Artikel iki dimaksudaké kanggo pangembang java sing kudu cepet nerbitaké produk ing sonatype lan / utawa repositori pusat maven nggunakake GitLab. Ing artikel iki aku bakal ngomong babagan nyetel gitlab-runner, gitlab-ci lan maven-plugin kanggo ngatasi masalah iki.
Prasyarat:
- Panyimpenan aman tombol mvn lan GPG.
- Aman eksekusi tugas CI umum.
- Ngunggah artefak (rilis / snapshot) menyang repositori umum.
- Priksa otomatis versi rilis kanggo publikasi ing pusat maven.
- Solusi umum kanggo ngunggah artefak menyang gudang kanggo macem-macem proyek.
- Kesederhanaan lan gampang digunakake.
Isi
Alexa Umum
- Katrangan rinci babagan mekanisme kanggo nerbitake artefak ing Maven Central liwat Sonatype OSS Repository Hosting Service wis diterangake ing pangguna , mula aku bakal ngrujuk menyang artikel iki ing panggonan sing bener.
- Pra-registrasi kanggo lan mbukak tiket kanggo mbukak repositori (waca bagean kanggo rincian liyane ). Sawise mbukak repositori, pasangan login / sandhi saka JIRA (sabanjuré diarani akun Sonatype) bakal digunakake kanggo ngunggah artefak menyang Sonatype nexus.
- Sabanjure, proses ngasilake kunci GPG diterangake garing banget. Waca bagean kanggo rincian liyane
- Yen sampeyan nggunakake konsol Linux kanggo ngasilake kunci GPG (gnupg/gnupg2), sampeyan kudu nginstal. kanggo ngasilake entropi. Yen ora, generasi kunci bisa uga butuh wektu sing suwe.
- Layanan panyimpenan umum tombol GPG
Nggawe proyek penyebaran ing GitLab
- Kaping pisanan, sampeyan kudu nggawe lan ngatur proyek ing ngendi pipa bakal disimpen kanggo nyebarake artefak. Aku menehi jeneng proyekku kanthi gampang lan ora rumit -
- Sawise nggawe repositori, sampeyan kudu matesi akses kanggo ngganti repositori.
Pindhah menyang project -> Setelan -> Repositori -> Cabang sing Dilindungi. Kita mbusak kabeh aturan lan nambah aturan siji karo Wildcard * karo hak push lan nggabung mung kanggo pangguna karo peran Maintainers. Aturan iki bakal bisa digunakake kanggo kabeh pangguna proyek iki lan grup sing dadi proyek iki.
- Yen ana sawetara maintainers, banjur solusi sing paling apik bakal kanggo matesi akses menyang project ing asas.
Pindhah menyang proyek -> Setelan -> Umum -> Visibilitas, fitur proyek, ijin lan atur visibilitas Proyek menyang Private.
Aku duwe proyek sing bisa diakses umum, amarga aku nggunakake GitLab Runner dhewe lan mung duwe akses kanggo ngganti repositori. Ya, sejatine, ora ana kepentinganku kanggo nuduhake informasi pribadi ing log pipa umum. - Ngencengi aturan kanggo ngganti repositori
Pindhah menyang proyek -> Setelan -> Repositori -> Aturan Push lan atur watesan Committer, Priksa manawa penulis minangka panji pangguna GitLab. Aku uga nyaranake nyetel , lan setel gendera Tolak sing ora ditandatangani. - Sabanjure sampeyan kudu ngatur pemicu kanggo miwiti tugas
Pindhah menyang proyek -> Setelan -> CI / CD -> Pemicu Pipeline lan gawe token pemicu anyar
Token iki bisa langsung ditambahake menyang konfigurasi umum variabel kanggo klompok proyek.
Pindhah menyang grup -> Setelan -> CI / CD -> Variabel lan tambahake variabelDEPLOY_TOKENkanthi nilai pemicu-token.
GitLab Runner
Bagean iki njlèntrèhaké konfigurasi kanggo mbukak tugas ing penyebaran nggunakake dhewe (Spesifik) lan umum (Dibagi) runner.
Runner Spesifik
Aku nggunakake pelari dhewe amarga, pisanan, trep, cepet, lan murah.
