Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Core Release: Staging not working anymore #3143

Closed
dduportal opened this issue Sep 21, 2022 · 23 comments
Closed

Core Release: Staging not working anymore #3143

dduportal opened this issue Sep 21, 2022 · 23 comments
Assignees
@dduportal
Labels
release.ci.jenkins.io release security
Milestone
infra-team-sync-2...

Comments

@dduportal
Copy link
Contributor

Service(s)

release.ci.jenkins.io

Summary

The Jenkins Core release process is able to stage part of the release as per https://github.com/jenkins-infra/release#stage.

For instance: https://github.com/jenkins-infra/release/blob/security-2.356/profile.d/security#L32 where the name of the "private maven repository" to be used for staging is specified in the build profile.

With the security release 2.370, the deployment of the Jenkins artifacts was done to the public repository instead of the staging repository specified in https://github.com/jenkins-infra/release/blob/security-2.370/profile.d/security#L32

Previous security release involving staging (security-256) behaved as expected, so something change between both.

@daniel-beck and I tracked the issue to (at first sight) a major bump of the maven-deploy-plugin (description to be updated).

We have to confirm, diagnose and fix this behavior as soon as possible to avoid any security to be exposed before its end.

Reproduction steps

No response
@dduportal dduportal added the triage Incoming issues that need review label Sep 21, 2022
@dduportal dduportal self-assigned this Sep 21, 2022
@dduportal dduportal added this to the infra-team-sync-2022-10-04 milestone Sep 21, 2022
@dduportal dduportal added security release and removed triage Incoming issues that need review labels Sep 21, 2022
@daniel-beck
Copy link

Last known correct behavior:
https://github.com/jenkins-infra/release/tree/security-2.356
https://release.ci.jenkins.io/job/core/job/release/job/security-2.356/2/console

First known wrong behavior:
https://github.com/jenkins-infra/release/tree/security-2.370
https://release.ci.jenkins.io/job/core/job/release/job/security-2.370/2/console

@dduportal
Copy link
Contributor Author

About the maven-deploy-plugin:

@dduportal
Copy link
Contributor Author

As per https://maven.apache.org/plugins/maven-deploy-plugin/#major-version-upgrade-to-version-3-0-0:

The syntax of the following parameters for the plugin has been changed:
altDeploymentRepository * altReleaseDeploymentRepository * altSnapshotDeploymentRepository
The old format was: id::layout::url The new format is: id::url

Which relates to the following Maven settings file used during releases: https://github.com/jenkins-infra/release/blob/master/utils/release.bash#L440

@daniel-beck
Copy link

daniel-beck commented Sep 21, 2022
edited
Loading

Weirdly, https://github.com/apache/maven-deploy-plugin/blob/16541da43c51237cf7183c4500a576108ad946b8/src/test/java/org/apache/maven/plugins/deploy/DeployMojoTest.java#L586-L600 indicates this should still work.

@dduportal dduportal mentioned this issue Sep 21, 2022
Merged
@daniel-beck
Copy link

daniel-beck commented Sep 21, 2022
edited
Loading

2.356:

[INFO] [INFO] --- maven-deploy-plugin:2.8.2:deploy (default-deploy) @ jenkins-parent ---
[INFO] [INFO] Using alternate deployment repository codsworth::default::https://repo.jenkins-ci.org/codsworth
[INFO] [INFO] Uploading to codsworth: https://repo.jenkins-ci.org/codsworth/org/jenkins-ci/main/jenkins-parent/2.356/jenkins-parent-2.356.pom
[INFO] [INFO] Uploaded to codsworth: https://repo.jenkins-ci.org/codsworth/org/jenkins-ci/main/jenkins-parent/2.356/jenkins-parent-2.356.pom (5.2 kB at 24 kB/s)

2.370:

[INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ jenkins-parent ---
[INFO] [INFO] Uploading to maven.jenkins-ci.org: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/2.370/jenkins-parent-2.370.pom
[INFO] [INFO] Uploaded to maven.jenkins-ci.org: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/2.370/jenkins-parent-2.370.pom (4.7 kB at 19 kB/s)

So it looks like it silently ignores "invalid" values (because an undefined value fails the build); or something else is wrong.

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

I was aware of this change, but based on apache/maven-deploy-plugin#15 I thought that the old format was still supported for backward compatibility purposes.

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

Perhaps that backwards compatibility glue in maven-deploy-plugin is only taking effect for the altDeploymentRepository parameter and not the stagingRepository parameter used in maven-release-plugin.

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

Actually local testing shows that this problem wasn't introduced by the upgrade of maven-deploy-plugin but rather the upgrade of maven-release-plugin from 2.5.3 to 3.0.0-M6.

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

As far as I can tell the release:stage goal in Maven Release Plugin 3.0.0-M6 is simply broken whenever used with an arguments configuration option (either via -Darguments in the top-level Maven invocation or in the maven-release-plugin configuration in pom.xml): while https://github.com/apache/maven-release/blob/e15e7d765eb9da2583ae50d08afcd382464d7704/maven-release-plugin/src/main/java/org/apache/maven/plugins/release/StageReleaseMojo.java#L71 correctly plumbs through -DstagingRepository as -DaltDeploymentRepository, https://github.com/apache/maven-release/blob/e15e7d765eb9da2583ae50d08afcd382464d7704/maven-release-manager/src/main/java/org/apache/maven/shared/release/config/PropertiesReleaseDescriptorStore.java#L133 just wipes it out with the value of -Darguments, effectively turning the release:stage goal into the release:perform goal (!).

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

Bisected to apache/maven-release@419114d / MRELEASE-998 (CC @rfscholte). Can be reproduced with Maven Release Plugin 3.0.0-M6 by running mvn -Darguments=-DskipTests -DstagingRepository=[…] release:prepare release:stage: the staging repository will be ignored. Workaround is to omit -Darguments in which case the staging repository will be honored as expected.

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

Also CC'ing @michael-o as this seems like a fairly serious bug.

@michael-o
Copy link

@basil Shit, this change is huge. Can you turn this into an IT by any chance?

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

Sorry, the above is all I can offer. I've been testing this locally with https://github.com/basil/simple-maven-project-with-tests and a local copy of Nexus with two different repositories, which is how I was able to bisect the change.

This was referenced Sep 21, 2022
Merged
Merged
Merged
@basil
Copy link
Collaborator

basil commented Sep 21, 2022

The combination of jenkins-infra/release#291, jenkinsci/jenkins#7138, and jenkins-infra/release#292 (+ backports) should be sufficient to work around the problem for us.

@daniel-beck daniel-beck mentioned this issue Sep 21, 2022
Merged
6 tasks
@NotMyFault
Copy link
Member

(+ backports)

Is there a Jira issue, in case we want to backport those to 2.361.3? Otherwise, I'll file one.

@basil
Copy link
Collaborator

basil commented Sep 21, 2022

This is the ticket, which is in GitHub rather than Jira, which means our backport process doesn't work with it, a problem I have opined about at length in the past. If we used one issue tracker for everything in the Jenkins project, this would not be a problem.

@olamy
Copy link

olamy commented Sep 22, 2022

would be good to create an issue on Maven project side other this will be lost....
https://issues.apache.org/jira/projects/MRELEASE

@basil
Copy link
Collaborator

basil commented Sep 22, 2022

As I wrote in #3143 (comment), the above is all I can offer.

@olamy
Copy link

olamy commented Sep 22, 2022

As I wrote in #3143 (comment), the above is all I can offer.

As far as I can see the problem comes from an external project (e.g not a Jenkins project).
So maintainers of this external project will not monitor every single project using it.
if no Jira this will be never be fixed or get any attention.
Let's be honest if it was in the other way, you would ask some ticket to be created....

@basil
Copy link
Collaborator

basil commented Sep 22, 2022

I have notified the Maven developers in this thread, and I do not intend to take any further action.

@olamy
Copy link

olamy commented Sep 22, 2022

I have notified the Maven developers in this thread, and I do not intend to take any further action.

Thanks a lot.
FTR https://issues.apache.org/jira/browse/MRELEASE-1104
this will really inform the Maven developers community and not only 1 or 2 members. Btw creating an issue will help users community as well and with possible workaround in case they face the same problem.

@basil
Copy link
Collaborator

basil commented Sep 27, 2022

Workaround successful

[2022-09-27T13:08:25.614Z] + mvn -B -V -s settings-release.xml -ntp release:prepare
[…]
[2022-09-27T13:09:28.960Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ jenkins-parent ---
[…]
[2022-09-27T13:09:30.671Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ jenkins-bom ---
[…]
[2022-09-27T13:09:43.350Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ websocket-spi ---
[…]
[2022-09-27T13:09:49.374Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ websocket-jetty9 ---
[…]
[2022-09-27T13:09:55.098Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ websocket-jetty10 ---
[…]
[2022-09-27T13:10:19.226Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ cli ---
[…]
[2022-09-27T13:18:02.416Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ jenkins-core ---
[…]
[2022-09-27T13:19:14.936Z] [INFO] [INFO] --- maven-jarsigner-plugin:3.0.0:sign (signWar) @ jenkins-war ---
[…]
[2022-09-27T13:19:22.060Z] [INFO] [INFO] 1 archive(s) processed
[…]
[2022-09-27T13:19:22.261Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ jenkins-war ---
[…]
[2022-09-27T15:25:35.327Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ jenkins-test ---
[…]
[2022-09-27T15:25:37.639Z] [INFO] [INFO] --- maven-gpg-plugin:3.0.1:sign (sign-artifacts) @ jenkins-coverage ---
[…]
[2022-09-27T15:26:11.447Z] + mvn -B -V -DstagingRepository=releases::https://repo.jenkins-ci.org/releases -s settings-release.xml -ntp release:stage
[…]
[2022-09-27T15:26:23.609Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ jenkins-parent ---
[2022-09-27T15:26:23.609Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:26:23.609Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/2.371/jenkins-parent-2.371.pom
[2022-09-27T15:26:24.010Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/2.371/jenkins-parent-2.371.pom (4.7 kB at 12 kB/s)
[2022-09-27T15:26:24.010Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/2.371/jenkins-parent-2.371.pom.asc
[2022-09-27T15:26:24.111Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/2.371/jenkins-parent-2.371.pom.asc (833 B at 13 kB/s)
[2022-09-27T15:26:24.111Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/maven-metadata.xml
[2022-09-27T15:26:24.211Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/maven-metadata.xml (10 kB at 100 kB/s)
[2022-09-27T15:26:24.211Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/maven-metadata.xml
[2022-09-27T15:26:24.412Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-parent/maven-metadata.xml (10 kB at 53 kB/s)
[…]
[2022-09-27T15:26:25.017Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ jenkins-bom ---
[2022-09-27T15:26:25.017Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:26:25.017Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/2.371/jenkins-bom-2.371.pom
[2022-09-27T15:26:25.419Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/2.371/jenkins-bom-2.371.pom (22 kB at 65 kB/s)
[2022-09-27T15:26:25.419Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/2.371/jenkins-bom-2.371.pom.asc
[2022-09-27T15:26:25.419Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/2.371/jenkins-bom-2.371.pom.asc (833 B at 11 kB/s)
[2022-09-27T15:26:25.419Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/maven-metadata.xml
[2022-09-27T15:26:25.519Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/maven-metadata.xml (7.5 kB at 99 kB/s)
[2022-09-27T15:26:25.519Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/maven-metadata.xml
[2022-09-27T15:26:25.720Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-bom/maven-metadata.xml (7.5 kB at 42 kB/s)
[…]
[2022-09-27T15:26:28.232Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ websocket-spi ---
[2022-09-27T15:26:28.232Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:26:28.232Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.pom
[2022-09-27T15:26:28.432Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.pom (4.9 kB at 27 kB/s)
[2022-09-27T15:26:28.432Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.jar
[2022-09-27T15:26:28.633Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.jar (4.6 kB at 23 kB/s)
[2022-09-27T15:26:28.633Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371-sources.jar
[2022-09-27T15:26:28.834Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371-sources.jar (4.5 kB at 27 kB/s)
[2022-09-27T15:26:28.834Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.jar.asc
[2022-09-27T15:26:28.935Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.jar.asc (833 B at 10 kB/s)
[2022-09-27T15:26:28.935Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.pom.asc
[2022-09-27T15:26:28.935Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371.pom.asc (833 B at 12 kB/s)
[2022-09-27T15:26:28.935Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371-sources.jar.asc
[2022-09-27T15:26:29.036Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/2.371/websocket-spi-2.371-sources.jar.asc (833 B at 11 kB/s)
[2022-09-27T15:26:29.036Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/maven-metadata.xml
[2022-09-27T15:26:29.136Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/maven-metadata.xml (792 B at 12 kB/s)
[2022-09-27T15:26:29.136Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/maven-metadata.xml
[2022-09-27T15:26:29.337Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-spi/maven-metadata.xml (744 B at 3.3 kB/s)
[…]
[2022-09-27T15:26:31.849Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ websocket-jetty9 ---
[2022-09-27T15:26:31.849Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:26:31.849Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.pom
