Skip to content

don't put signatures in deploy jar #229

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Jun 29, 2017
Merged

don't put signatures in deploy jar #229

merged 3 commits into from
Jun 29, 2017

Conversation

oscar-stripe
Copy link
Contributor

We hit some error with a jar including a signature, then it causing the deploy jar to fail verification.

@googlebot
Copy link

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

  • If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
  • If your company signed a CLA, they designated a Point of Contact who decides which employees are authorized to participate. You may need to contact the Point of Contact for your company and ask to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the project maintainer to go/cla#troubleshoot.
  • In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again.

@bazel-io
Copy link

Can one of the admins verify this patch?

@ittaiz
Copy link
Contributor

ittaiz commented Jun 14, 2017

test this please (cibot)

ittaiz
ittaiz reviewed Jun 14, 2017
View reviewed changes
Copy link
Contributor

@ittaiz ittaiz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should have a test for this change so it won't be broken by mistake in the future. We can even check in a small binary with a signature if that would make it easier. WDYT?

src/java/io/bazel/rulesscala/jar/JarCreator.java
@Override
protected boolean ignoreFileName(String name) {
/*
* It does not make sense to copy signature files
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think it would be wise to rename JarCreator to FatJarCreator / DeployJarCreator / UberJarCreator? Current name made me wonder why the override is like this and the base is just "false". Until I read the comment and remembered

@johnynek
Copy link
Contributor

yeah, I will add a test. I just wanted to get unblocked so I pushed it here.

@ittaiz
Copy link
Contributor

ittaiz commented Jun 14, 2017 via email

@johnynek
Copy link
Contributor

okay @ittaiz, I have added a test which exposes the problem if I don't have this change and does not fail with the change.

I don't want to rename things at this stage since this code was originally copied from bazel and they set the names (also, we have code that actually depend on it elsewhere so it will be a migration pain for us that I am hoping to avoid).

@johnynek johnynek added cla: yes and removed cla: no labels Jun 29, 2017
@johnynek
Copy link
Contributor

I consent

@ittaiz
Copy link
Contributor

ittaiz commented Jun 29, 2017

Test this please

@ittaiz
Copy link
Contributor

ittaiz commented Jun 29, 2017

LGTM

@johnynek johnynek merged commit 9177a41 into master Jun 29, 2017
natansil pushed a commit to wix-incubator/rules_scala that referenced this pull request Jul 3, 2017
@oscar-stripe @natansil
don't put signatures in deploy jar (bazel-contrib#229)
6459879 
* don't put signatures in fat jar

* Add tests
@ittaiz ittaiz deleted the oscar/fix-fat-jar-sigs branch October 22, 2017 04:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ittaiz ittaiz ittaiz left review comments

Assignees
No one assigned
Labels
cla: yes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@oscar-stripe @googlebot @bazel-io @ittaiz @johnynek