Kanggo runner, Aku menehi saran Linux VDS karo 1 CPU, 2 GB RAM, 20 GB HDD. Rega penerbitan yaiku ~3000₽ saben taun.
pelariku
Kanggo runner aku njupuk VDS 4 CPU, 4 GB RAM, 50 GB SSD. Regane ~11000₽ lan ora tau nyesel.
Aku duwe total 7 mesin. 5 ing aruba lan 2 ing ihor.
Dadi kita duwe pelari. Saiki kita bakal ngatur.
Kita menyang mesin liwat SSH lan nginstal java, git, maven, gnupg2.
Nginstal gitlab runner
- Nggawe grup anyar
runnersudo groupadd runner - Gawe direktori kanggo cache maven lan wenehake ijin grup
runner
Sampeyan bisa ngliwati titik iki yen sampeyan ora rencana kanggo mbukak sawetara balapan mlayu ing siji mesin.mkdir -p /usr/cache/.m2/repository chown -R :runner /usr/cache chmod -R 770 /usr/cache - Nggawe pangguna
gitlab-deployerlan nambah menyang gruprunneruseradd -m -d /home/gitlab-deployer gitlab-deployer usermod -a -G runner gitlab-deployer - Tambah menyang file
/etc/ssh/sshd_configbaris sabanjuréAllowUsers root@* [email protected] - Urip maneh
sshdsystemctl restart sshd - Nyetel sandhi kanggo pangguna
gitlab-deployer(bisa gampang, amarga ana watesan kanggo localhost)passwd gitlab-deployer - Instal GitLab Runner (Linux x86-64)
sudo wget -O /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64 sudo chmod +x /usr/local/bin/gitlab-runner ln -s /usr/local/bin/gitlab-runner /etc/alternatives/gitlab-runner ln -s /etc/alternatives/gitlab-runner /usr/bin/gitlab-runner - Bukak situs web gitlab.com -> deploy-project -> Settings -> CI/CD -> Runners -> Runners Spesifik lan salin token registrasi
Layar
- Ndhaptar pelari
gitlab-runner register --config /etc/gitlab-runner/gitlab-deployer-config.toml
proses
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!- We mriksa sing runner wis kedhaftar. Bukak situs web gitlab.com -> deploy-project -> Settings -> CI/CD -> Runners -> Runners Spesifik -> Runners diaktifake kanggo proyek iki
Layar
- Tambah pisah layanan
/etc/systemd/system/gitlab-deployer.service[Unit] Description=GitLab Deploy Runner After=syslog.target network.target ConditionFileIsExecutable=/usr/local/bin/gitlab-runner [Service] StartLimitInterval=5 StartLimitBurst=10 ExecStart=/usr/local/bin/gitlab-runner "run" "--working-directory" "/home/gitlab-deployer" "--config" "/etc/gitlab-runner/gitlab-deployer-config.toml" "--service" "gitlab-deployer" "--syslog" "--user" "gitlab-deployer" Restart=always RestartSec=120 [Install] WantedBy=multi-user.target - Ayo dadi miwiti layanan.
systemctl enable gitlab-deployer.service systemctl start gitlab-deployer.service systemctl status gitlab-deployer.service - Kita mriksa manawa pelari mlaku.
Conto:
Ngasilake kunci GPG
-
Saka mesin sing padha kita mlebu liwat ssh miturut pangguna
gitlab-deployer(iki penting kanggo ngasilake kunci GPG)ssh [email protected] -
Kita nggawe kunci kanthi mangsuli pitakon. Aku nggunakake jeneng lan email dhewe.