[2022-09-27T15:26:32.050Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.pom (5.5 kB at 30 kB/s)
[2022-09-27T15:26:32.050Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.jar
[2022-09-27T15:26:32.250Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.jar (8.4 kB at 47 kB/s)
[2022-09-27T15:26:32.250Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371-sources.jar
[2022-09-27T15:26:32.451Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371-sources.jar (5.2 kB at 29 kB/s)
[2022-09-27T15:26:32.451Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.jar.asc
[2022-09-27T15:26:32.452Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.jar.asc (833 B at 12 kB/s)
[2022-09-27T15:26:32.452Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.pom.asc
[2022-09-27T15:26:32.552Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371.pom.asc (833 B at 12 kB/s)
[2022-09-27T15:26:32.552Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371-sources.jar.asc
[2022-09-27T15:26:32.653Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/2.371/websocket-jetty9-2.371-sources.jar.asc (833 B at 12 kB/s)
[2022-09-27T15:26:32.653Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/maven-metadata.xml
[2022-09-27T15:26:32.653Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/maven-metadata.xml (795 B at 15 kB/s)
[2022-09-27T15:26:32.653Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/maven-metadata.xml
[2022-09-27T15:26:32.854Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty9/maven-metadata.xml (747 B at 3.5 kB/s)
[…]
[2022-09-27T15:26:35.265Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ websocket-jetty10 ---
[2022-09-27T15:26:35.265Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:26:35.265Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.pom
[2022-09-27T15:26:35.466Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.pom (5.5 kB at 28 kB/s)
[2022-09-27T15:26:35.466Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.jar
[2022-09-27T15:26:35.667Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.jar (9.2 kB at 44 kB/s)
[2022-09-27T15:26:35.667Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371-sources.jar
[2022-09-27T15:26:35.768Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371-sources.jar (5.3 kB at 30 kB/s)
[2022-09-27T15:26:35.768Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.jar.asc
[2022-09-27T15:26:35.868Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.jar.asc (833 B at 12 kB/s)
[2022-09-27T15:26:35.868Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.pom.asc
[2022-09-27T15:26:35.969Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371.pom.asc (833 B at 13 kB/s)
[2022-09-27T15:26:35.969Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371-sources.jar.asc
[2022-09-27T15:26:35.969Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/2.371/websocket-jetty10-2.371-sources.jar.asc (833 B at 13 kB/s)
[2022-09-27T15:26:35.969Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/maven-metadata.xml
[2022-09-27T15:26:36.069Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/maven-metadata.xml (672 B at 7.7 kB/s)
[2022-09-27T15:26:36.069Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/maven-metadata.xml
[2022-09-27T15:26:36.270Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/websocket-jetty10/maven-metadata.xml (624 B at 4.0 kB/s)
[…]
[2022-09-27T15:26:47.207Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ cli ---
[2022-09-27T15:26:47.207Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:26:47.207Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.pom
[2022-09-27T15:26:47.509Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.pom (6.0 kB at 18 kB/s)
[2022-09-27T15:26:47.509Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.jar
[2022-09-27T15:26:47.910Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.jar (3.4 MB at 7.7 MB/s)
[2022-09-27T15:26:47.910Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-sources.jar
[2022-09-27T15:26:48.111Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-sources.jar (41 kB at 219 kB/s)
[2022-09-27T15:26:48.111Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-javadoc.jar
[2022-09-27T15:26:48.512Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-javadoc.jar (476 kB at 1.2 MB/s)
[2022-09-27T15:26:48.512Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.jar.asc
[2022-09-27T15:26:48.613Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.jar.asc (833 B at 8.2 kB/s)
[2022-09-27T15:26:48.613Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.pom.asc
[2022-09-27T15:26:48.713Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371.pom.asc (833 B at 11 kB/s)
[2022-09-27T15:26:48.714Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-sources.jar.asc
[2022-09-27T15:26:48.814Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-sources.jar.asc (833 B at 9.9 kB/s)
[2022-09-27T15:26:48.814Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-javadoc.jar.asc
[2022-09-27T15:26:48.915Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/2.371/cli-2.371-javadoc.jar.asc (833 B at 11 kB/s)
[2022-09-27T15:26:48.915Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/maven-metadata.xml
[2022-09-27T15:26:49.015Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/maven-metadata.xml (25 kB at 260 kB/s)
[2022-09-27T15:26:49.015Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/maven-metadata.xml
[2022-09-27T15:26:49.316Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/cli/maven-metadata.xml (25 kB at 78 kB/s)
[…]
[2022-09-27T15:28:12.680Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ jenkins-core ---
[2022-09-27T15:28:12.680Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:28:12.680Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.pom
