eclipse/p2update/pom.xml - sling-ide-tooling - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor
 	license agreements. See the NOTICE file distributed with this work for additional
 	information regarding copyright ownership. The ASF licenses this file to
 	you under the Apache License, Version 2.0 (the "License"); you may not use
 	this file except in compliance with the License. You may obtain a copy of
 	the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
 	by applicable law or agreed to in writing, software distributed under the
 	License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
 	OF ANY KIND, either express or implied. See the License for the specific
 	language governing permissions and limitations under the License. -->
 <project
 	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
 	xmlns="http://maven.apache.org/POM/4.0.0"
 	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 	<modelVersion>4.0.0</modelVersion>
 	<parent>
 		<groupId>org.apache.sling.ide</groupId>
 		<artifactId>sling-ide-tooling</artifactId>
 		<version>1.2.3-SNAPSHOT</version>
 	</parent>
 	<artifactId>org.apache.sling.ide.p2update</artifactId>
 	<packaging>eclipse-repository</packaging>
 	<name>Apache Sling IDE Tools Update Site</name>

 	<scm>
 		<connection>scm:git:https://gitbox.apache.org/repos/asf/sling-ide-tooling.git</connection>
 		<developerConnection>scm:git:https://gitbox.apache.org/repos/asf/sling-ide-tooling.git</developerConnection>
 		<url>https://github.com/apache/sling-ide-tooling.git</url>
 	</scm>

 	<build>
 		<!-- ensure that extra files are picked up by the maven-source-plugin -->
 		<resources>
 			<resource>
 				<directory>.</directory>
 				<includes>
 					<include>category.xml</include>
 				</includes>
 			</resource>
 		</resources>
 		<plugins>
 			<!-- the update site is not expected to contain legal artifacts -->
 			<plugin>
 				<groupId>org.apache.geronimo.genesis.plugins</groupId>
 				<artifactId>tools-maven-plugin</artifactId>
 				<configuration>
 					<skip>true</skip>
 				</configuration>
 			</plugin>
 			<plugin>
 				<groupId>org.eclipse.tycho</groupId>
 				<artifactId>target-platform-configuration</artifactId>
 				<version>${tycho.version}</version>
 				<configuration>
 					<target>
 						<file>${basedir}/org.apache.sling.ide.target-definition.target</file>
 					</target>
 				</configuration>
 			</plugin>
 		</plugins>
 		<pluginManagement>
 			<plugins>
 				<plugin>
 					<groupId>org.apache.geronimo.genesis.plugins</groupId>
 					<artifactId>tools-maven-plugin</artifactId>
 					<executions>
 						<execution>
 							<!-- this goal does not work for eclipse repositories, therefore bind
 								to invalid phase id -->
 							<id>verify-legal-files</id>
 							<phase>invalid</phase>
 						</execution>
 					</executions>
 				</plugin>
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-source-plugin</artifactId>
 					<executions>
 						<execution>
 							<!-- this goal does not work for eclipse repositories, therefore bind
 								to invalid phase id -->
 							<id>attach-sources</id>
 							<phase>invalid</phase>
 						</execution>
 					</executions>
 				</plugin>
 				<plugin>
 					<groupId>org.apache.maven.plugins</groupId>
 					<artifactId>maven-release-plugin</artifactId>
 					<configuration>
 						<releaseProfiles>apache-release,sign-with-jarsigner</releaseProfiles>
 					</configuration>
 				</plugin>
 			</plugins>
 		</pluginManagement>
 	</build>
 	<profiles>
 		<profile>
 			<!-- this profile is automatically active during release:perform
 				each signature costs the ASF money, therefore only activate during releases
 			 -->
 			<id>sign-with-jarsigner</id>
 			<build>
 				<plugins>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
 						<artifactId>maven-enforcer-plugin</artifactId>
 						<executions>
 							<execution>
 								<id>enforce-digicert-one-env-variables</id>
 								<goals>
 									<goal>enforce</goal>
 								</goals>
 								<configuration>
 									<rules>
 										<requireProperty>
 											<property>env.PKCS11_CONFIG</property>
 										</requireProperty>
 										<!-- the ones listed at https://docs.digicert.com/de/digicert-one/secure-software-manager/ci-cd-integrations/maven-integration-with-pkcs11.html -->
 										<requireProperty>
 											<property>env.SM_CLIENT_CERT_PASSWORD</property>
 										</requireProperty>
 										<requireProperty>
 											<property>env.SM_CLIENT_CERT_FILE</property>
 										</requireProperty>
 										<requireProperty>
 											<property>env.SM_API_KEY</property>
 										</requireProperty>
 									</rules>
 								</configuration>
 							</execution>
 						</executions>
 					</plugin>
 					<plugin>
 						<groupId>org.apache.maven.plugins</groupId>
 						<artifactId>maven-jarsigner-plugin</artifactId>
 						<version>3.0.0</version>
 						<executions>
 							<execution>
 								<id>sign</id>
 								<goals>
 									<goal>sign</goal>
 								</goals>
 								<phase>prepare-package</phase> <!-- must happen after "assemble-repository" but before "fix-artifacts-metadata" -->
 								<configuration>
 									<keystore>NONE</keystore>
 									<alias>Sling-PMC-2022-09</alias>
 									<storepass>none</storepass>
 									<providerClass>sun.security.pkcs11.SunPKCS11</providerClass>
 									<storetype>PKCS11</storetype>
 									<providerArg>${env.PKCS11_CONFIG}</providerArg>
 									<tsa>http://timestamp.digicert.com</tsa>
 									<verbose>true</verbose>
 									<processMainArtifact>false</processMainArtifact>
 									<archiveDirectory>${project.build.directory}/repository/plugins</archiveDirectory>
 									<includes>
 										<!-- only sign our own artifacts -->
 										<include>org.apache.sling.*.jar</include>
 									</includes>
 								</configuration>
 							</execution>
 						</executions>
 					</plugin>
 					<!-- fix metadata of repository after signing -->
 					<plugin>
 						<groupId>org.eclipse.tycho</groupId>
 						<artifactId>tycho-p2-repository-plugin</artifactId>
 						<version>${tycho.version}</version>
 						<executions>
 							<execution>
 								<id>update-metadata-after-signing</id>
 								<goals>
 									<goal>fix-artifacts-metadata</goal>
 								</goals>
 								<phase>prepare-package</phase><!-- must happen after "sign" but before "archive-repository" -->
 							</execution>
 							<execution>
 								<id>verify</id>
 								<goals>
 									<goal>verify-repository</goal>
 								</goals>
 							</execution>
 						</executions>
 					</plugin>
 				</plugins>
 			</build>
 		</profile>
 		<profile>
 			<id>sign-with-gpg</id>
 			<build>
 				<plugins>
 					<plugin>
 						<groupId>org.eclipse.tycho</groupId>
 						<artifactId>tycho-gpg-plugin</artifactId>
 						<version>${tycho.version}</version>
 						<executions>
 							<execution>
 								<!-- https://tycho.eclipseprojects.io/doc/latest/tycho-gpg-plugin/sign-p2-artifacts-mojo.html -->
 								<id>sign-p2-artifacts</id>
 								<goals>
 									<goal>sign-p2-artifacts</goal>
 								</goals>
 							</execution>
 						</executions>
 					</plugin>
 				</plugins>
 			</build>
 		</profile>
 	</profiles>
 </project>
	<?xml version="1.0" encoding="UTF-8"?>
	<!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor
	license agreements. See the NOTICE file distributed with this work for additional
	information regarding copyright ownership. The ASF licenses this file to
	you under the Apache License, Version 2.0 (the "License"); you may not use
	this file except in compliance with the License. You may obtain a copy of
	the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required
	by applicable law or agreed to in writing, software distributed under the
	License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS
	OF ANY KIND, either express or implied. See the License for the specific
	language governing permissions and limitations under the License. -->
	<project
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
	xmlns="http://maven.apache.org/POM/4.0.0"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<modelVersion>4.0.0</modelVersion>
	<parent>
	<groupId>org.apache.sling.ide</groupId>
	<artifactId>sling-ide-tooling</artifactId>
	<version>1.2.3-SNAPSHOT</version>
	</parent>
	<artifactId>org.apache.sling.ide.p2update</artifactId>
	<packaging>eclipse-repository</packaging>
	<name>Apache Sling IDE Tools Update Site</name>

	<scm>
	<connection>scm:git:https://gitbox.apache.org/repos/asf/sling-ide-tooling.git</connection>
	<developerConnection>scm:git:https://gitbox.apache.org/repos/asf/sling-ide-tooling.git</developerConnection>
	<url>https://github.com/apache/sling-ide-tooling.git</url>
	</scm>

	<build>
	<!-- ensure that extra files are picked up by the maven-source-plugin -->
	<resources>
	<resource>
	<directory>.</directory>
	<includes>
	<include>category.xml</include>
	</includes>
	</resource>
