New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SNAPSHOT release link for MacOs is broken #5947
Comments
There are couple of different issues here:
It looks from the build logs like the upload steps are getting skipped: |
Not sure if it has anything to do with this, but I also stumbled across this strange Github user account: https://github.com/openrefine-snapshot-uploader |
That's intentional: the 3.7-SNAPSHOT version is only appropriate for the
That's obviously a problem, it should instead point to https://github.com/OpenRefine/OpenRefine#snapshot-releases
This was previously used to upload releases to the dedicated repository where we stored snapshot releases. Let me delete it. |
The upload is currently failing because Apple refuses to notarize our package:
I will do the necessary to get this signed by our fiscal sponsor and that should fix the upload of snapshots. |
This actually seems to be a problem in Maven Central. I checked Gephi's snapshot releases and they also raise a 404 error: |
I submitted a report here: https://issues.sonatype.org/projects/MVNCENTRAL/issues/MVNCENTRAL-8165?filter=allissues |
I'm not sure what's going on, but clicking that link brings up MVNCENTRAL-8163 instead of the desired ticket. I tried logging in as well, but it didn't change the behavior. |
Yes it's also broken for me. Does this link work any better? |
That one says "You can't view this issue. It may have been deleted or you don't have permission to view it." I'm logged in, but the only group I'm part of is |
It seems that it is only visible to "Reporter and Sonatype", as if it were a security vulnerability of some sort, so it probably has not got anything to do with group membership. I will post a copy of the thread there once it is settled. |
Here are the logs of this conversation: Me:
Sonatype support:
My reply:
Sonatype support:
My reply:
Sonatype support:
|
Given that the way we are using the snapshot hosting does not seem supported, I think we should migrate to some other system. One first thing we could do, as a temporary measure, is to store the snapshot releases as job artifacts on the GitHub Actions jobs that create them. That is not going to be as convenient as the current situation since we won't have (I think) an easy way to link to the latest snapshot, but at least it would help us point users to a particular build. Another solution would be to upload the artifacts to some Netlify site that we would serve as a subdomain of openrefine.org, but I suspect we might run into issues with maximum file sizes. Any other hosting solutions we should consider? |
At Ericsson we used Jfrog and never a problem. You'll likely need a Bintray account also but that might have changed. See the list at bottom of Apache article https://maven.apache.org/repository-management.html |
That list is super helpful, I did not realize that so many platforms supported the protocol used by Apache Maven. |
You'll have to reach out to their support and I'd encourage to do that first. The software is free for the level of integration and options that we need. So only hosting is needed which means acquiring free credits with either Microsoft Azure, GCP, AWS, Oracle clouds. Where many do offer free credits for FOSS projects so I'd check with CS&S or others. |
hmm I am not sure about getting free credits for a cloud hosting provider: that amounts to us self-hosting the tool, and the maintenance burden feels intuitively way too high for the feature we want to get out of it. Since #5833 was merged, the snapshot releases are available as workflow artifacts. That's a little bit better, but still not good enough because one needs to be logged in with a GitHub account to download them, and also because I don't see any way to make a permanent link to the latest version of each of those artifacts. |
I can volunteer to maintain and run an Artifactory instance if it helps. But maybe indeed it's easier to just let folks get a GitHub login if they wish to help try and test our snapshots. The snapshots also could be copied to somewhere in GitHub where they could download without the login hassle perhaps with GitHub Packages (which is Maven run in Azure cloud by Microsoft anyways)?
|
Updates the README to instruct users how to access them via GitHub Actions artifacts. Closes OpenRefine#5947.
Nice, I did not realize that this was available. Also, packages uploaded to this repository can only be downloaded while being logged in to GitHub, which means we have essentially the same restrictions as the current GitHub Actions artifacts. For this reason I am proposing to just update the README.md file to teach users how to download those artifacts themselves: #5972. |
* Stop uploading snapshot releases to Maven Central Updates the README to instruct users how to access them via GitHub Actions artifacts. Closes #5947. * Mention the requirement to be logged in * Small copy edit --------- Co-authored-by: Tom Morris <tfmorris@gmail.com>
https://oss.sonatype.org/service/local/artifact/maven/content?r=snapshots&g=org.openrefine&a=openrefine&v=3.8-SNAPSHOT&c=mac&p=dmg
in the readme file
Also here
https://openrefine.org/docs/manual/installing
the link is broken
https://github.com/OpenRefine/OpenRefine-snapshot-releases/releases
The text was updated successfully, but these errors were encountered: