Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: sign and publish jar to mavencentral #1705

Merged
merged 2 commits into from
Nov 19, 2023
Merged

feat: sign and publish jar to mavencentral #1705

merged 2 commits into from
Nov 19, 2023

Conversation

maxandersen
Copy link
Collaborator

trying to get jreleaser to sign and publish to maven central.

@maxandersen
Copy link
Collaborator Author 

jbang % JRELEASER_PROJECT_VERSION=0.111.0.4 jbang jreleaser@jreleaser sign
[INFO]  JReleaser 1.9.0
[INFO]  Configuring with jreleaser.yml
[INFO]    - basedir set to /Users/manderse/code/jbangdev/jbang
[INFO]    - outputdir set to /Users/manderse/code/jbangdev/jbang/out/jreleaser
[INFO]  Reading configuration
🚨 scoop.bucket is deprecated since 1.8.0 and will be removed in 2.0.0. Use scoop.repository instead
[INFO]  git-root-search set to false
[INFO]  Loading variables from /Users/manderse/.jreleaser/config.toml
[INFO]  Validating configuration
[INFO]  Strict mode set to false
[INFO]    [validation] Adding registry docker.io to distribution.jbang.docker with username 'maxandersen'
[INFO]  Project version set to 0.111.0.4
[INFO]  Release is not snapshot
[INFO]  Timestamp is 2023-11-18T08:36:58.346135+01:00
[INFO]  HEAD is at 9eaad18
[INFO]  Platform is osx-aarch_64
[INFO]  dry-run set to false
[INFO]  Calculating checksums for distributions and files
[INFO]    [checksum] All checksums are up-to-date. Skipping
[INFO]  Cataloging artifacts
[INFO]    Cataloging is not enabled. Skipping
[INFO]  Signing distributions and files
[INFO]  Writing output properties to out/jreleaser/output.properties
[ERROR] JReleaser failed after 0.544 s
Unexpected error when signing release
Unexpected error when initializing signature generator

in trace.log:

[INFO]  Calculating checksums for distributions and files
[DEBUG]   [checksum] reading out/jreleaser/checksums/version.txt.sha256
[DEBUG]   [checksum] reading out/jreleaser/checksums/jbang.tar.sha256
[DEBUG]   [checksum] reading out/jreleaser/checksums/jbang.zip.sha256
[DEBUG]   [checksum] reading out/jreleaser/checksums/jbang/jbang-0.111.0.4.tar.sha256
[DEBUG]   [checksum] reading out/jreleaser/checksums/jbang/jbang-0.111.0.4.zip.sha256
[INFO]    [checksum] All checksums are up-to-date. Skipping
[INFO]  Cataloging artifacts
[INFO]    Cataloging is not enabled. Skipping
[INFO]  Signing distributions and files
[DEBUG]   [sign] signature does not exist: out/jreleaser/signatures/version.txt.asc
[DEBUG]   [sign] signature does not exist: out/jreleaser/signatures/jbang.tar.asc
[DEBUG]   [sign] signature does not exist: out/jreleaser/signatures/jbang.zip.asc
[DEBUG]   [sign] signature does not exist: out/jreleaser/signatures/jbang-0.111.0.4.tar.asc
[DEBUG]   [sign] signature does not exist: out/jreleaser/signatures/jbang-0.111.0.4.zip.asc
[DEBUG]   [sign] signature does not exist: out/jreleaser/signatures/checksums_sha256.txt.asc
[DEBUG]   [sign] signing 6 files into out/jreleaser/signatures
[INFO]  Writing output properties to out/jreleaser/output.properties
[ERROR] JReleaser failed after 0.538 s
org.jreleaser.model.JReleaserException: Unexpected error when signing release
	at org.jreleaser.workflow.SignWorkflowItem.doInvoke(SignWorkflowItem.java:41)
	at org.jreleaser.workflow.AbstractWorkflowItem.lambda$invoke$0(AbstractWorkflowItem.java:43)
	at org.jreleaser.engine.hooks.HookExecutor.execute(HookExecutor.java:70)
	at org.jreleaser.workflow.AbstractWorkflowItem.invoke(AbstractWorkflowItem.java:43)
	at org.jreleaser.workflow.WorkflowImpl.doExecute(WorkflowImpl.java:115)
	at org.jreleaser.workflow.WorkflowImpl.execute(WorkflowImpl.java:52)
	at org.jreleaser.cli.Sign.doExecute(Sign.java:33)
	at org.jreleaser.cli.AbstractModelCommand.execute(AbstractModelCommand.java:89)
	at org.jreleaser.cli.AbstractCommand.call(AbstractCommand.java:52)
	at org.jreleaser.cli.AbstractModelCommand.call(AbstractModelCommand.java:53)
	at org.jreleaser.cli.AbstractCommand.call(AbstractCommand.java:37)
	at picocli.CommandLine.executeUserObject(CommandLine.java:2041)
	at picocli.CommandLine.access$1500(CommandLine.java:148)
	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2461)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2453)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2415)
	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2273)
	at picocli.CommandLine$RunLast.execute(CommandLine.java:2417)
	at picocli.CommandLine.execute(CommandLine.java:2170)
	at org.jreleaser.cli.Main.execute(Main.java:98)
	at org.jreleaser.cli.Main.run(Main.java:81)
	at org.jreleaser.cli.Main.main(Main.java:70)
	at jreleaser.main(jreleaser.java:8)
Caused by: org.jreleaser.model.api.signing.SigningException: Unexpected error when initializing signature generator
	at org.jreleaser.sdk.signing.SigningUtils.initSignatureGenerator(SigningUtils.java:260)
	at org.jreleaser.engine.sign.Signer.sign(Signer.java:341)
	at org.jreleaser.engine.sign.Signer.bcSign(Signer.java:189)
	at org.jreleaser.engine.sign.Signer.sign(Signer.java:86)
	at org.jreleaser.workflow.SignWorkflowItem.doInvoke(SignWorkflowItem.java:39)
	... 22 more
Caused by: org.bouncycastle.openpgp.PGPException: checksum mismatch at in checksum of 20 bytes
	at org.bouncycastle.openpgp.PGPSecretKey.extractKeyData(Unknown Source)
	at org.bouncycastle.openpgp.PGPSecretKey.extractPrivateKey(Unknown Source)
	at org.jreleaser.sdk.signing.SigningUtils.initSignatureGenerator(SigningUtils.java:247)
	... 26 more

