Bug 779575 (SOA-1950) - Need a manifest file for GA build
Summary: Need a manifest file for GA build
Keywords:
Status: CLOSED NEXTRELEASE
Alias: SOA-1950
Product: JBoss Enterprise SOA Platform 5
Classification: JBoss
Component: Distribution
Version: 5.0.0 CR1
Hardware: Unspecified
OS: Unspecified
urgent
urgent
Target Milestone: ---
: 5.1.0.CR1
Assignee: nwallace
QA Contact:
URL: http://jira.jboss.org/jira/browse/SOA...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-02-15 03:19 UTC by Len DiMaggio
Modified: 2011-03-02 04:34 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-03-02 04:34:42 UTC
Type: Task


Attachments (Terms of Use)
domanifest.py (543 bytes, text/x-python)
2010-02-16 19:03 UTC, Marc Schoenefeld
no flags Details
domanifest.py (578 bytes, text/x-python)
2010-02-18 16:23 UTC, Marc Schoenefeld
no flags Details
manifestverifier.py (1.88 KB, text/x-python)
2010-02-22 17:10 UTC, Marc Schoenefeld
no flags Details


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 724316 0 high CLOSED Need a manifest file for GA build 2021-02-22 00:41:40 UTC
Red Hat Issue Tracker JBQA-3167 0 None None None Never
Red Hat Issue Tracker JBQA-3975 0 None None None Never
Red Hat Issue Tracker SOA-1950 0 None None None Never

Internal Links: 724316

Description Len DiMaggio 2010-02-15 03:19:26 UTC
Date of First Response: 2010-02-16 10:49:04
project_key: SOA

This is a task for RE:

The final build needs a signed manifest file in the soa-5.0.0 .zip file that will be placed on the CSP, so customers can check the integrity and source of the SOA-P5  jars on a per-file basis.

Comment 3 Marc Schoenefeld 2010-02-16 19:03:39 UTC
Attachment: Added: domanifest.py


Comment 5 Marc Schoenefeld 2010-02-18 16:23:48 UTC
Attachment: Added: domanifest.py


Comment 7 Marc Schoenefeld 2010-02-22 17:10:49 UTC
Attachment: Added: manifestverifier.py


Comment 8 Len DiMaggio 2010-02-25 15:20:50 UTC
Link: Added: This issue related JBQA-3167


Comment 9 Len DiMaggio 2010-03-08 15:29:29 UTC
Link: Added: This issue related BRMS-261


Comment 10 nwallace 2010-11-07 23:49:47 UTC
Code is now in our signing routine to produce the manifest file.  
Verifier to come.

Comment 11 Martin Vecera 2010-11-11 12:20:05 UTC
Link: Added: This issue related JBQA-3975


Comment 13 Dana Mison 2011-01-05 00:14:41 UTC
Writer: Added: dlesage


Comment 14 nwallace 2011-01-11 17:20:43 UTC
It has been decided for now to keep the manifest file within the product zip. The MANIFEST.MF file will reside in a top level directory called Manifest.

[12:37]  <ldimaggi_> mschoene, tkirby remember the SOA-P 5.0 manifest files? Was this done as a stopgap measure as we were unable to sign all the jars?
[12:38]  <mschoene> ldimaggi_,  yes, we wanted to have trusted checksum 
[12:38]  <ldimaggi_> mschoene, tkirby what's the state of signing for 5.1?
[12:39]  <tkirby> tkirby, mschoene  broken by the attempt to add a manifest :-)
[12:40]  <mschoene> tkirby, who is guilty , hen or egg ? 
[12:41]  <jdc> mschoene: Dinsoaurs.
[12:41]  <mschoene> jdc, :)
[12:41]  <tkirby> mschoene, signing was working fine, but the manifest appeared in the top level, attempting to move this outside has caused problems so we can
[12:42]  <tkirby> mschoene, ldimaggi_  a) just sign
[12:42]  <tkirby> b) sign and have manifest in top level
[12:42]  <mschoene> tkirby, the signing process creates manifests too , btw 
[12:42]  <tkirby> c) sign and have manifest seperate
[12:42]  <mschoene> tkirby, staying with b) is great 
[12:43]  <tkirby> mschoene, ok because that is what we had
[12:43]  <tkirby> griz ping ^^^^^^^^^^
[12:45]  <griz> tkirby: ok, I'll put it back to how it was.
[12:45]  <ldimaggi_> tkirby, griz mschoene great!
[12:47]  <tkirby> griz is it still in a meta-inf directory?
[12:49]  <griz> tkirby: I'd changed it to be a freestanding file in it's own zip. I'll take my changes out of the sign-unsigned-jars and then it'll be in the META-INF dir in the product zip.
[12:49]  <tkirby> griz can we rename that to Manifest?
[12:49]  <tkirby> griz or is that what you get given?
[12:51]  <ldimaggi_> tkirby, please put all this ^ into the JIRA - or we will forget it all
[12:51]  <griz> tkirby: A directory called Manifest in the prod zip containing a file called MANIFEST.MF? Sure.
[12:51]  <griz> ldimaggi_: will do.
[12:51]  <tkirby> mschoene, ^^^^ That OK with you?
[12:54]  <tkirby> griz unless mschoene objects go ahead with that, add the conversation to the Jiras
[12:54]  <griz> tkirby: will do.
[12:54]  <mschoene> tkirby, hmm, i am not sure i understand that entirely from the backlog , i'll comment in the jira 
[12:55]  <tkirby> griz  we may have a delay to the build so you probably have a day or so to revert it
[12:55]  <griz> tkirby: shouldn't take long to change and check
[12:55]  <tkirby> mschoene,  the manifes will be call manifest.mf and will be in the top level of the zip under a dir called manifest
[12:57]  <griz> mschoene: hi. Just to make sure, The MANIFEST.MF will live in a directory called Manifest which will be a top level directory in the product zip.
[12:58]  <mschoene> griz, that sounds good to me, will that be in next ER? 
[12:58]  <griz> mschoene: Yep.
[13:00]  <mschoene> griz, ok, then i'll have a look at that file too once available 


Comment 15 nwallace 2011-02-04 20:26:45 UTC
Looks like everyone's happy now.

Comment 16 David Le Sage 2011-03-02 04:32:47 UTC
Temporarily reopening to update release note information.

Comment 17 David Le Sage 2011-03-02 04:34:35 UTC
Release Notes Docs Status: Added: Documented as Resolved Issue
Release Notes Text: Added: https://issues.jboss.org/browse/SOA-1950

A signed manifest file has been added to the soa-5.1.0.zip archive that is available on the Customer Service Portal.. Customers should use this to check the integrity and source of the SOA-P5 jars on a per-file basis.



Note You need to log in before you can comment on or make changes to this bug.