Add release configuration for nexus.codehaus.org

- sign artifacts
- list public keys into the file KEYS
- maven 2.1.0 and 2.2.0 are forbidden because they produce incorrect GPG signatures and checksums respectively

1 files changed, 33 insertions, 13 deletions

diff --git a/pom.xml b/pom.xml
index 2f02f9020e4..064d4e178cb 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,5 +1,6 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
 
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.codehaus.sonar</groupId>
@@ -63,12 +64,11 @@
   <distributionManagement>
     <repository>
       <id>codehaus-releases</id>
-      <url>dav:https://dav.codehaus.org/repository/sonar</url>
-      <uniqueVersion>false</uniqueVersion>
+      <name>Codehaus Release Repository</name>
+      <url>https://nexus.codehaus.org/service/local/staging/deploy/maven2/</url>
     </repository>
     <snapshotRepository>
       <id>sonar-snapshots</id>
-      <!-- value for Codehaus : dav:https://dav.codehaus.org/snapshots.repository/sonar -->
       <url>${sonar.snapshotRepository.url}</url>
       <uniqueVersion>false</uniqueVersion>
     </snapshotRepository>
@@ -97,14 +97,15 @@
     -->
     <derby.version>10.7.1.1</derby.version>
     <jetty.version>6.1.24</jetty.version>
-    <sonar.skippedModules>sonar-deprecated,sonar-gwt-api,sonar-core-gwt,sonar-testing-harness,sonar-samples</sonar.skippedModules>
+    <sonar.skippedModules>sonar-deprecated,sonar-gwt-api,sonar-core-gwt,sonar-testing-harness,sonar-samples
+    </sonar.skippedModules>
     <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-    <maven.min.version>2.0</maven.min.version>
     <jdk.min.version>1.5</jdk.min.version>
 
     <!-- default GWT configuration. It's overridden by the profile 'dev' to speed up compilation in dev environments-->
-    <gwt.permutationSuffix />
+    <gwt.permutationSuffix/>
     <gwt.extraJvmArgs>-Xmx512m -Xss1024k</gwt.extraJvmArgs>
+    <sonar.snapshotRepository.url>dav:https://dav.codehaus.org/snapshots.repository/sonar</sonar.snapshotRepository.url>
   </properties>
 
   <build>
@@ -183,6 +184,11 @@
           <version>2.6</version>
         </plugin>
         <plugin>
+          <groupId>org.apache.maven.plugins</groupId>
+          <artifactId>maven-gpg-plugin</artifactId>
+          <version>1.1</version>
+        </plugin>
+        <plugin>
           <!-- not thread safe -->
           <groupId>org.codehaus.mojo</groupId>
           <artifactId>gwt-maven-plugin</artifactId>
@@ -221,7 +227,7 @@
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
           <artifactId>maven-release-plugin</artifactId>
-          <version>2.1</version>
+          <version>2.2</version>
         </plugin>
         <plugin>
           <groupId>org.apache.maven.plugins</groupId>
@@ -336,9 +342,8 @@
             <configuration>
               <rules>
                 <requireMavenVersion>
-                  <message>To build this project Maven ${maven.min.version} (or upper) is required. Please install it.
-                  </message>
-                  <version>${maven.min.version}</version>
+                  <version>(,2.1.0),(2.1.0,2.2.0),(2.2.0,)</version>
+                  <message>Maven 2.1.0 and 2.2.0 produce incorrect GPG signatures and checksums respectively.</message>
                 </requireMavenVersion>
               </rules>
             </configuration>
@@ -375,9 +380,11 @@
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-release-plugin</artifactId>
         <configuration>
+          <tagNameFormat>@{project.version}</tagNameFormat>
           <autoVersionSubmodules>true</autoVersionSubmodules>
           <localCheckout>true</localCheckout>
           <pushChanges>false</pushChanges>
+          <releaseProfiles>release</releaseProfiles>
           <goals>deploy</goals>
         </configuration>
       </plugin>
@@ -421,7 +428,7 @@
             <id>attach-sources</id>
             <phase>verify</phase>
             <goals>
-              <goal>jar</goal>
+              <goal>jar-no-fork</goal>
             </goals>
           </execution>
         </executions>
@@ -928,7 +935,7 @@
   <scm>
     <connection>scm:git:git@github.com:SonarSource/sonar.git</connection>
     <developerConnection>scm:git:git@github.com:SonarSource/sonar.git</developerConnection>
-    <url>scm:git:git@github.com:SonarSource/sonar.git</url>
+    <url>git@github.com:SonarSource/sonar.git</url>
   </scm>
 
   <ciManagement>
@@ -1018,6 +1025,19 @@
               </execution>
             </executions>
           </plugin>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-gpg-plugin</artifactId>
+            <executions>
+              <execution>
+                <id>sign-artifacts</id>
+                <phase>verify</phase>
+                <goals>
+                  <goal>sign</goal>
+                </goals>
+              </execution>
+            </executions>
+          </plugin>
         </plugins>
       </build>
     </profile>