Hoʻonohonoho i ka GitLab CI e hoʻouka i kahi papahana java i ka maven kikowaena
Kuhi ʻia kēia ʻatikala no nā mea hoʻomohala java e pono e hoʻolaha koke i kā lākou huahana ma sonatype a / a i ʻole maven kikowaena kikowaena me GitLab. Ma kēia ʻatikala e kamaʻilio wau e pili ana i ka hoʻonohonoho ʻana i ka gitlab-runner, gitlab-ci a me ka maven-plugin e hoʻoponopono i kēia pilikia.
Nā Pono:
Mālama palekana i nā kī mvn a me GPG.
Hoʻokō palekana i nā hana CI lehulehu.
Ka hoʻouka ʻana i nā mea kiʻi (hoʻokuʻu/paʻi kiʻi) i nā waihona lehulehu.
Nānā 'akomi o nā mana hoʻokuʻu no ka hoʻolaha ʻana ma ke kikowaena maven.
He hopena maʻamau no ka hoʻouka ʻana i nā mea kiʻi i kahi waihona no nā papahana he nui.
Ua wehewehe mua ʻia kahi wehewehe kikoʻī o ka mīkini no ka hoʻopuka ʻana i nā mea kiʻi ma Maven Central ma o Sonatype OSS Repository Hosting Service. keia 'atikala mea hoʻohana Googolplex, no laila e kuhikuhi wau i kēia ʻatikala ma nā wahi kūpono.
Kakau mua ma Sonatype JIRA a hoʻomaka i kahi tiketi e wehe i ka waihona (no nā kikoʻī hou aku, heluhelu i ka ʻāpana E hana i kahi tiketi Sonatype JIRA). Ma hope o ka wehe ʻana i ka waihona, e hoʻohana ʻia ka JIRA login / password pair (ma hope i kapa ʻia ʻo ka Sonatype account) e hoʻouka i nā kiʻi i ka Sonatype nexus.
Inā hoʻohana ʻoe i ka console Linux e hana i kahi kī GPG (gnupg/gnupg2), a laila pono ʻoe e hoʻokomo. rng-mea hana e hoopuka i ka entropy. A i ʻole, hiki i ka hana kī ke lawe i kahi manawa lōʻihi loa.
ʻO ka mea mua, pono ʻoe e hana a hoʻonohonoho i kahi papahana kahi e mālama ʻia ai ka pipeline i mea e kau ai i nā artifacts. Ua kāhea wau i kaʻu papahana maʻalahi a paʻakikī - hoʻolālā
Ma hope o ka hana ʻana i ka waihona, pono ʻoe e kaupalena i ke komo ʻana e hoʻololi i ka waihona.
E hele i ka papahana -> Settings -> Repository -> Nā lālā pale. Holoi mākou i nā lula āpau a hoʻohui i hoʻokahi lula me Wildcard * me ke kuleana e paʻi a hoʻohui wale no nā mea hoʻohana me ke kuleana Maintainers. E hoʻohana ʻia kēia lula no nā mea hoʻohana a pau o kēia papahana a me ka hui nona kēia papahana.
Inā he nui nā mea mālama, a laila ʻo ka hopena maikaʻi loa ʻo ka hoʻopaʻa ʻana i ke komo ʻana i ka papahana ma ke kumu.
E hele i ka papahana -> Nā hoʻonohonoho -> Nui -> ʻIke, nā hiʻohiʻona papahana, nā ʻae a hoʻonohonoho i ka ʻike Project uku.
Loaʻa iaʻu kahi papahana i ka lehulehu, ʻoiai ke hoʻohana nei au i kaʻu GitLab Runner a ʻo wau wale nō ka mea hiki ke hoʻololi i ka waihona. ʻAe, ʻaʻole pono iaʻu e hōʻike i ka ʻike pilikino i nā lāʻau pipeline lehulehu.
Hoʻopaʻa i nā lula no ka hoʻololi ʻana i ka waihona
E hele i ka papahana -> Settings -> Repository -> Push Rules a hoʻonoho i nā hae Committer palena, E nānā inā he mea hoʻohana GitLab ka mea kākau. Paipai au i ka hoʻonohonoho ʻana hoʻopaʻa inoa, a hoʻonoho i ka hae hoʻopaʻa inoa ʻole.
