Artifactory associates the Build Info
descriptor with the build artifacts artifacts based on their checksum.
If you look at the JSON which is the Build Info
descriptor, you'll be able to see:
{
...
"modules" : [ {
"id" : "org._10ne.gradle:rest-gradle-plugin:0.2.0",
"artifacts" : [ {
"type" : "pom",
"sha1" : "f0dcec6a603aa99f31990e20c0f314749f0e22ca",
"md5" : "427dcf49c07cc7be175ea31fd92da44e",
"name" : "rest-gradle-plugin-0.2.0.pom"
},
....
}
}
A Build Info
descriptor describes a "build" which is essentially a single unit of module/s produced by a certain process; this process depends on a specific environment.
You're deploying a new artifact which was not part of the original process or environment that the Build Info
describes; if it was, it would have been produced with the exact same checksum as the former artifact
You are basically compromising the integrity of the "build" unit.
The "right" way to do it would be to start a new build process and produce a valid Build Info
descriptor.