A cikin wannan labarin, Ina so in yi la'akari da tsarin buga kayan tarihi na Java daga karce ta hanyar Github Actions zuwa Sonatype Maven Central Repository ta amfani da maginin Gradle.
Na yanke shawarar rubuta wannan labarin ne saboda rashin koyarwa ta al'ada a wuri guda. Dole ne a tattara duk bayanan gaba ɗaya daga tushe daban-daban, haka ma, ba sabo ba gaba ɗaya. Wane ne ya damu, maraba a ƙarƙashin cat.
Ƙirƙirar wurin ajiya a cikin Sonatype
Mataki na farko shine ƙirƙirar wurin ajiya a Sonatype Maven Central. Don wannan mu tafi , Yi rajista da ƙirƙirar sabon ɗawainiya, suna neman mu ƙirƙiri ma'ajiya. Muna tuƙi a cikin namu GroupId aikin, URL na aikin mahaɗin aikin da SCM url hanyar haɗi zuwa tsarin sarrafa sigar da aikin yake. GroupId anan yakamata ya kasance na nau'in com.example, com.example.domain, com.example.testsupport, kuma yana iya kasancewa ta hanyar hanyar haɗi zuwa github ɗin ku: -> io.github.sunan mai amfani. A kowane hali, kuna buƙatar tabbatar da ikon mallakar wannan yanki ko bayanin martaba. Idan kun ayyana bayanin martaba na github, za a nemi ku ƙirƙiri wurin ajiyar jama'a tare da sunan da ake so.
Wani lokaci bayan tabbatarwa, za a ƙirƙiri GroupId ɗin ku kuma za mu iya ci gaba zuwa mataki na gaba, Tsarin Gradle.
Ana saita Gradle
A lokacin rubuce-rubuce, ban sami kayan aikin Gradle waɗanda za su iya taimakawa wajen buga kayan aikin ba. kawai plugin ɗin da na samo, duk da haka, marubucin ya ƙi ƙara goyan bayansa. Saboda haka, na yanke shawarar yin komai da kaina, tun da yake ba shi da wuya a yi wannan.
Abu na farko da za a gano shine buƙatun Sonatype don bugawa. Waɗannan su ne:
- Samuwar lambobin tushe da JavaDoc, watau. dole ne ya halarta
-sources.jarи-javadoc.jarfayiloli. Kamar yadda aka bayyana a cikin takardun, idan ba zai yiwu a samar da lambobin tushe ko takardun ba, za ka iya yin guntu-sources.jarko-javadoc.jartare da sauƙi README a ciki don cin nasarar gwajin. - Dole ne a sanya hannu da duk fayiloli da su
GPG/PGPkuma.ascdole ne a haɗa fayil ɗin da ke ɗauke da sa hannu ga kowane fayil. - kasancewa
pomfayil - Madaidaitan dabi'u
groupId,artifactIdиversion. Sigar na iya zama kirtani na sabani kuma ba za ta iya ƙarewa da ita ba-SNAPSHOT - Ana buƙatar halarta
name,descriptionиurl - Kasancewar bayanai game da lasisi, masu haɓakawa da tsarin sarrafa sigar
Waɗannan su ne ƙa'idodi na asali waɗanda dole ne a bi yayin bugawa. Akwai cikakken bayani .
Muna aiwatar da waɗannan buƙatun a ciki build.gradle fayil. Da farko, bari mu ƙara duk mahimman bayanai game da masu haɓakawa, lasisi, tsarin sarrafa sigar, sannan kuma saita url, suna da bayanin aikin. Bari mu rubuta hanya mai sauƙi don wannan:
def customizePom(pom) {
pom.withXml {
def root = asNode()
root.dependencies.removeAll { dep ->
dep.scope == "test"
}
root.children().last() + {
resolveStrategy = DELEGATE_FIRST
description 'Some description of artifact'
name 'Artifct name'
url 'https://github.com/login/projectname'
organization {
name 'com.github.login'
url 'https://github.com/login'
}
issueManagement {
system 'GitHub'
url 'https://github.com/login/projectname/issues'
}
licenses {
license {
name 'The Apache License, Version 2.0'
url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
}
}
scm {
url 'https://github.com/login/projectname'
connection 'scm:https://github.com/login/projectname.git'
developerConnection 'scm:git://github.com/login/projectname.git'
}
developers {
developer {
id 'dev'
name 'DevName'
email '[email protected]'
}
}
}
}
}Na gaba, kuna buƙatar saka wannan yayin taron da aka haifar -sources.jar и-javadoc.jar fayiloli. Domin wannan sashe java kuna buƙatar ƙara waɗannan abubuwa:
java {
withJavadocJar()
withSourcesJar()
}Bari mu matsa zuwa buƙatun ƙarshe, kafa sa hannun GPG/PGP. Don yin wannan, haɗa plugin ɗin signing:
plugins {
id 'signing'
}Kuma ƙara sashe:
signing {
sign publishing.publications
}A ƙarshe, bari mu ƙara sashe publishing:
publishing {
publications {
mavenJava(MavenPublication) {
customizePom(pom)
groupId group
artifactId archivesBaseName
version version
from components.java
}
}
repositories {
maven {
url "https://oss.sonatype.org/service/local/staging/deploy/maven2"
credentials {
username sonatypeUsername
password sonatypePassword
}
}
}
}Yana da Sunan mai amfani и kalmar sirrin sonatype masu canji masu ɗauke da login da kalmar sirri da aka ƙirƙira yayin rajista a kunne .
Ta haka na karshe build.gradle zai yi kama da haka:
Cikakken ginin.gradle code
plugins {
id 'java'
id 'maven-publish'
id 'signing'
}
java {
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8
withJavadocJar()
withSourcesJar()
}
group 'io.github.githublogin'
archivesBaseName = 'projectname'
version = System.getenv('RELEASE_VERSION') ?: "0.0.1"
repositories {
mavenCentral()
}
dependencies {
testImplementation 'org.junit.jupiter:junit-jupiter-api:5.5.2'
testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.5.2'
}
test {
useJUnitPlatform()
}
jar {
from sourceSets.main.output
from sourceSets.main.allJava
}
signing {
sign publishing.publications
}
publishing {
publications {
mavenJava(MavenPublication) {
customizePom(pom)
groupId group
artifactId archivesBaseName
version version
from components.java
}
}
repositories {
maven {
url "https://oss.sonatype.org/service/local/staging/deploy/maven2"
credentials {
username sonatypeUsername
password sonatypePassword
}
}
}
}
def customizePom(pom) {
pom.withXml {
def root = asNode()
root.dependencies.removeAll { dep ->
dep.scope == "test"
}
root.children().last() + {
resolveStrategy = DELEGATE_FIRST
description 'Some description of artifact'
name 'Artifct name'
url 'https://github.com/login/projectname'
organization {
name 'com.github.login'
url 'https://github.com/githublogin'
}
issueManagement {
system 'GitHub'
url 'https://github.com/githublogin/projectname/issues'
}
licenses {
license {
name 'The Apache License, Version 2.0'
url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
}
}
scm {
url 'https://github.com/githublogin/projectname'
connection 'scm:https://github.com/githublogin/projectname.git'
developerConnection 'scm:git://github.com/githublogin/projectname.git'
}
developers {
developer {
id 'dev'
name 'DevName'
email '[email protected]'
}
}
}
}
}Ina so in lura cewa muna samun sigar daga canjin yanayi: System.getenv('RELEASE_VERSION'). Za mu fallasa shi yayin taro kuma za mu ɗauke shi daga sunan tag.
Ƙarfafa maɓallin PGP
Ɗaya daga cikin buƙatun Sonatype shine cewa duk fayiloli an sanya hannu tare da maɓallin GPG/PGP. Don wannan mu tafi kuma zazzage kayan aikin GnuPG don tsarin aikin ku.
- Muna samar da maɓalli biyu:
gpg --gen-key, shigar da sunan mai amfani, e-mail, sannan kuma saita kalmar wucewa. - Mun gano
idmakullin mu tare da umarni:gpg --list-secret-keys --keyid-format short. Za a ƙayyade Id bayan slash, misali: rsa2048/9B695056 - Buga maɓallin jama'a zuwa uwar garken umarni:
gpg --keyserver [https://keys.openpgp.org](https://keys.openpgp.org/) --send-keys 9B695056 - Muna fitar da maɓallin sirrin zuwa wani wuri na sabani, za mu buƙaci shi nan gaba:
gpg --export-secret-key 9B695056 > D:\gpg\9B695056.gpg
Saita Ayyukan Github
Bari mu matsa zuwa mataki na ƙarshe, saita ginin kuma buga ta atomatik ta amfani da Ayyukan Github.
Ayyukan Github siffa ce da ke ba ku damar sarrafa ayyukan aiki ta hanyar aiwatar da cikakken zagayowar CI / CD. Gina, gwadawa, da turawa ana iya haifar da su ta abubuwa daban-daban: tura lambar, ƙirƙirar sakin, ko batutuwa. Wannan aikin cikakken kyauta ne ga wuraren ajiyar jama'a.
A cikin wannan sashe, zan nuna muku yadda ake saita ginawa da tura code da tura zuwa wurin ajiyar Sonatype akan saki, da kuma saita sirri.
Mun sanya sirri
Don haɗawa ta atomatik da turawa, muna buƙatar ƙimar sirri da yawa, kamar maɓalli id, kalmar wucewa da muka shigar lokacin samar da maɓalli, maɓallin PGP kanta, da Sonatype login/password. Kuna iya saita su a cikin sashe na musamman a cikin saitunan ma'ajin:
Mun saita masu canji masu zuwa:
- SONATYPE_USERNAME / SONATYPE_PASSWORD - shiga / kalmar sirri da muka shigar lokacin yin rijista da Sonatype
- SIGNING_KEYID/SIGNING_PASSWORD — PGP key id da kalmar sirri da aka saita yayin tsarawa.
Ina so in dakata akan mabambantan GPG_KEY_CONTENTS daki-daki. Gaskiyar ita ce don bugawa muna buƙatar maɓallin PGP mai zaman kansa. Don sanya shi a cikin sirri, na yi amfani da shi sannan kuma yayi ayyuka da dama.
- Bari mu ɓoye maɓallin mu tare da gpg:
gpg --symmetric --cipher-algo AES256 9B695056.gpgta hanyar shigar da kalmar sirri. Yakamata a sanya shi cikin madaidaicin: SECRET_PASSPHRASE - Bari mu fassara maɓallin rufaffen da aka karɓa zuwa hanyar rubutu ta amfani da base64:
base64 9B695056.gpg.gpg > 9B695056.txt. Za a sanya abun cikin a cikin mai canzawa: GPG_KEY_CONTENTS.
Gina saitin lokacin tura lamba da ƙirƙirar PR
Da farko kuna buƙatar ƙirƙirar babban fayil a tushen aikin ku: .github/workflows.
A ciki, yi alama fayil ɗin, misali, gradle-ci-build.yml tare da abun ciki mai zuwa:
name: build
on:
push:
branches:
- master
- dev
- testing
pull_request:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Set up JDK 8
uses: actions/setup-java@v1
with:
java-version: 8
- name: Build with Gradle
uses: eskatos/gradle-command-action@v1
with:
gradle-version: current
arguments: build -PsonatypeUsername=${{secrets.SONATYPE_USERNAME}} -PsonatypePassword=${{secrets.SONATYPE_PASSWORD}}Za a aiwatar da wannan aikin aiki yayin turawa zuwa rassan master, dev и testing, Hakanan lokacin ƙirƙirar buƙatun ja.
Sashin ayyuka yana ƙayyadaddun matakan da za a aiwatar akan abubuwan da aka ƙayyade. A wannan yanayin, za mu gina sabon sigar ubuntu, yi amfani da Java 8, sannan mu yi amfani da plugin ɗin don Gradle. eskatos/gradle-command-action@v1wanda, ta amfani da sabon sigar magini, zai gudanar da umarnin da aka kayyade a ciki arguments. Masu canji secrets.SONATYPE_USERNAME и secrets.SONATYPE_PASSWORD wadannan su ne sirrikan da muka tambaya a baya.
Sakamakon ginin zai bayyana a cikin Ayyukan Ayyuka:
Aiwatar da atomatik lokacin da aka fito da sabon saki
Bari mu ƙirƙiri keɓan fayil ɗin tafiyar aiki don ƙaddamar da kai gradle-ci-publish.yml:
name: publish
on:
push:
tags:
- 'v*'
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Set up JDK 8
uses: actions/setup-java@v1
with:
java-version: 8
- name: Prepare to publish
run: |
echo '${{secrets.GPG_KEY_CONTENTS}}' | base64 -d > publish_key.gpg
gpg --quiet --batch --yes --decrypt --passphrase="${{secrets.SECRET_PASSPHRASE}}"
--output secret.gpg publish_key.gpg
echo "::set-env name=RELEASE_VERSION::${GITHUB_REF:11}"
- name: Publish with Gradle
uses: eskatos/gradle-command-action@v1
with:
gradle-version: current
arguments: test publish -Psigning.secretKeyRingFile=secret.gpg -Psigning.keyId=${{secrets.SIGNING_KEYID}} -Psigning.password=${{secrets.SIGNING_PASSWORD}} -PsonatypeUsername=${{secrets.SONATYPE_USERNAME}} -PsonatypePassword=${{secrets.SONATYPE_PASSWORD}}Fayil ɗin ya kusan kama da na baya, sai dai abin da zai faru da shi. A wannan yanayin, wannan shine taron ƙirƙirar tag tare da suna farawa da v.
Kafin turawa, muna buƙatar cire maɓallin PGP daga sirrin kuma sanya shi cikin tushen aikin, da kuma ɓoye shi. Na gaba, muna buƙatar saita canjin yanayi na musamman RELEASE_VERSION wanda muke nufi gradle.build fayil. Ana yin duk wannan a cikin sashe Prepare to publish. Muna samun maɓallin mu daga mabambancin GPG_KEY_CONTENTS, mu fassara shi zuwa fayil ɗin gpg, sannan mu ɓoye shi ta sanya shi a cikin fayil ɗin. secret.gpg.
Na gaba, za mu juya zuwa wani maɓalli na musamman GITHUB_REF, daga abin da za mu iya samun sigar da muka saita lokacin ƙirƙirar tag. Wannan canjin yana da dacewa a wannan yanayin. refs/tags/v0.0.2 daga inda muka yanke haruffa 11 na farko don samun takamaiman sigar. Bayan haka, muna amfani da daidaitattun umarnin Gradle don bugawa: test publish
Duba sakamakon turawa a ma'ajiyar Sonatype
Da zarar an ƙirƙiri sakin, aikin da aka kwatanta a cikin sashin da ya gabata yakamata ya fara. Don yin wannan, ƙirƙiri saki:
Dole ne sunan tag ya fara da v. Idan, bayan danna Fitar Buga, aikin ya ƙare cikin nasara, za mu iya zuwa don tabbatar:
Kayan aikin ya bayyana a cikin ma'ajiyar Staging. Nan da nan ya bayyana a cikin Buɗe matsayi, to dole ne a canza shi da hannu zuwa Matsayin Rufe ta latsa maɓallin da ya dace. Bayan duba cewa an cika duk buƙatun, kayan aikin na shiga cikin Matsayin Kusa kuma baya samuwa don gyarawa. A cikin wannan fom, zai ƙare a MavenCentral. Idan komai yayi kyau, zaku iya danna maɓallin release, kuma kayan aikin za su ƙare a cikin ma'ajin Sonatype.
Domin kayan tarihi ya shiga cikin MavenCentral, kuna buƙatar neman shi a cikin aikin da muka ƙirƙira a farkon. Kuna buƙatar yin wannan sau ɗaya kawai, don haka mu buga a karon farko. A lokuta masu zuwa, ba a buƙatar wannan, komai zai daidaita ta atomatik. Sun kunna min aiki tare da sauri, amma ya ɗauki kusan kwanaki 5 kafin kayan aikin ya kasance a cikin MavenCentral.
Wannan ke nan, mun buga kayan aikin mu a MavenCentral.
hanyoyi masu amfani
- makamantansu , kawai buga ta maven
- Staging Sonatype
- Sonatype wanda don ƙirƙirar aikin
- ma'ajiya inda aka saita duka
source: www.habr.com