A laila, pono ʻoe e hoʻonohonoho i kahi trigger e holo i nā hana
E hele i ka papahana -> Settings -> CI / CD -> Pipeline triggers a hana i kahi hōʻailona hōʻailona hou
Hiki ke hoʻohui koke ʻia kēia hōʻailona i ka hoʻonohonoho maʻamau o nā mea hoʻololi no kahi hui o nā papahana.
E hele i ka hui -> Nā hoʻonohonoho -> CI / CD -> Nā mea hoʻololi a hoʻohui i kahi loli DEPLOY_TOKEN me ka trigger-token i ka waiwai.
Hōʻike kēia ʻāpana i ka hoʻonohonoho no ka holo ʻana i nā hana ma ka hoʻohana ʻana i kāu mea holo (Specific) a me ka lehulehu (Shared).
Holokino kikoʻī
Hoʻohana wau i kaʻu mau mea holo ponoʻī, no ka mea ʻo ka mea mua he maʻalahi, wikiwiki, maʻalahi.
No ka mea holo, paipai wau iā Linux VDS me 1 CPU, 2 GB RAM, 20 GB HDD. Kumu kūʻai hoʻopuka ~ 3000₽ i kēlā me kēia makahiki.
Ko'u kukini
No ka mea holo, ua lawe au i ka VDS 4 CPU, 4 GB RAM, 50 GB SSD. Ua kūʻai ʻia ʻo ~11000₽ a ʻaʻole mihi.
Loaʻa iaʻu he 7 mau mīkini. 5 ma aruba a me 2 ma ihor.
No laila he kukini kā mākou. I kēia manawa e hoʻonohonoho mākou.
Hele mākou i ka mīkini ma o SSH a hoʻokomo i ka java, git, maven, gnupg2.
E hana i kahi papa kuhikuhi no ka maven cache a hāʻawi i nā kuleana hui runner
Hiki iā ʻoe ke hoʻokuʻu i kēia ʻanuʻu inā ʻaʻole ʻoe e hoʻolālā e holo i nā kukini he nui ma ka mīkini hoʻokahi.
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
E hōʻoia ua kākau inoa ʻia ka mea holo. E hele i gitlab.com -> deploy-project -> Settings -> CI/CD -> Runners -> Specific Runners -> Runners activated for this project
Hoʻokumu mākou i kahi kī ma ka pane ʻana i nā nīnau. Ua hoʻohana au i koʻu inoa ponoʻī a me ka leka uila.
E hōʻoia i ka ʻōlelo huna no ke kī. E pūlima ʻia nā mea hana me kēia kī.
gpg --gen-key
Haki aku
gpg --list-keys -a
/home/gitlab-deployer/.gnupg/pubring.gpg
----------------------------------------
pub 4096R/00000000 2019-04-19
uid Petruha Petrov <[email protected]>
sub 4096R/11111111 2019-04-19
Ke hoʻouka ʻana i kā mākou kī ākea i ke kikowaena kī
gpg --keyserver keys.gnupg.net --send-key 00000000
gpg: sending key 00000000 to hkp server keys.gnupg.net
E hana i kahi papa kuhikuhi maven hale waihona a loulou me ka huna huna (mai kuhi hewa)
Hiki iā ʻoe ke lele i kēia wahi inā ʻaʻole ʻoe e hoʻolālā e holo i kekahi mau mea holo ma ka mīkini hoʻokahi.
Hoʻohui i ka faila .gitlab-ci.yml i ke kumu o ka papahana hoʻolālā
Hōʻike ka ʻatikala i ʻelua mau hana hoʻolaha kūʻokoʻa. Runner kiko'ī a i ʻole ka mea holo kaʻa like.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
Ma nā papahana java i manaʻo ʻia e hoʻouka ʻia i nā waihona waihona lehulehu, pono ʻoe e hoʻohui i nā ʻanuʻu 2 e hoʻoiho i nā mana Hoʻokuʻu a me Snapshot.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
Ma kēia hoʻonā, ua hele iki au a hoʻoholo e hoʻohana i hoʻokahi template CI no nā papahana java.
Nāʻike hou
Ua hana au i papahana kaawale gitlab-ci kahi i waiho ai ʻo ia i ka template CI no nā papahana java maʻamau.yml.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>
Inā loaʻa iā ʻoe kahi module ʻaʻohe java (no ka laʻana wale nō nā kumuwaiwai)
A i ʻole makemake ʻoe e hoʻohua i ka javadoc ma ke kumu, a laila e kōkua maven-jar-plugin
Inā loaʻa iā ʻoe kahi papahana multi-module, a ʻaʻole pono ʻoe e hoʻouka i kahi module kikoʻī i ka waihona, a laila pono ʻoe e hoʻohui i ka pom.xml o kēia module nexus-staging-maven-plugin me ka hae skipNexusStagingDeployMojo
Ma hope o ka hoʻouka ʻana i ka snapshot/release versions i loaʻa i loko nā hale waihona puke
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>
Hoʻonui hou aku
He papa inoa waiwai nui o nā pahuhopu no ka hana ʻana me ka waihona nexus (mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin).
Nānā hoʻokuʻu ʻakomi no ka hiki ke hoʻoiho ma ke kikowaena maven
Ke hoʻonoho ʻia ka hōʻailona, hoʻomaka koke ʻia ka hana e pili ana i ka papahana deploy e hoʻouka i ka mana hoʻokuʻu i nexus (hiʻohiʻona).
ʻO ka hapa maikaʻi loa, ʻo ia ka hoʻokuʻu ʻana i ka nexus.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------
A inā hewa kekahi mea, pau ka hana
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
ʻO ka hopena, hoʻokahi wale nō koho i koe. A i ʻole e holoi i kēia mana a hoʻolaha paha.
Ma hope o ka hoʻokuʻu ʻana, ma hope o kekahi manawa, e komo nā mea waiwai
ma waho
He hōʻike ia iaʻu e kuhikuhi ana ʻo Maven i nā waihona waihona lehulehu.
Pono wau e hoʻouka i robots.txt no ka mea ua kuhikuhi ʻo ia i kaʻu waihona kahiko.
He papahana hoʻokaʻawale kahi e hiki ai iā ʻoe ke hoʻokō i kekahi mau hana CI no ka hoʻouka ʻana i nā mea kiʻi i nā waihona lehulehu no nā ʻōlelo hoʻomohala like ʻole.
Hoʻokaʻawale ʻia ka papahana hoʻolaha mai ka hoʻopilikia ʻana i waho a hiki ke hoʻololi wale ʻia e nā mea hoʻohana me nā kuleana Owner a Maintainer.
ʻO kahi Runner Kūikawā ʻokoʻa me kahi huna huna "wela" e holo wale i nā hana.
Paʻi ʻia o nā mana paʻi kiʻi/hoʻokuʻu i loko o kahi waihona lehulehu.
E nānā ʻakomi i ka mana hoʻokuʻu no ka mākaukau no ka hoʻolaha ʻana ma ke kikowaena maven.
Ka pale ʻana i ka paʻi ʻakomi ʻana o nā mana "raw" ma ke kikowaena maven.
E kūkulu a hoʻolaha i nā mana snapshot "ma ke kaomi".
Hoʻokahi waihona no ka loaʻa ʻana o nā mana snapshot/hoʻokuʻu.
ʻO ka pipeline maʻamau no ke kūkulu ʻana / hoʻāʻo / paʻi ʻana i kahi papahana java.
ʻO ka hoʻonohonoho ʻana iā GitLab CI ʻaʻole ia he kumuhana paʻakikī e like me ka mea i ʻike mua ʻia. Ua lawa ka hoʻonohonoho ʻana iā CI ma ke kumu turnkey i ʻelua mau manawa, a i kēia manawa ua mamao ʻoe mai kahi amateur i kēia mea. Eia kekahi, ʻoi aku ka nui o nā palapala GitLab. Mai makaʻu i ka hana mua. Aia ke ala ma lalo o nā ʻanuʻu o ke kanaka e hele ana (ʻaʻole wau e hoʻomanaʻo i ka mea nāna i ʻōlelo :)
E hauʻoli wau i ka manaʻo.
Ma ka ʻatikala aʻe, e hōʻike wau iā ʻoe pehea e hoʻonohonoho ai iā GitLab CI e holo i nā hana hoʻāʻo hoʻohui me ka hoʻokūkū (holo i nā lawelawe hoʻāʻo me ka docker-compose) inā he hoʻokahi wale nō mea hoʻokūkū shell.