This is an automated email from the ASF dual-hosted git repository.
schultz pushed a commit to branch 10.1.x
in repository https://gitbox.apache.org/repos/asf/tomcat.git
commit 4a3a0801249a81a89761fc5b044ae71c0d83512c
Author: schultz <schu...@apache.org>
AuthorDate: Thu Oct 12 13:13:23 2023 -0700
Record toolchain version numbers when performing a release.
Verify toolchain version numbers when verifying a release.
---
build.xml | 41 ++++++++++++++++++++++++++++++++++++++++-
1 file changed, 40 insertions(+), 1 deletion(-)
diff --git a/build.xml b/build.xml
index 149d80f7e2..71e9fb3df6 100644
--- a/build.xml
+++ b/build.xml
@@ -2691,6 +2691,7 @@ skip.installer property in build.properties" />
<target name="pre-release" depends="-pre-release-lone-target-check,
-pre-release-read-asf-username"
description="Prepares for a release build by writing
build.properties.release which contains information about the release-build
environment.">
+ <antversion property="antversion"/>
<echo file="build.properties.release">#
-----------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
@@ -2743,6 +2744,8 @@ gpg.exec=${gpg.exec}
# File encoding: ${file.encoding}
#
# Release Manager: ${release.asfusername}
+release-java-version=${java.vm.version}
+release-ant-version=${antversion}
</echo>
<echo file="res/maven/mvn.properties.release">#
-----------------------------------------------------------------------------
# Licensed to the Apache Software Foundation (ASF) under one or more
@@ -4158,7 +4161,8 @@ Signature mismatch for @{basefile}:
</sequential>
</macrodef>
- <target name="verify-release" description="Verifies a release build against
published hashes.">
+ <target name="verify-release" depends="-check-release-toolchain-versions,
-require-release-toolchain-versions" description="Verifies a release build
against published hashes.">
+
<available property="released" file="build.properties.release" />
<fail unless="released">
@@ -4259,6 +4263,41 @@ One or more signatures failed.
All (important) signatures are verified; the build appears to be reproducible.
+</echo>
+ </target>
+
+ <target name="-check-release-toolchain-versions" if="release-java-version">
+ <!-- Establish default value -->
+ <property name="check-release-toolchain" value="true" />
+ <condition property="check-release-toolchain-versions">
+ <not>
+ <isfalse value="${check-release-toolchain}" />
+ </not>
+ </condition>
+ </target>
+
+ <target name="-require-release-toolchain-versions"
if="check-release-toolchain-versions">
+ <antversion property="antversion"/>
+ <condition property="release-toolchain-versions-match">
+ <and>
+ <antversion exactly="${antversion}" />
+ <equals arg1="${java.vm.version}" arg2="${release-java-version}" />
+ </and>
+ </condition>
+
+ <fail unless="release-toolchain-versions-match">
+Release toolchain versions do not match local toolchain:
+
+Release Java: ${release-java-version}
+Local Java: ${java.vm.version}
+Release Ant: ${release-ant-version}
+Local Ant: ${antversion}
+
+You may not be able to verify that this build is reproducible.
+
+Re-run with -Dcheck-release-toolchain=false to disable this check.
+</fail>
+ <echo>Local toolchain versions match release toolchain (Java
${release-java-version}, Ant ${release-ant-version}).
</echo>
</target>
</project>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
