Wojciech Kapcia (Tigase) opened 8 years ago
-
After initial looking into the issue I found that jenkins is configured with:
I've tried:
- enabling signing again, but this won't work because of
SecurityExceptionso it was intentionally disabled for maven artifacts:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-surefire-plugin:2.18.1:test (default-test) on project tigase-mongodb: Execution default-test of goal org.apache.maven.plugins:maven-surefire-plugin:2.18.1:test failed: There was an error in the forked process [ERROR] java.lang.SecurityException: class "tigase.muc.history.AbstractHistoryProvider"'s signer information does not match signer information of other classes in the same package-
in order to bring all artifacts to same sign state I tried tinkering with jenkins git-plugin and the strategy that we use for building all branches - however after trying various configuration options and perusing the code and tinkering it the internals (as well as chatting with the maintainer of the git-plugin) it was stated that currently, due to how it's marked, it's not possible to achieve what we want (we may consider utilising other solution, but that would entail re-doing all jobs and current setup works just fine for majority of the time); in the end I've re-deployed all artifacts manually (in un-signed form)
-
in the end I've change tigase-server configuration so now it would pull all dependencies, sign the and then include those in the resulting package - explicitly collecting signed binaries instead of relying on the maven dependency resolution:
tigase-issue #7.2.0-SNAPSHOT-b4716 $ for f in `ls jars/tigase-*` ; do echo -n "${f} :: " ; jarsigner -verify -keystore /Users/wojtek/dev/tigase/.ssh/tigase_nightly_builds.keystore -storepass 'superSecretTigasePassword123456789' -keypass 'superSecretTigasePasswordPrivateKey123456789' ${f} 'tigase_nightly_builds'; done jars/tigase-acs-muc.jar :: jar verified. jars/tigase-acs-pubsub.jar :: jar verified. jars/tigase-acs.jar :: jar verified. jars/tigase-ext-mailer.jar :: jar verified. jars/tigase-extras.jar :: jar verified. jars/tigase-http-api-jetty.jar :: jar verified. jars/tigase-http-api.jar :: jar verified. jars/tigase-message-archiving.jar :: jar verified. jars/tigase-mongodb.jar :: jar verified. jars/tigase-muc.jar :: jar verified. jars/tigase-pubsub.jar :: jar verified. jars/tigase-server.jar :: jar verified. jars/tigase-socks5.jar :: jar verified. jars/tigase-stats-collector-library.jar :: jar verified. jars/tigase-stats-collector-provider.jar :: jar verified. jars/tigase-stun.jar :: jar verified. jars/tigase-unified-archive.jar :: jar verified. - enabling signing again, but this won't work because of
| Type |
Task
|
| Priority |
Normal
|
| Assignee | |
| RedmineID |
5057
|
| Version |
tigase-server-8.0.0
|
| Spent time |
0
|
Investigate why not all binaries are signed: