This is an automated email from the ASF dual-hosted git repository.
hboutemy pushed a commit to branch maven-buildinfo-plugin
in repository https://gitbox.apache.org/repos/asf/maven-studies.git
The following commit(s) were added to refs/heads/maven-buildinfo-plugin by this
push:
new 36e1be5 added README
36e1be5 is described below
commit 36e1be5a2f12d4f61b4cd8aecb3afaa073ca28da
Author: Hervé Boutemy <hbout...@apache.org>
AuthorDate: Fri Mar 6 00:37:50 2020 +0100
added README
---
README.md | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 75 insertions(+)
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..a8ef8d9
--- /dev/null
+++ b/README.md
@@ -0,0 +1,75 @@
+<!---
+ Licensed to the Apache Software Foundation (ASF) under one or more
+ contributor license agreements. See the NOTICE file distributed with
+ this work for additional information regarding copyright ownership.
+ The ASF licenses this file to You under the Apache License, Version 2.0
+ (the "License"); you may not use this file except in compliance with
+ the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+-->
+Apache Maven Buildinfo Plugin Study
+======================
+
+[][license]
+
+This plugin is a study, written as a Proof Of Concept of [Reproducible
Builds](https://reproducible-builds.org/) tooling
+to ease reproducing builds: once feedback will be given on Maven developper
mailing list, we'll see if this will be moved
+to a separate Maven plugin or if its unique goal will be merged to an existing
plugin.
+
+The purpose of this plugin is:
+
+- to generate a buildinfo file from a build, as specified in [Reproducible
Builds for the JVM](https://reproducible-builds.org/docs/jvm/)
+ that will eventually be deployed to remote repository
+
+- help rebuilders to check that they local build produces the same
Reproducible Build output than the reference build
+ published to a remote repository
+
+To use this plugin, you'll need to build and install from source, or use
SHAPSHOT from ```https://repository.apache.org/content/repositories/snapshots```
+
+Generating buildinfo after a build
+--------------
+
+```
+mvn verify buildinfo:save
+```
+
+Deploy to remote repository
+--------------
+
+Configure the plugin with its ```save```
+goal in your ```pom.xml```
+
+Check local build against remote reference
+--------------
+
+If reference build is available in a remote repository with predefined id,
like ```central```:
+
+```
+mvn verify buildinfo:save -Dreference.repo=central
+```
+
+If reference build is available in a remote repository without predefined id,
use its url instead:
+
+```
+mvn verify buildinfo:save
-Dreference.repo=https://repository.apache.org/content/groups/maven-staging-group/
+```
+
+Available Reproducible Releases in Maven Central Repository
+--------------
+
+-
[org.apache.maven.plugins:maven-shade-plugin:3.2.2](https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-shade-plugin/3.2.2/)
mono-module, with source-release
+
+-
[org.apache;maven.doxia:doxia:1.9.1](https://repo.maven.apache.org/maven2/org/apache/maven/doxia/doxia/1.9.1/)
multi-module, with source-release
+
+-
[info.guardianproject:jtorctl:0.4](https://repo.maven.apache.org/maven2/info/guardianproject/jtorctl/0.4/)
mono-module with provided buildinfo
+
+-
[org.apache.sling:org.apache.sling.installer.core:3.10.2](https://repo.maven.apache.org/maven2/org/apache/sling/org.apache.sling.installer.core/3.10.2/)
OSGI, with source-release
+
+[license]: https://www.apache.org/licenses/LICENSE-2.0
