fix Reproducible Builds issues introduced during release process #24615
Comments
|
Thanks for the issue! HK2 3.0.5 is long overdue. I'll take a look at releasing it soon. I'll take a look at the release script as well. |
|
Hi @arjantijms , IIUC, next Glassfish release is happening soon: can you make sure that the release scripts have been updated, please? This is what is causing the most issues |
HK2 3.0.5 has been released and will be used in the next release of GF (7.0.10): https://repo1.maven.org/maven2/org/glassfish/hk2/hk2-bom/3.0.5/ |
This was done a while ago, it's now: mvn -B -U -q -Poss-release,release-phase2 ${MVN_STAGING} \
-DskipTests -Ddoclint=none -Dmaven.javadoc.failOnError=false \
-DstagingProfileId=1c0c18a0fc339 \
clean deploy |
|
FYI, HK2 3.0.5 release itself is reproducible https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/glassfish/hk2/README.md (README will be updated in 24h) |
Environment Details
Problem Description
release binaries cannot be reproduced: see https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/glassfish/main/README.md
Steps to reproduce
if you want to rebuild, you can clone https://github.com/jvm-repo-rebuild/reproducible-central and run
Impact of Issue
how to solve
s/deploy/clean deploy/release hk2 3.0.5 that includes fix Reproducible Builds issues glassfish-hk2#821 and upgrade in Glassfish
eventually, in the release script, when cloning the Git repository, remove the setguid bit that brings unusual permissions
With these 3 steps done, next release should be near fully reproducible (we'll probably find a few remaining issues, given the size of the build)
The text was updated successfully, but these errors were encountered: