Changes between Version 6 and Version 7 of LocalOrcaCompile

Show
Ignore:
Timestamp:
02/07/09 11:43:12 (10 years ago)
Author:
aydan (IP: 69.134.122.47)
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • LocalOrcaCompile

    v6 v7  
    1515== Check out Orca's Top-level POM project == 
    1616 
     17All Orca projects depend on the Orca Top-Level POM project. Before you can build any of the Orca's projects you will need to obtain a copy of the top-level pom project: 
     18 
    1719{{{ 
    1820svn co https://geni-orca.renci.org/svn/orca/pom/trunk pom 
     
    2123}}} 
    2224 
    23 This will obtain a copy of the project and install it in your local repository. However, this will be a development version (-SNAPSHOT) and most Orca projects refer to a release version of the POM file. To obtain a given released version of the POM file use the '''getpom.sh'' script: 
     25This will obtain a copy of the project and install it in your local repository. However, this will be a development version (-SNAPSHOT) and most Orca projects refer to a release version of the POM file (no -SNAPSHOT in the version number). To obtain a given release version of the POM file use the '''getpom.sh'' script: 
    2426 
    2527{{{ 
     
    2729}}} 
    2830 
    29 The last release version of the POM file is 1.0. To install it in your local repository use: 
     31The current release version of the POM file is 1.0. To install it in your local repository use: 
    3032 
    3133{{{ 
     
    3436 
    3537 
     38== Obtain and register Orca web server's public key certificate == 
     39 
     40The Orca web server provides access to the  the subversion and maven repositories over the HTTPS protocol. Before any java application can fetch information from the web server, e.g., java artifacts from the maven repository, you will need to register the web server's self-signed public key certificate. The Orca Top-Level POM project contains a script to simplify this process: '''getcertificate.sh'''.  
     41 
     42The script requires that you have JAVA_HOME set. If JAVA_HOME is set to a system location, you will need to invoke the script with the right permissions, e.g., by using sudo. 
     43The script will use the default keystore password. In case you have changed the default password, you can specify it as an optional argument. 
     44 
     45{{{ 
     46   [sudo] ./getcertificate.sh [keystore_pass] 
     47}}} 
    3648 
    3749== Check out Modules == 
     
    3951The Orca repository at https://geni-orca.renci.org/svn is factored into many sub-projects.  Some Examples: 
    4052 
    41 || https://geni-orca.renci.org/svn/orca/pom                || Core orca Maven descriptor 
    4253|| https://geni-orca.renci.org/svn/orca/core/trunk         || The core (includes mysql schemas) 
    4354|| https://geni-orca.renci.org/svn/orca/webapp/trunk       || The Orca web portal 
    4455|| https://geni-orca.renci.org/svn/orca/handlers/ec2/trunk || EC2/Eucalyptus handler 
    4556 
    46 Most of these SVN projects build Maven artifacts (eg .../orca/core/trunk builds the orca.core POM).  This is nice because if you only want to work on one part of the tree (eg handlers/ec2/trunk) you only need check out that part of the tree.  When you build with Maven, prebuilt packages for all the other components you need will be downloaded and used.  This does present a couple of problems, though: 
     57Most of these projects build Maven artifacts.  This is nice because if you only want to work on one part of the tree (eg handlers/ec2/trunk) you only need check out that part of the tree.  When you build with Maven, prebuilt packages for all the other components you need will be downloaded and used. 
    4758 
    48  1. Maven needs to be able to find the remote repository we use (https://geni-orca.renci.org/maven/) 
    49  2. Maven doesn't like talking to https:// servers with a self-signed certificate 
    50  
    51 == Fixing SSL errors == 
    52  
    53 An easy solution to the first problem requires solving the second one first.  In order for Java to trust the CA that signed the SSL certificate used by https://geni-orca.renci.org we need to import this into the Java-local keystore with [http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html Keytool ] 
    54  
    55 Assuming $JAVA_HOME is defined (eg export JAVA_HOME="/Library/Java/Home" on OS X) the following horrible one-liner will do this: 
    56  
    57 {{{ 
    58  
    59  
    60 echo |openssl s_client -connect geni-orca.renci.org:443 2>&1 |sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo keytool -import -trustcacerts -alias geni-orca -keystore  $JAVA_HOME/lib/security/cacerts -storepass changeit -noprompt 
    61  
    62  
    63 }}} 
    64  
    65 This uses openssl to retrieve the CA cert, then tells keytool to add the certificate to its trusted CA list.  "changeit" is the default keystore password.   
    66  
    67 ~~~~ 
    68  
    69 == Telling Maven about the repository == 
    70  
    71 You could do this by editing files in ~/.m2/settings.xml (at least I think so).  I find it's easier just to  
    72 {{{ 
    73  svn checkout https://geni-orca.renci.org/svn/orca/pom/trunk pom 
    74  cd pom 
    75  mvn install 
    76 }}} 
    77  
    78 Once you've done this a local package with information about the Orca project (and its repository at geni-orca.renci.org) will be placed in your ~/.m2 directory.   
     59'''NOTE:''' maven will not download dependent packages if you have not registered the Orca web server's public key certificate.