11:43 a.m.
Hi *,
I tried to use $subj for the first time today, and I must say $subj did
not meet my expectations. Namely, the timestamps and buildNumbers are
generated at the instant of deployment of the given artifact, which may
lead to distinct timestampts of artifacts of the same group and same
deploy operation.
So, when I want to use the latest timestamped SNAPSHOT of Alerts in
Hawkular, there is no single timestamped version that I could use for
all Alerts artifacts that I manage using the property
${version.org.hawkular.alerts}. To use the latest timestamped version, I
actually can remove the <version.org.hawkular.alerts> property
altogether. I have to put the latest 0.4.0-SNAPSHOT literal to into all
managed alerts artifacts
(https://github.com/hawkular/hawkular/blob/master/pom.xml#L154 and
https://github.com/hawkular/hawkular/blob/master/pom.xml#L161) then run
mvn versions:lock-snapshots -Psnapshots
and voila, it resolves the versions as follows:
<dependency>
<groupId>org.hawkular.alerts</groupId>
<artifactId>hawkular-alerts-actions-email</artifactId>
<version>0.4.0-20150817.111158-17</version>
<type>war</type>
</dependency>
<dependency>
<groupId>org.hawkular.alerts</groupId>
<artifactId>hawkular-alerts-rest</artifactId>
<version>0.4.0-20150817.111150-18</version>
<type>war</type>
</dependency>
Here, you can clearly see that the timestamped versions are not the same.
This guarantees the reproducibility of the builds, but I would not call
it practical. Manual maintenance of these scattered version numbers will
be error prone and cumbersome. One can use mvn versions plugin to handle
the versions.
http://www.mojohaus.org/versions-maven-plugin/examples/advancing-dependen...
Can anybody see a way how to make the timestamped snapshots easier to use?
Thanks,
Peter
11:10 a.m.
New subject: Timestamped SNAPSHOTs do not guarantee reproducibility
Hi again,
Today, I found that timestamped SNAPSHOTs do not guarantee reproducibility.
An example:
Let's have a simple war project [1] that depends on
hawkular-inventory-impl-tinkerpop
<dependencies>
<dependency>
<groupId>org.hawkular.inventory</groupId>
<artifactId>hawkular-inventory-impl-tinkerpop</artifactId>
<version>0.2.1-20150818.120735-14</version>
</dependency>
</dependencies>
Note that hawkular-inventory-impl-tinkerpop depends on another artifact
from the same group org.hawkular.inventory:hawkular-inventory-api
If we use version 0.2.1-20150818.120735-14 which happens to be the
*last* available snapshot in the repo [2], all is well: when we open the
war and check the Built-From-Git-SHA1 entries in MANIFEST.MF of
hawkular-inventory-impl-tinkerpop-*.jar and hawkular-inventory-api-*.jar
they both have the same value 90a594475048a7a81a5557a96ecd367cf6cc1d6c
But, let's say that we need to downgrade
hawkular-inventory-impl-tinkerpop to an older version 20150817.100338-13
for some reason:
<dependencies>
<dependency>
<groupId>org.hawkular.inventory</groupId>
<artifactId>hawkular-inventory-impl-tinkerpop</artifactId>
<version>20150817.100338-13</version>
</dependency>
</dependencies>
The war file build with hawkular-inventory-impl-tinkerpop
20150817.100338-13 contains hawkular-inventory-impl-tinkerpop-*.jar with
Built-From-Git-SHA1 c41249a9e45e3d5ed2cf2299db09463e339105e0 which is
expected, but hawkular-inventory-api-*.jar has Built-From-Git-SHA1
90a594475048a7a81a5557a96ecd367cf6cc1d6c which corresponds to the latest
snapshot 0.2.1-20150818.120735-14 rather than 20150817.100338-13. This
makes the build non-deterministic.
Thanks,
-- P
[1] https://github.com/ppalaga/snapshottest/blob/master/pom.xml#L40
[2]
https://repository.jboss.org/nexus/content/groups/public/org/hawkular/inv...
On 2015-08-17 18:43, Peter Palaga wrote:
Hi *,
I tried to use $subj for the first time today, and I must say $subj did
not meet my expectations. Namely, the timestamps and buildNumbers are
generated at the instant of deployment of the given artifact, which may
lead to distinct timestampts of artifacts of the same group and same
deploy operation.
So, when I want to use the latest timestamped SNAPSHOT of Alerts in
Hawkular, there is no single timestamped version that I could use for
all Alerts artifacts that I manage using the property
${version.org.hawkular.alerts}. To use the latest timestamped version, I
actually can remove the <version.org.hawkular.alerts> property
altogether. I have to put the latest 0.4.0-SNAPSHOT literal to into all
managed alerts artifacts
(https://github.com/hawkular/hawkular/blob/master/pom.xml#L154 and
https://github.com/hawkular/hawkular/blob/master/pom.xml#L161) then run
mvn versions:lock-snapshots -Psnapshots
and voila, it resolves the versions as follows:
<dependency>
<groupId>org.hawkular.alerts</groupId>
<artifactId>hawkular-alerts-actions-email</artifactId>
<version>0.4.0-20150817.111158-17</version>
<type>war</type>
</dependency>
<dependency>
<groupId>org.hawkular.alerts</groupId>
<artifactId>hawkular-alerts-rest</artifactId>
<version>0.4.0-20150817.111150-18</version>
<type>war</type>
</dependency>
Here, you can clearly see that the timestamped versions are not the same.
This guarantees the reproducibility of the builds, but I would not call
it practical. Manual maintenance of these scattered version numbers will
be error prone and cumbersome. One can use mvn versions plugin to handle
the versions.
http://www.mojohaus.org/versions-maven-plugin/examples/advancing-dependen...
Can anybody see a way how to make the timestamped snapshots easier to use?
Thanks,
Peter
_______________________________________________
hawkular-dev mailing list
hawkular-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/hawkular-dev
3418
days inactive
3419
days old
1 comments
1 participants
participants (1)
-
Peter Palaga