[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
[
List Home]
[tycho-dev] Processing artifacts from a p2 update site generated by an eclipse-repository module
|
Hi,
I am trying to get code signing to work with Tycho. I am required to
use a third-party code signing service, which expects me to upload
multiple jar files and in return will give me the signed files.
My first attempt was to write a small Maven plug-in which does just
that and configure it in my eclipse-repository module. However, I
can't insert it in the right point. I would assume this would be
between default-assemble-repository and default-archive-repository, so
that the plug-ins are located under target/repository/plugins but the
metadata is not yet generated. prepare-package is too early, package
is too late.
My second attempt was to manually perform the code signing and replace
the files. However, according to [1] this is not a safe approach.
Third attempt is to locate the reactor dependencies at runtime and
sign those artifacts. WIth a snippet like
for (Artifact dep : project.getDependencyArtifacts() ) {
getLog().info("Found dependency " + dep + " at " +
dep.getFile());
}
I would only get the eclipse-feature dependencies from the reactor,
and dep.getFile() returns null.
At this point I'm out of ideas.
How can I process the artifacts included in an eclipse-repository
before the packaging occurs?
Thanks,
Robert
(Please keep me on CC, I'm not subscribed to this list)
[1]: https://www.eclipse.org/forums/index.php/t/1084723/
--
http://robert.muntea.nu/