i've double checked the signatures in config and they match keys.

any idea how to debug this @aalmiray ?

@aalmiray
Copy link
Contributor

I know we upgraded the BC dependency in 1.9.0. Perhaps there’s an extra check performed by BC when reading keys that wasn’t there before. Have you tried with a new set of keys and invoking just the sign command?

@aalmiray
Copy link
Contributor

I can confirm that signing works "on my machine". There might be a problem with your keys

$ JRELEASER_PROJECT_VERSION=0.111.0.5 jreleaser sign
[INFO]  JReleaser 1.9.0
[INFO]  Configuring with jreleaser.yml
[INFO]    - basedir set to /private/tmp/jbang
[INFO]    - outputdir set to /private/tmp/jbang/out/jreleaser
[INFO]  Reading configuration
🚨 scoop.bucket is deprecated since 1.8.0 and will be removed in 2.0.0. Use scoop.repository instead
[INFO]  git-root-search set to false
[INFO]  Loading variables from /Users/aalmiray/.jreleaser/config.toml
[INFO]  Validating configuration
[INFO]  Strict mode set to false
[INFO]    [validation] Adding registry docker.io to distribution.jbang.docker with username 'maxandersen'
[INFO]  Project version set to 0.111.0.5
[INFO]  Release is not snapshot
[INFO]  Timestamp is 2023-11-18T12:46:51.769778+01:00
[INFO]  HEAD is at 9eaad18
[INFO]  Platform is osx-x86_64
[INFO]  dry-run set to false
[INFO]  Calculating checksums for distributions and files
[INFO]    [checksum] build/tmp/version.txt.sha256
[INFO]    [checksum] build/distributions/jbang.tar.sha256
[INFO]    [checksum] build/distributions/jbang.zip.sha256
[INFO]    [checksum] build/distributions/jbang-0.111.0.5.tar.sha256
[INFO]    [checksum] build/distributions/jbang-0.111.0.5.zip.sha256
[INFO]  Cataloging artifacts
[INFO]    Cataloging is not enabled. Skipping
[INFO]  Signing distributions and files
[INFO]    [sign] build/tmp/version.txt
[INFO]    [sign] build/distributions/jbang.tar
[INFO]    [sign] build/distributions/jbang.zip
[INFO]    [sign] build/distributions/jbang-0.111.0.5.tar
[INFO]    [sign] build/distributions/jbang-0.111.0.5.zip
[INFO]    [sign] out/jreleaser/checksums/checksums_sha256.txt
[INFO]  Writing output properties to out/jreleaser/output.properties
[INFO]  JReleaser succeeded after 1.375 s

@maxandersen
Copy link
Collaborator Author

doh - had not set the passphrase right.

@aalmiray
Copy link
Contributor

Good thing we can locally test out commands 😉

@maxandersen
Copy link
Collaborator Author

Good thing we can locally test out commands 😉

totally - also had to figure out I jbang uses the old nexus staging url...

now I'll put this in and if all goes well the release of jbang should stage a dev.jbang.jbang-cli artifact as first step on enabling using jbang from a maven dependency (still early days)

@maxandersen maxandersen merged commit b519dd5 into jbangdev:main Nov 19, 2023
11 checks passed
@aalmiray
Copy link
Contributor

FWIW please take care of deprecation notices 😉

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@maxandersen @aalmiray