[2022-09-27T15:28:13.081Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.pom (21 kB at 50 kB/s)
[2022-09-27T15:28:13.081Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.jar
[2022-09-27T15:28:13.683Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.jar (11 MB at 18 MB/s)
[2022-09-27T15:28:13.684Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-sources.jar
[2022-09-27T15:28:14.185Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-sources.jar (9.8 MB at 20 MB/s)
[2022-09-27T15:28:14.185Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-javadoc.jar
[2022-09-27T15:28:14.787Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-javadoc.jar (13 MB at 22 MB/s)
[2022-09-27T15:28:14.787Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.jar.asc
[2022-09-27T15:28:14.787Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.jar.asc (833 B at 13 kB/s)
[2022-09-27T15:28:14.787Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.pom.asc
[2022-09-27T15:28:14.888Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371.pom.asc (833 B at 13 kB/s)
[2022-09-27T15:28:14.888Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-sources.jar.asc
[2022-09-27T15:28:14.989Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-sources.jar.asc (833 B at 11 kB/s)
[2022-09-27T15:28:14.989Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-javadoc.jar.asc
[2022-09-27T15:28:14.989Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/2.371/jenkins-core-2.371-javadoc.jar.asc (833 B at 12 kB/s)
[2022-09-27T15:28:14.989Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/maven-metadata.xml
[2022-09-27T15:28:15.089Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/maven-metadata.xml (25 kB at 359 kB/s)
[2022-09-27T15:28:15.089Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/maven-metadata.xml
[2022-09-27T15:28:15.290Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-core/maven-metadata.xml (25 kB at 145 kB/s)
[…]
[2022-09-27T15:30:20.939Z] [INFO] [INFO] --- maven-deploy-plugin:3.0.0:deploy (default-deploy) @ jenkins-war ---
[2022-09-27T15:30:20.939Z] [INFO] [INFO] Using alternate deployment repository releases::https://repo.jenkins-ci.org/releases
[2022-09-27T15:30:21.039Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.pom
[2022-09-27T15:30:21.240Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.pom (6.4 kB at 23 kB/s)
[2022-09-27T15:30:21.240Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.war
[2022-09-27T15:30:25.054Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.war (94 MB at 25 MB/s)
[2022-09-27T15:30:25.054Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.xml
[2022-09-27T15:30:25.255Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.xml (37 kB at 146 kB/s)
[2022-09-27T15:30:25.255Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.html
[2022-09-27T15:30:25.456Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.html (31 kB at 178 kB/s)
[2022-09-27T15:30:25.456Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-sources.jar
[2022-09-27T15:30:25.657Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-sources.jar (71 kB at 324 kB/s)
[2022-09-27T15:30:25.657Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-javadoc.jar
[2022-09-27T15:30:25.858Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-javadoc.jar (402 kB at 1.9 MB/s)
[2022-09-27T15:30:25.858Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.war.asc
[2022-09-27T15:30:25.958Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.war.asc (833 B at 13 kB/s)
[2022-09-27T15:30:25.958Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.pom.asc
[2022-09-27T15:30:26.059Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.pom.asc (833 B at 12 kB/s)
[2022-09-27T15:30:26.059Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.xml.asc
[2022-09-27T15:30:26.059Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.xml.asc (833 B at 12 kB/s)
[2022-09-27T15:30:26.059Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.html.asc
[2022-09-27T15:30:26.159Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371.license.html.asc (833 B at 11 kB/s)
[2022-09-27T15:30:26.160Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-sources.jar.asc
[2022-09-27T15:30:26.260Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-sources.jar.asc (833 B at 12 kB/s)
[2022-09-27T15:30:26.260Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-javadoc.jar.asc
[2022-09-27T15:30:26.361Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/2.371/jenkins-war-2.371-javadoc.jar.asc (833 B at 11 kB/s)
[2022-09-27T15:30:26.361Z] [INFO] [INFO] Downloading from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/maven-metadata.xml
[2022-09-27T15:30:26.461Z] [INFO] [INFO] Downloaded from releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/maven-metadata.xml (25 kB at 229 kB/s)
[2022-09-27T15:30:26.461Z] [INFO] [INFO] Uploading to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/maven-metadata.xml
[2022-09-27T15:30:26.662Z] [INFO] [INFO] Uploaded to releases: https://repo.jenkins-ci.org/releases/org/jenkins-ci/main/jenkins-war/maven-metadata.xml (25 kB at 120 kB/s)
[…]

This was referenced Sep 27, 2022
Merged
Merged
@basil
Copy link
Collaborator

basil commented Sep 27, 2022

The workaround has been backported to stable-2.361. Be sure not to use -Darguments with release:stage and -DstagingRepository in order to avoid exposing the underlying Maven bug.

@basil basil closed this as completed Sep 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dduportal dduportal

Labels
release.ci.jenkins.io release security
Projects
None yet
Milestone
infra-team-sync-2022-10-04
Development

No branches or pull requests
6 participants
@olamy @basil @michael-o @dduportal @daniel-beck @NotMyFault