Good point, but I don't believe it's necessary if CI and management are the only clients that can push dependencies to the internal repository. Then, if someone checks in a POM that references an artifact that hasn't been blessed because they are using other repositories, CI will fail, also stopping the local production artifacts from being pushed. If production artifacts only come from the internal repo that CI pushed, you have transitive assurance that everything is clean.
There are a lot of repositories out on the net, blocking central and mirrors with a firewall is a good reminder not to use them, but relying on that to keep unapproved artifacts out of production builds is fraught with issues like this. On Sep 26, 2011, at 8:02 PM, Manfred Moser wrote: > And in addition if you want to make sure they do not use anything from > central you might want to block it on the firewall level (including mirrors) > > On 11-09-26 04:51 PM, Brian Topping wrote: >> http://www.sonatype.com/books/nexus-book/reference/maven-sect-single-group.html >> discusses how to do that. >> >> On Sep 26, 2011, at 7:47 PM, Sony Antony wrote: >> >>> Hi : >>> We have an http internal repository to which, I would like all developers to >>> point for their local builds. >>> But I dont want them to go to repo1.maven.org >>> Looks like if I switch maven to online (<offline>false</offline> ), it will >>> attempt to go to repo1 ( in addition to the repositories specified under >>> settings.xml ) >>> Is it possible to change this behavior >>> >>> --sony >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
