Details

    • Type: New Feature New Feature
    • Status: Resolved Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.0.0-alpha-1
    • Component/s: Transport
    • Labels:
      None
    • Number of attachments :
      3

      Description

      Currently there are two HTTP providers in wagon infratstucture: http and ligh thttp, both based on commons-http-client.

      Mercury transport was create as green field Jetty client implementation with efficiency as a major design goal. It will be beneficial to utilize optimized features of Mercury client in the wagon provider:

      • Jetty client is highly optimized for network transfers
      • Mercury HTTP client accepts set parameters and parallelizes all the transfer operations
      • Mercury can be configured to automatically verify and/or generate OpenPGP signatures

      Wrapping Mercury into a wagon provider presents some challenges as Wagon architecture is a little outdated and is missing some parameters that will cause implementation to do unnecessary conversions - for example: TransferEvent in wagon APIs accepts byte [] buffer and int length. Jetty client optimizes even buffer usage and parameter offset is essential. Conversion here is a lost of memory and cycles.

        Activity

        Hide
        Oleg Gusakov added a comment - - edited

        mercury wagon provider: unpack the attached jar into $M2_HOME/lib, then use mttp: and mttps: protocols to use this provider. For instance:

        Repository Definition
        <repository>
          <id>chrel</id>
          <url>mttp://releases.repository.codehaus.org</url>
          <snapshots><enabled>false</enabled></snapshots>
          <releases><enabled>true</enabled></releases>
        </repository>
        

        For deployment, only webDAV servers are supported. Use the same mttp: or mttps: protocols as below

        Distribution Management
          <distributionManagement>
            <repository>
              <id>mercury-shapshots</id>
              <name>Mercury shapshots</name>
              <url>mttp://localhost:8081/nexus/content/repositories/snapshots</url>
            </repository>
          </distributionManagement>
        

        Don't forget server section in settings.xml if your server requires authentication.

        settings.xml
          <servers>
            <server>
              <id>mercury-shapshots</id>
              <username>user</username>
              <password>pass</password>
            </server>
          </servers>
        

        Client certificate authentication is not supported at the moment.

        I will add proxy and PGP configurations tomorrow

        Show
        Oleg Gusakov added a comment - - edited mercury wagon provider: unpack the attached jar into $M2_HOME/lib, then use mttp: and mttps: protocols to use this provider. For instance: Repository Definition <repository> <id>chrel</id> <url>mttp: //releases.repository.codehaus.org</url> <snapshots><enabled> false </enabled></snapshots> <releases><enabled> true </enabled></releases> </repository> For deployment, only webDAV servers are supported. Use the same mttp: or mttps: protocols as below Distribution Management <distributionManagement> <repository> <id>mercury-shapshots</id> <name>Mercury shapshots</name> <url>mttp: //localhost:8081/nexus/content/repositories/snapshots</url> </repository> </distributionManagement> Don't forget server section in settings.xml if your server requires authentication. settings.xml <servers> <server> <id>mercury-shapshots</id> <username>user</username> <password>pass</password> </server> </servers> Client certificate authentication is not supported at the moment. I will add proxy and PGP configurations tomorrow
        Hide
        Oleg Gusakov added a comment - - edited

        This updated version of Mercury wagon unzip-me-2.jar adds PGP signature generation/verification to the table

        Configuration: in order to generate PGP signatures, please sett all writer properties, for signature verification use reader configuration

        To wake up PGP functionality in Mercury wagon, specify -Dmaven.mercury.wagon.pgp.config=[property file] on the command line. Property file, pointed by the system property, has the following structure:

        PGP configuration roperty file
        ###########################################
        # Mercury wagon provider PGP configuration
        ###########################################
        
        # path to the file - public keyring with all the public keys that are authorized to sign artifacts 
        #reader.keyring=pubring.gpg
        
        # path to the file - secret keyring with the signer key 
        writer.keyring=secring.gpg
        # keyId in the keyring - should be 16 hex digits!
        writer.key.id=0EDB5D91141BC4F2
        # secret key password
        writer.key.pass=mySecretKeyPassword
        

        Please note that reader.keyring and writer.keyring point to an actual keyring file. I used GNUpg tools for Mac for key maintance - http://www.gnupg.org/

        Careful with the reader verification

        If repository does not have .asc pgp signatures and Maven tries to read from it, now it may create problems. In this case there is an undocumented facility to sign entire repository. Please comment here if that is needed.

        Show
        Oleg Gusakov added a comment - - edited This updated version of Mercury wagon unzip-me-2.jar adds PGP signature generation/verification to the table Configuration: in order to generate PGP signatures, please sett all writer properties, for signature verification use reader configuration To wake up PGP functionality in Mercury wagon, specify -Dmaven.mercury.wagon.pgp.config= [property file] on the command line. Property file, pointed by the system property, has the following structure: PGP configuration roperty file ########################################### # Mercury wagon provider PGP configuration ########################################### # path to the file - public keyring with all the public keys that are authorized to sign artifacts #reader.keyring=pubring.gpg # path to the file - secret keyring with the signer key writer.keyring=secring.gpg # keyId in the keyring - should be 16 hex digits! writer.key.id=0EDB5D91141BC4F2 # secret key password writer.key.pass=mySecretKeyPassword Please note that reader.keyring and writer.keyring point to an actual keyring file. I used GNUpg tools for Mac for key maintance - http://www.gnupg.org/ Careful with the reader verification If repository does not have .asc pgp signatures and Maven tries to read from it, now it may create problems. In this case there is an undocumented facility to sign entire repository. Please comment here if that is needed.
        Hide
        Oleg Gusakov added a comment -

        As proxy processing in wagon APIs is all messed up, I am not adding proxy configuration to Mercury wagon at this moment. Please let me know you really need it.

        Show
        Oleg Gusakov added a comment - As proxy processing in wagon APIs is all messed up, I am not adding proxy configuration to Mercury wagon at this moment. Please let me know you really need it.
        Hide
        Oleg Gusakov added a comment -

        Trying to replace http/https/dav providers in a branch and make ITs work

        Show
        Oleg Gusakov added a comment - Trying to replace http/https/dav providers in a branch and make ITs work
        Hide
        Oleg Gusakov added a comment -

        Can deploy to [any?] webDav server now

        The only small issue let is the total length indicator, maven shows 2334/? for now. Will fix.

        Show
        Oleg Gusakov added a comment - Can deploy to [any?] webDav server now The only small issue let is the total length indicator, maven shows 2334/? for now. Will fix.
        Hide
        Oleg Gusakov added a comment -

        Confirmed that it0031 fails on unmodified maven-2.1.x branch with old providers, so it's not related to Mercury wagon.

        Show
        Oleg Gusakov added a comment - Confirmed that it0031 fails on unmodified maven-2.1.x branch with old providers, so it's not related to Mercury wagon.
        Hide
        Oleg Gusakov added a comment -

        Done

        Show
        Oleg Gusakov added a comment - Done

          People

          • Assignee:
            Oleg Gusakov
            Reporter:
            Oleg Gusakov
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: