Anyi nufin wannan labarin don masu haɓaka java waɗanda ke buƙatar buga samfuran su da sauri zuwa sonatype da/ko maven tsakiya ta amfani da GitLab. A cikin wannan labarin, zan yi magana game da kafa gitlab-runner, gitlab-ci da maven-plugin don magance wannan matsala.
Abubuwan da ake buƙata:
- Amintaccen ajiyar mvn da maɓallan GPG.
- Amintaccen aiwatar da ayyukan CI na jama'a.
- Ana loda kayan tarihi (saki/hoton hoto) zuwa wuraren ajiyar jama'a.
- Bincika ta atomatik na nau'ikan saki don bugawa a maven tsakiya.
- Magani na gaba ɗaya don loda kayan tarihi zuwa ma'ajiyar ayyuka don ayyuka da yawa.
- Sauƙi da sauƙin amfani.
Abubuwa
Janar bayanai
- Cikakken bayanin hanyar buga kayan tarihi zuwa Maven Central ta hanyar Sonatype OSS Repository Hosting Service an riga an kwatanta shi a cikin mai amfani , don haka zan koma ga wannan labarin a wuraren da suka dace.
- Yi rijista a kuma fara tikiti don buɗe ma'ajiyar (don ƙarin cikakkun bayanai, karanta sashin ). Bayan buɗe ma'ajiyar, JIRA login/Password biyu (wanda ake kira asusun Sonatype) za a yi amfani da shi don loda kayan tarihi zuwa Nexus na Sonatype.
- Bugu da ari, ana siffanta tsarin samar da maɓallin GPG a bushe sosai. Duba sashin don ƙarin bayani.
- Idan kuna amfani da na'ura wasan bidiyo na Linux don samar da maɓallin GPG (gnupg/gnupg2), to kuna buƙatar shigarwa. don samar da entropy. In ba haka ba, tsarar mahimmanci na iya ɗaukar lokaci mai tsawo.
- Ayyukan Ajiya jama'a Maɓallan GPG
Kafa aikin turawa a GitLab
- Da farko, kuna buƙatar ƙirƙira da daidaita aikin da za a adana bututun don jigilar kayan tarihi. Na kira aikina a sauƙaƙe ba tare da rikitarwa ba -
- Bayan ƙirƙirar ma'ajiyar, kuna buƙatar taƙaita damar don canza ma'ajiyar.
Je zuwa aikin -> Saituna -> Ma'ajiyar ajiya -> Rassan Kare. Muna share duk ƙa'idodi kuma muna ƙara ƙa'ida ɗaya tare da Wildcard * tare da haƙƙin turawa da haɗawa kawai don masu amfani tare da rawar Masu Kulawa. Wannan doka za ta yi aiki ga duk masu amfani da wannan aikin da kuma ƙungiyar da wannan aikin yake.
- Idan akwai masu kiyayewa da yawa, to, mafita mafi kyau ita ce ƙuntata damar yin amfani da aikin bisa manufa.
Je zuwa aikin -> Saituna -> Gabaɗaya -> Ganuwa, fasalulluka na aikin, izini da saita hangen nesa na aikin zuwa Private.
Ina da aiki a cikin damar jama'a, tunda ina amfani da nawa GitLab Runner kuma ni kaɗai ke da damar gyara ma'ajiyar. To, a zahiri bai dace na nuna bayanan sirri a cikin bututun bututun jama'a ba. - Tsananta ƙa'idodi don canza ma'ajiyar
Je zuwa aikin -> Saituna -> Ma'ajiyar Wuta -> Dokokin Turawa kuma saita ƙayyadaddun ƙayyadaddun tutoci, Duba ko marubucin mai amfani ne na GitLab. Ina kuma ba da shawarar saiti , da kuma kafa Tutar da ba a sanya hannu ba. - Na gaba, kuna buƙatar saita mai faɗakarwa don gudanar da ayyuka
Je zuwa aikin -> Saituna -> CI / CD -> Abubuwan da ke haifar da bututun bututu kuma ƙirƙirar sabon alamar faɗakarwa
Za'a iya ƙara wannan alamar nan da nan zuwa ga tsarin gaba ɗaya na masu canji don ƙungiyar ayyuka.
Jeka rukunin -> Saituna -> CI / CD -> Masu canji kuma ƙara mai canzawaDEPLOY_TOKENtare da alamar faɗakarwa a cikin ƙimar.
GitLab Runner
Wannan sashe yana bayyana ƙayyadaddun tsari don gudanar da ayyuka akan turawa ta amfani da ɗan ƙasa (Takamaiman) da na jama'a (Raba) mai gudu.
Takamaiman Gudu
Ina amfani da masu gudu na, saboda da farko yana da dacewa, sauri, arha.
Don mai gudu Ina ba da shawarar Linux VDS tare da 1 CPU, 2 GB RAM, 20 GB HDD. Farashin fitowa ~ 3000 ₽ kowace shekara.
Mai gudu na
Ga mai gudu na ɗauki VDS 4 CPU, 4 GB RAM, 50 GB SSD. Kudinsa ~11000₽ kuma bai taba nadama ba.
Ina da inji guda 7. 5 a Aruba da 2 a kan ihor.
Don haka, muna da mai gudu. Yanzu za mu saita shi.
Muna zuwa injin ta hanyar SSH kuma mu sanya java, git, maven, gnupg2.
Sanya gitlab mai gudu
- Ƙirƙiri sabon ƙungiya
runnersudo groupadd runner - Ƙirƙiri adireshi don maven cache kuma sanya haƙƙoƙin rukuni
runner
Kuna iya tsallake wannan matakin idan ba ku shirya gudanar da masu gudu da yawa akan na'ura ɗaya ba.mkdir -p /usr/cache/.m2/repository chown -R :runner /usr/cache chmod -R 770 /usr/cache - Ƙirƙiri mai amfani
gitlab-deployerkuma ƙara zuwa grouprunneruseradd -m -d /home/gitlab-deployer gitlab-deployer usermod -a -G runner gitlab-deployer - Ƙara zuwa fayil
/etc/ssh/sshd_configlayi na gabaAllowUsers root@* [email protected] - Sake yi
sshdsystemctl restart sshd - Saita kalmar sirri don mai amfani
gitlab-deployer(zai iya zama mai sauƙi, tun da akwai ƙuntatawa ga localhost)passwd gitlab-deployer - Shigar GitLab Runner (Linux x86-64)
sudo wget -O /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64 sudo chmod +x /usr/local/bin/gitlab-runner ln -s /usr/local/bin/gitlab-runner /etc/alternatives/gitlab-runner ln -s /etc/alternatives/gitlab-runner /usr/bin/gitlab-runner - Je zuwa gitlab.com -> tura-project -> Saituna -> CI/CD -> Masu gudu -> Specific Runners kuma kwafi alamar rajista
Allon
- Rijista mai gudu
gitlab-runner register --config /etc/gitlab-runner/gitlab-deployer-config.toml
aiwatar
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!- Duba cewa mai gudu yana da rijista. Je zuwa gitlab.com -> tura-project -> Saituna -> CI / CD -> Masu gudu -> Musamman Masu Gudu -> Masu gudu sun kunna don wannan aikin.
Allon
- .Ara raba sabis
/etc/systemd/system/gitlab-deployer.service[Unit] Description=GitLab Deploy Runner After=syslog.target network.target ConditionFileIsExecutable=/usr/local/bin/gitlab-runner [Service] StartLimitInterval=5 StartLimitBurst=10 ExecStart=/usr/local/bin/gitlab-runner "run" "--working-directory" "/home/gitlab-deployer" "--config" "/etc/gitlab-runner/gitlab-deployer-config.toml" "--service" "gitlab-deployer" "--syslog" "--user" "gitlab-deployer" Restart=always RestartSec=120 [Install] WantedBy=multi-user.target - Mun fara sabis.
systemctl enable gitlab-deployer.service systemctl start gitlab-deployer.service systemctl status gitlab-deployer.service - Duba cewa mai gudu yana gudana.
Alal misali:
GPG key tsara
-
Daga wannan inji muna tafiya ta ssh a ƙarƙashin mai amfani
gitlab-deployer(wannan yana da mahimmanci ga tsarar maɓalli na GPG)ssh [email protected] -
Muna samar da maɓalli ta hanyar amsa tambayoyi. Na yi amfani da sunana da imel.
Tabbatar da saka kalmar sirri don maɓalli. Za a sanya hannu kan kayan tarihi da wannan maɓalli.gpg --gen-key -
Duba
gpg --list-keys -a /home/gitlab-deployer/.gnupg/pubring.gpg ---------------------------------------- pub 4096R/00000000 2019-04-19 uid Petruha Petrov <[email protected]> sub 4096R/11111111 2019-04-19 -
Ana loda maɓallin jama'a zuwa uwar garken maɓalli
gpg --keyserver keys.gnupg.net --send-key 00000000 gpg: sending key 00000000 to hkp server keys.gnupg.net
Maven saitin
- Muna shiga ƙarƙashin mai amfani
gitlab-deployersu gitlab-deployer - Ƙirƙiri jagorar maven tanadi kuma haɗi tare da cache (kada ku yi kuskure)
Ana iya tsallake wannan matakin idan ba ku shirya gudanar da masu gudu da yawa akan na'ura ɗaya ba.mkdir -p ~/.m2/repository ln -s /usr/cache/.m2/repository /home/gitlab-deployer/.m2/repository - Ƙirƙiri maɓalli mai mahimmanci
mvn --encrypt-master-password password {hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=} - Ƙirƙiri fayil ~/.m2/settings-security.xml
<settingsSecurity> <master>{hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}</master> </settingsSecurity> - Rufe kalmar sirri daga asusun Sonatype
mvn --encrypt-password SONATYPE_PASSWORD {98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J} - Ƙirƙiri fayil ~/.m2/settings.xml
<settings> <profiles> <profile> <id>env</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.passphrase>GPG_SECRET_KEY_PASSPHRASE</gpg.passphrase> </properties> </profile> </profiles> <servers> <server> <id>sonatype</id> <username>SONATYPE_USERNAME</username> <password>{98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}</password> </server> </servers> </settings>
ku,
GPG_SECRET_KEY_PASSPRASE - GPG kalmar sirri
SONATYPE_USERNAME - shiga asusun sonatype
Wannan yana kammala saitin mai gudu, zaku iya ci gaba zuwa sashin
Raba Mai Gudu
GPG key tsara
-
Da farko, kuna buƙatar ƙirƙirar maɓallin GPG. Don yin wannan, shigar gnupg.
yum install -y gnupg -
Muna samar da maɓalli ta hanyar amsa tambayoyi. Na yi amfani da sunana da imel. Tabbatar da saka kalmar sirri don maɓalli.
gpg --gen-key -
Dawo mahimman bayanai
gpg --list-keys -a pub rsa3072 2019-04-24 [SC] [expires: 2021-04-23] 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 uid [ultimate] tttemp <[email protected]> sub rsa3072 2019-04-24 [E] [expires: none] -
Ana loda maɓallin jama'a zuwa uwar garken maɓalli
gpg --keyserver keys.gnupg.net --send-key 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 gpg: sending key 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 to hkp server keys.gnupg.net -
Samun maɓalli na sirri
gpg --export-secret-keys --armor 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 -----BEGIN PGP PRIVATE KEY BLOCK----- lQWGBFzAqp8BDADN41CPwJ/gQwiKEbyA902DKw/WSB1AvZQvV/ZFV77xGeG4K7k5 ... =2Wd2 -----END PGP PRIVATE KEY BLOCK----- -
Je zuwa saitunan aikin -> Saituna -> CI / CD -> Maɓallai kuma adana maɓallin keɓaɓɓen maɓalli
GPG_SECRET_KEY
Maven saitin
- Ƙirƙiri maɓalli mai mahimmanci
mvn --encrypt-master-password password {hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=} - Je zuwa saitunan aikin -> Saituna -> CI / CD -> Masu canzawa kuma adana a cikin mai canzawa
SETTINGS_SECURITY_XMLLayukan masu zuwa:<settingsSecurity> <master>{hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}</master> </settingsSecurity> - Rufe kalmar sirri daga asusun Sonatype
mvn --encrypt-password SONATYPE_PASSWORD {98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J} - Je zuwa saitunan aikin -> Saituna -> CI / CD -> Masu canzawa kuma adana a cikin mai canzawa
SETTINGS_XMLLayukan masu zuwa:<settings> <profiles> <profile> <id>env</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.passphrase>GPG_SECRET_KEY_PASSPHRASE</gpg.passphrase> </properties> </profile> </profiles> <servers> <server> <id>sonatype</id> <username>sonatype_username</username> <password>{98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}</password> </server> </servers> </settings>
ku,
GPG_SECRET_KEY_PASSPRASE - GPG kalmar sirri
SONATYPE_USERNAME - shiga asusun sonatype
Sanya hoton docker
-
Muna ƙirƙirar Dockerfile mai sauƙi mai sauƙi don gudanar da ayyuka akan turawa tare da sigar Java da ake so. Da ke ƙasa akwai misali ga mai tsayi.
FROM java:8u111-jdk-alpine RUN apk add gnupg maven git --update-cache --repository http://dl-4.alpinelinux.org/alpine/edge/community/ --allow-untrusted && mkdir ~/.m2/ -
Gina akwati don aikin ku
docker build -t registry.gitlab.com/group/deploy . -
Muna tantancewa da ɗora akwati a cikin wurin yin rajista.
docker login -u USER -p PASSWORD registry.gitlab.com docker push registry.gitlab.com/group/deploy
GitLab CI
Sanya aikin
Ƙara fayil ɗin .gitlab-ci.yml zuwa tushen aikin turawa
Rubutun yana gabatar da ayyuka biyu na keɓancewa. Takamaiman Gudu ko Raba Mai Gudu bi da bi.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
Aikin Java
A cikin ayyukan java waɗanda yakamata a loda su zuwa wuraren ajiyar jama'a, kuna buƙatar ƙara matakai 2 don zazzage nau'ikan Saki da Snapshot.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}A cikin wannan bayani, na ci gaba kaɗan kuma na yanke shawarar yin amfani da samfurin CI ɗaya don ayyukan java.
A cikin cikakkun bayanai
Na kirkiro wani aiki daban wanda a ciki ya sanya samfurin CI don ayyukan java .
gama gari.yml
stages:
- build
- test
- verify
- deploy
variables:
SONAR_ARGS: "
-Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA}
-Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}
"
.build_java_project:
stage: build
tags:
- touchbit-shell
variables:
SKIP_TEST: "false"
script:
- mvn clean
- mvn package -DskipTests=${SKIP_TEST}
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.build_sphinx_doc:
stage: build
tags:
- touchbit-shell
variables:
DOCKERFILE: .indirect/docs/Dockerfile
script:
- docker build --no-cache -t ${CI_PROJECT_NAME}/doc -f ${DOCKERFILE} .
.junit_module_test_run:
stage: test
tags:
- touchbit-shell
variables:
MODULE: ""
script:
- cd ${MODULE}
- mvn test
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.junit_test_run:
stage: test
tags:
- touchbit-shell
script:
- mvn test
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.sonar_review:
stage: verify
tags:
- touchbit-shell
dependencies: []
script:
- >
if [ "$CI_BUILD_REF_NAME" == "master" ]; then
mvn compile sonar:sonar -Dsonar.login=$SONAR_LOGIN $SONAR_ARGS
else
mvn compile sonar:sonar -Dsonar.login=$SONAR_LOGIN $SONAR_ARGS -Dsonar.analysis.mode=preview
fi
.trigger_deploy:
stage: deploy
tags:
- touchbit-shell
variables:
URL: "https://gitlab.com/api/v4/projects/10345765/trigger/pipeline"
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
.trigger_release_deploy:
extends: .trigger_deploy
only:
- tags
.trigger_snapshot_deploy:
extends: .trigger_deploy
when: manual
except:
- tags
Sakamakon haka, a cikin ayyukan java da kansu, .gitlab-ci.yml yayi kama da ƙarami kuma ba magana ba.
.gitlab-ci.yml
include: https://gitlab.com/TouchBIT/gitlab-ci/raw/master/common.yml
Shields4J:
extends: .build_java_project
Sphinx doc:
extends: .build_sphinx_doc
variables:
DOCKERFILE: .docs/Dockerfile
Sonar review:
extends: .sonar_review
dependencies:
- Shields4J
Release:
extends: .trigger_release_deploy
Snapshot:
extends: .trigger_snapshot_deploy
pom.xml daidaitawa
An bayyana wannan batu dalla-dalla. в , don haka zan bayyana wasu daga cikin nuances na amfani da plugins. Zan kuma bayyana yadda za ku iya amfani da sauƙi da sauƙi nexus-staging-maven-pluginidan ba ku so ko ba za ku iya amfani da org.sonatype.oss:oss-parent a matsayin iyaye don aikinku ba.
maven-install-plugin
Yana shigar da kayayyaki a cikin ma'ajiyar gida.
Yana da matukar amfani don tabbatarwa na gida na mafita a cikin wasu ayyukan, da kuma lissafin kuɗi.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-install-plugin</artifactId>
<executions>
<execution>
<id>install-project</id>
<!-- Если у вас многомодульный проект с деплоем родительского помика -->
<phase>install</phase>
<!-- Явно указываем файлы для локальной установки -->
<configuration>
<file>target/${project.artifactId}-${project.version}.jar</file>
```target/${project.artifactId}-${project.version}-sources.jar</sources>
<pomFile>dependency-reduced-pom.xml</pomFile>
<!-- Принудительное обновление метаданных проекта -->
<updateReleaseInfo>true</updateReleaseInfo>
<!-- Контрольные суммы для проверки целостности -->
<createChecksum>true</createChecksum>
</configuration>
</execution>
</executions>
</plugin>
maven-javadoc-plugin
Samar da javadoc don aikin.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>Idan kuna da tsarin da bai ƙunshi java ba (misali albarkatu kawai)
Ko kuma ba kwa son samar da javadoc bisa manufa, sannan don taimakawa maven-jar-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<executions>
<execution>
<id>empty-javadoc-jar</id>
<phase>generate-resources</phase>
<goals>
<goal>jar</goal>
</goals>
<configuration>
<classifier>javadoc</classifier>
<classesDirectory>${basedir}/javadoc</classesDirectory>
</configuration>
</execution>
</executions>
</plugin>
maven-gpg-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<!-- Сборка будет падать, если отсутствует GPG ключ -->
<!-- Подписываем артефакты только на фазе deploy -->
<phase>deploy</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
nexus-staging-maven-plugin
Tsari:
<project>
<!-- ... -->
<build>
<plugins>
<!-- ... -->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
</plugin>
</plugins>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<extensions>true</extensions>
<configuration>
<serverId>sonatype</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<!-- Обновляем метаданные, чтобы пометить артефакт как release -->
<!-- Не влияет на snapshot версии -->
<updateReleaseInfo>true</updateReleaseInfo>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<!-- Отключаем плагин -->
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<distributionManagement>
<snapshotRepository>
<id>sonatype</id>
<name>Nexus Snapshot Repository</name>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>sonatype</id>
<name>Nexus Release Repository</name>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
</project>Idan kuna da aikin multi-module, kuma ba kwa buƙatar loda takamaiman module zuwa ma'ajiyar, to kuna buƙatar ƙara zuwa pom.xml na wannan rukunin. nexus-staging-maven-plugin da tuta skipNexusStagingDeployMojo
<build>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<configuration>
<skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo>
</configuration>
</plugin>
</plugins>
</build>Bayan loda hotunan hoto/saki suna samuwa a ciki
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>Ƙarin ƙari
- Lissafin wadataccen maƙasudai don aiki tare da ma'ajin nexus (
mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin). - Duban sakewa ta atomatik don saukewa a maven tsakiya
sakamakon
Buga Sigar SNAPSHOT
Lokacin gina aikin, yana yiwuwa a fara aiki da hannu don zazzage sigar SNAPSHOT zuwa nexus
Lokacin da aka ƙaddamar da wannan aikin, aikin da ya dace a cikin aikin ƙaddamarwa yana kunna ().
guntun katako
Running with gitlab-runner 11.10.0 (3001a600)
on Deploy runner JSKWyxUw
Using Shell executor...
Running on ih1174328.vds.myihor.ru...
Skipping Git repository setup
Skipping Git checkout
Skipping Git submodules setup
$ rm -rf .* *
$ git config --global credential.helper store
$ echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
$ git clone ${DEPLOY_CI_REPOSITORY_URL} .
Cloning into 'shields4j'...
$ git checkout ${DEPLOY_CI_COMMIT_SHA}
Note: checking out '850f86aa317194395c5387790da1350e437125a7'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b new_branch_name
HEAD is now at 850f86a... skip deploy test-core
$ for pom in $(find . -name pom.xml); do # collapsed multi-line command
$ if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then # collapsed multi-line command
[INFO] Scanning for projects...
[INFO] Inspecting build with total of 4 modules...
[INFO] Installing Nexus Staging features:
[INFO] ... total of 4 executions of maven-deploy-plugin replaced with nexus-staging-maven-plugin
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] Shields4J [pom]
[INFO] test-core [jar]
[INFO] Shields4J client [jar]
[INFO] TestNG listener [jar]
[INFO]
[INFO] --------------< org.touchbit.shields4j:shields4j-parent >---------------
[INFO] Building Shields4J 1.0.0 [1/4]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- versions-maven-plugin:2.5:set (default-cli) @ shields4j-parent ---
[INFO] Searching for local aggregator root...
[INFO] Local aggregation root: /home/gitlab-deployer/JSKWyxUw/0/TouchBIT/deploy/shields4j
[INFO] Processing change of org.touchbit.shields4j:shields4j-parent:1.0.0 -> 1.0.0-SNAPSHOT
[INFO] Processing org.touchbit.shields4j:shields4j-parent
[INFO] Updating project org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:client
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:test-core
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:test-core
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:testng
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:client
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:test-core
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 0.992 s]
[INFO] test-core .......................................... SKIPPED
[INFO] Shields4J client ................................... SKIPPED
[INFO] TestNG listener 1.0.0 .............................. SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 2.483 s
[INFO] Finished at: 2019-04-21T02:40:42+03:00
[INFO] ------------------------------------------------------------------------
$ mvn clean deploy -DskipTests=${SKIP_TESTS}
[INFO] Scanning for projects...
[INFO] Inspecting build with total of 4 modules...
[INFO] Installing Nexus Staging features:
[INFO] ... total of 4 executions of maven-deploy-plugin replaced with nexus-staging-maven-plugin
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] Shields4J [pom]
[INFO] test-core [jar]
[INFO] Shields4J client [jar]
[INFO] TestNG listener [jar]
[INFO]
[INFO] --------------< org.touchbit.shields4j:shields4j-parent >---------------
[INFO] Building Shields4J 1.0.0-SNAPSHOT [1/4]
[INFO] --------------------------------[ pom ]---------------------------------
...
DELETED
...
[INFO] * Bulk deploy of locally gathered snapshot artifacts finished.
[INFO] Remote deploy finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0-SNAPSHOT ........................... SUCCESS [ 2.375 s]
[INFO] test-core .......................................... SUCCESS [ 3.929 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.815 s]
[INFO] TestNG listener 1.0.0-SNAPSHOT ..................... SUCCESS [ 36.134 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 47.629 s
[INFO] Finished at: 2019-04-21T02:41:32+03:00
[INFO] ------------------------------------------------------------------------A sakamakon haka, an ɗora nauyin sigar nexus .
Ana iya cire duk nau'ikan hotunan hoto daga ma'ajin da ke kan rukunin yanar gizon karkashin asusun ku.
Buga sigar saki
Lokacin da aka saita alamar, aikin da ya dace a cikin aikin turawa zai fara ta atomatik don loda sigar sakin zuwa nexus ().
Mafi kyawun sashi shine sakin kusa yana jawo ta atomatik a cikin nexus.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------Kuma idan wani abu ya yi kuskure, to aikin zai gaza
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------Sakamakon haka, an bar mu da zaɓi ɗaya kawai. Ko share wannan sigar ko buga.
Bayan dasawa, bayan ɗan lokaci, kayan kayan tarihi za su kasance a ciki
offtopic
Wahayi ne a gare ni cewa maven ya nuna sauran ma'ajiyar jama'a.
Dole ne in loda robots.txt saboda ya nuna ma tsohon ma'ajina.
ƙarshe
Abin da muke da shi
- Wani shiri na daban wanda zaku iya aiwatar da ayyukan CI da yawa don loda kayan tarihi zuwa wuraren ajiyar jama'a don harsunan ci gaba daban-daban.
- Aikin turawa ya keɓe daga tsangwama daga waje kuma masu amfani ne kawai za su iya gyara su tare da ayyukan Mai da Mai Kulawa.
- Wani keɓantaccen Mai gudu na musamman tare da ma'ajin "zafi" don gudanar da ayyuka kawai.
- Buga sigar hoto/saki a cikin ma'ajiyar jama'a.
- Bincika ta atomatik na sigar saki don shirye-shiryen bugawa a maven tsakiya.
- Kariya daga buga atomatik na nau'ikan “raw” a cikin maven tsakiya.
- Gina ku buga nau'ikan hoto na hoto "kan danna".
- Wurin ajiya guda ɗaya don samun sigar hoto/saki.
- Gabaɗaya bututun gini / gwaji / buga aikin java.
Ƙirƙirar GitLab CI ba ta da sarkakiyar batu kamar yadda ake gani a farkon kallo. Ya isa kafa CI akan maɓalli sau biyu, kuma yanzu kun yi nisa da mai son a cikin wannan lamarin. Haka kuma, takardun GitLab suna da yawa. Kada ku ji tsoro don ɗaukar mataki na farko. Hanyar tana bayyana a ƙarƙashin matakan mutumin da ke tafiya (Ban tuna wanda ya faɗi hakan :)
Zan yi farin cikin amsawa.
A cikin labarin na gaba, zan nuna muku yadda ake saita GitLab CI don gudanar da ayyukan gwajin haɗin kai cikin gasa (ayyukan gwaji tare da docker-compose) idan kuna da mai gudu harsashi ɗaya kawai.
source: www.habr.com