	</resources>
	<plugins>
	<!-- the update site is not expected to contain legal artifacts -->
	<plugin>
	<groupId>org.apache.geronimo.genesis.plugins</groupId>
	<artifactId>tools-maven-plugin</artifactId>
	<configuration>
	<skip>true</skip>
	</configuration>
	</plugin>
	<plugin>
	<groupId>org.eclipse.tycho</groupId>
	<artifactId>target-platform-configuration</artifactId>
	<version>${tycho.version}</version>
	<configuration>
	<target>
	<file>${basedir}/org.apache.sling.ide.target-definition.target</file>
	</target>
	</configuration>
	</plugin>
	</plugins>
	<pluginManagement>
	<plugins>
	<plugin>
	<groupId>org.apache.geronimo.genesis.plugins</groupId>
	<artifactId>tools-maven-plugin</artifactId>
	<executions>
	<execution>
	<!-- this goal does not work for eclipse repositories, therefore bind
	to invalid phase id -->
	<id>verify-legal-files</id>
	<phase>invalid</phase>
	</execution>
	</executions>
	</plugin>
	<plugin>
	<groupId>org.apache.maven.plugins</groupId>
	<artifactId>maven-source-plugin</artifactId>
	<executions>
	<execution>
	<!-- this goal does not work for eclipse repositories, therefore bind
	to invalid phase id -->
	<id>attach-sources</id>
	<phase>invalid</phase>
	</execution>
	</executions>
	</plugin>
	<plugin>
	<groupId>org.apache.maven.plugins</groupId>
	<artifactId>maven-release-plugin</artifactId>
	<configuration>
	<releaseProfiles>apache-release,sign-with-jarsigner</releaseProfiles>
	</configuration>
	</plugin>
	</plugins>
	</pluginManagement>
	</build>
	<profiles>
	<profile>
	<!-- this profile is automatically active during release:perform
	each signature costs the ASF money, therefore only activate during releases
	-->
	<id>sign-with-jarsigner</id>
	<build>
	<plugins>
	<plugin>
	<groupId>org.apache.maven.plugins</groupId>
	<artifactId>maven-enforcer-plugin</artifactId>
	<executions>
	<execution>
	<id>enforce-digicert-one-env-variables</id>
	<goals>
	<goal>enforce</goal>
	</goals>
	<configuration>
	<rules>
	<requireProperty>
	<property>env.PKCS11_CONFIG</property>
	</requireProperty>
	<!-- the ones listed at https://docs.digicert.com/de/digicert-one/secure-software-manager/ci-cd-integrations/maven-integration-with-pkcs11.html -->
	<requireProperty>
	<property>env.SM_CLIENT_CERT_PASSWORD</property>
	</requireProperty>
	<requireProperty>
	<property>env.SM_CLIENT_CERT_FILE</property>
	</requireProperty>
	<requireProperty>
	<property>env.SM_API_KEY</property>
	</requireProperty>
	</rules>
	</configuration>
	</execution>
	</executions>
	</plugin>
	<plugin>
	<groupId>org.apache.maven.plugins</groupId>
	<artifactId>maven-jarsigner-plugin</artifactId>
	<version>3.0.0</version>
	<executions>
	<execution>
	<id>sign</id>
	<goals>
	<goal>sign</goal>
	</goals>
	<phase>prepare-package</phase> <!-- must happen after "assemble-repository" but before "fix-artifacts-metadata" -->
	<configuration>
	<keystore>NONE</keystore>
	<alias>Sling-PMC-2022-09</alias>
	<storepass>none</storepass>
	<providerClass>sun.security.pkcs11.SunPKCS11</providerClass>
	<storetype>PKCS11</storetype>
	<providerArg>${env.PKCS11_CONFIG}</providerArg>
	<tsa>http://timestamp.digicert.com</tsa>
	<verbose>true</verbose>
	<processMainArtifact>false</processMainArtifact>
	<archiveDirectory>${project.build.directory}/repository/plugins</archiveDirectory>
	<includes>
	<!-- only sign our own artifacts -->
	<include>org.apache.sling.*.jar</include>
	</includes>
	</configuration>
	</execution>
	</executions>
	</plugin>
	<!-- fix metadata of repository after signing -->
	<plugin>
	<groupId>org.eclipse.tycho</groupId>
	<artifactId>tycho-p2-repository-plugin</artifactId>
	<version>${tycho.version}</version>
	<executions>
	<execution>
	<id>update-metadata-after-signing</id>
	<goals>
	<goal>fix-artifacts-metadata</goal>
	</goals>
	<phase>prepare-package</phase><!-- must happen after "sign" but before "archive-repository" -->
	</execution>
	<execution>
	<id>verify</id>
	<goals>
	<goal>verify-repository</goal>
	</goals>
	</execution>
	</executions>
	</plugin>
	</plugins>
	</build>
	</profile>
	<profile>
	<id>sign-with-gpg</id>
	<build>
	<plugins>
	<plugin>
	<groupId>org.eclipse.tycho</groupId>
	<artifactId>tycho-gpg-plugin</artifactId>
	<version>${tycho.version}</version>
	<executions>
	<execution>
	<!-- https://tycho.eclipseprojects.io/doc/latest/tycho-gpg-plugin/sign-p2-artifacts-mojo.html -->
	<id>sign-p2-artifacts</id>
	<goals>
	<goal>sign-p2-artifacts</goal>
	</goals>
	</execution>
	</executions>
	</plugin>
	</plugins>
	</build>
	</profile>
	</profiles>
	</project>