipse.dash.commonbuilder/org.eclipse.dash.common.releng/tools/scripts/buildAllHelper.xml?root=Technology_Project&view=markup the buildAllHelper.xml code]:
  
  <target name="signMasterZip" if="sign">
+
  &lt;target name="signMasterZip" if="sign">
   <antcall target="-timestamp" />
+
   &lt;antcall target="-timestamp" />
   <!-- if running as hudson, use simple path in workspace; if running commandline, connect over ssh to remote staging.priv dir -->
+
   &lt;!-- if running as hudson, use simple path in workspace; if running commandline, connect over ssh to remote staging.priv dir -->
   <if>
+
   &lt;if>
     <or>
+
     &lt;or>
       <contains string="${user.name}" substring="hudson" />
+
       &lt;contains string="${user.name}" substring="hudson" />
       <contains string="${user.home}" substring="hudson" />
+
       &lt;contains string="${user.home}" substring="hudson" />
     </or>
+
     &lt;/or>
   <then>
+
   &lt;then>
     <property name="buildServerUser" value="" />
+
     &lt;property name="buildServerUser" value="" />
     <property name="signingDir" value="${writableBuildRoot}/signing" />
+
     &lt;property name="signingDir" value="${writableBuildRoot}/signing" />
     <mkdir dir="${signingDir}" />
+
     &lt;mkdir dir="${signingDir}" />
   </then>
+
   &lt;/then>
   <else>
+
   &lt;else>
     <!-- user with write perms in staging dir & permission to run /usr/bin/sign -->
+
     &lt;!-- user with write perms in staging dir & permission to run /usr/bin/sign -->
     <property name="buildServerUser" value="dashBuild@build.eclipse.org" />
+
     &lt;property name="buildServerUser" value="dashBuild@build.eclipse.org" />
     <property name="signingDir" value="/home/data/httpd/download-staging.priv/commonBuild" />
+
     &lt;property name="signingDir" value="/home/data/httpd/download-staging.priv/commonBuild" />
   </else>
+
   &lt;/else>
  </if>
+
  &lt;/if>
 
  ...
 
  ...
  
 
By default, <code>buildServerUser</code> is set to <code>dashBuild@build.eclipse.org</code>, but this can be overwritten in your .releng/build.properties if you need to connect as <code>you@build.eclipse.org</code>, using your CVS userid from dev.eclipse.org.
 
By default, <code>buildServerUser</code> is set to <code>dashBuild@build.eclipse.org</code>, but this can be overwritten in your .releng/build.properties if you need to connect as <code>you@build.eclipse.org</code>, using your CVS userid from dev.eclipse.org.
 +
 +
[[Category:Athena Common Build]]
 +
[[Category:Draft_Documentation]]

Latest revision as of 22:00, 24 October 2009

Warning2.png
Draft Content
This page is currently under construction. Community members are encouraged to maintain the page, and make sure the information is accurate.


How does the Athena builder handle signing?

If the build is run in Hudson on build.eclipse.org, the Hudson user initiates the signing process from a folder within the job's workspace.

If the build is run as anyone else, the build will attempt to upload a zip of jars to be signed as some authorized user on build.eclipse.org.

Here's a snippet of the buildAllHelper.xml code:

<target name="signMasterZip" if="sign">
  <antcall target="-timestamp" />
  <!-- if running as hudson, use simple path in workspace; if running commandline, connect over ssh to remote staging.priv dir -->
  <if>
    <or>
      <contains string="${user.name}" substring="hudson" />
      <contains string="${user.home}" substring="hudson" />
    </or>
  <then>
    <property name="buildServerUser" value="" />
    <property name="signingDir" value="${writableBuildRoot}/signing" />
    <mkdir dir="${signingDir}" />
  </then>
  <else>
    <!-- user with write perms in staging dir & permission to run /usr/bin/sign -->
    <property name="buildServerUser" value="dashBuild@build.eclipse.org" />
    <property name="signingDir" value="/home/data/httpd/download-staging.priv/commonBuild" />
  </else>
</if>
...

By default, buildServerUser is set to dashBuild@build.eclipse.org, but this can be overwritten in your .releng/build.properties if you need to connect as you@build.eclipse.org, using your CVS userid from dev.eclipse.org.