Priksa manawa sampeyan nemtokake sandhi kanggo kunci kasebut. Artefak bakal ditandatangani nganggo kunci iki.gpg --gen-key -
Mriksa
gpg --list-keys -a /home/gitlab-deployer/.gnupg/pubring.gpg ---------------------------------------- pub 4096R/00000000 2019-04-19 uid Petruha Petrov <[email protected]> sub 4096R/11111111 2019-04-19 -
Ngunggah kunci umum kita menyang server kunci
gpg --keyserver keys.gnupg.net --send-key 00000000 gpg: sending key 00000000 to hkp server keys.gnupg.net
Nyetel Maven
- Mlebet minangka pangguna
gitlab-deployersu gitlab-deployer - Nggawe direktori maven repository lan pranala menyang cache (ora salah)
Sampeyan bisa ngliwati titik iki yen sampeyan ora rencana kanggo mbukak sawetara balapan mlayu ing siji mesin.mkdir -p ~/.m2/repository ln -s /usr/cache/.m2/repository /home/gitlab-deployer/.m2/repository - Nggawe kunci master
mvn --encrypt-master-password password {hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=} - Nggawe file ~/.m2/settings-security.xml
<settingsSecurity> <master>{hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}</master> </settingsSecurity> - Enkripsi sandhi kanggo akun Sonatype
mvn --encrypt-password SONATYPE_PASSWORD {98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J} - Nggawe file ~/.m2/settings.xml
<settings> <profiles> <profile> <id>env</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.passphrase>GPG_SECRET_KEY_PASSPHRASE</gpg.passphrase> </properties> </profile> </profiles> <servers> <server> <id>sonatype</id> <username>SONATYPE_USERNAME</username> <password>{98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}</password> </server> </servers> </settings>
ngendi,
GPG_SECRET_KEY_PASSPHRASE - sandi kanggo kunci GPG
SONATYPE_USERNAME — login akun sonatype
Iki ngrampungake persiyapan pelari, sampeyan bisa nerusake menyang bagean kasebut
Babagan Runner
Ngasilake kunci GPG
-
Kaping pisanan, sampeyan kudu nggawe kunci GPG. Kanggo nindakake iki, instal gnupg.
yum install -y gnupg -
Kita nggawe kunci kanthi mangsuli pitakon. Aku nggunakake jeneng lan email dhewe. Priksa manawa sampeyan nemtokake sandhi kanggo kunci kasebut.
gpg --gen-key -
Nampilake informasi ing tombol
gpg --list-keys -a pub rsa3072 2019-04-24 [SC] [expires: 2021-04-23] 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 uid [ultimate] tttemp <[email protected]> sub rsa3072 2019-04-24 [E] [expires: none] -
Ngunggah kunci umum kita menyang server kunci
gpg --keyserver keys.gnupg.net --send-key 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 gpg: sending key 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 to hkp server keys.gnupg.net -
Kita entuk kunci pribadi
gpg --export-secret-keys --armor 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 -----BEGIN PGP PRIVATE KEY BLOCK----- lQWGBFzAqp8BDADN41CPwJ/gQwiKEbyA902DKw/WSB1AvZQvV/ZFV77xGeG4K7k5 ... =2Wd2 -----END PGP PRIVATE KEY BLOCK----- -
Pindhah menyang setelan proyek -> Setelan -> CI / CD -> Variabel lan simpen kunci pribadi ing variabel
GPG_SECRET_KEY
Nyetel Maven
- Nggawe kunci master
mvn --encrypt-master-password password {hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=} - Pindhah menyang setelan proyek -> Setelan -> CI / CD -> Variabel lan simpen ing variabel
SETTINGS_SECURITY_XMLbaris ing ngisor iki:<settingsSecurity> <master>{hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}</master> </settingsSecurity> - Enkripsi sandhi kanggo akun Sonatype
mvn --encrypt-password SONATYPE_PASSWORD {98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J} - Pindhah menyang setelan proyek -> Setelan -> CI / CD -> Variabel lan simpen ing variabel
SETTINGS_XMLbaris ing ngisor iki:<settings> <profiles> <profile> <id>env</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.passphrase>GPG_SECRET_KEY_PASSPHRASE</gpg.passphrase> </properties> </profile> </profiles> <servers> <server> <id>sonatype</id> <username>sonatype_username</username> <password>{98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}</password> </server> </servers> </settings>
ngendi,
GPG_SECRET_KEY_PASSPHRASE - sandi kanggo kunci GPG
SONATYPE_USERNAME — login akun sonatype
Pasang gambar docker
-
Kita nggawe Dockerfile sing cukup prasaja kanggo mbukak tugas penyebaran kanthi versi Java sing dibutuhake. Ing ngisor iki minangka conto kanggo alpine.
FROM java:8u111-jdk-alpine RUN apk add gnupg maven git --update-cache --repository http://dl-4.alpinelinux.org/alpine/edge/community/ --allow-untrusted && mkdir ~/.m2/ -
Ngrakit wadhah kanggo proyek sampeyan
docker build -t registry.gitlab.com/group/deploy . -
We otentikasi lan mbukak wadhah menyang pendaptaran.
docker login -u USER -p PASSWORD registry.gitlab.com docker push registry.gitlab.com/group/deploy
GitLab CI
Deploy project
Tambah file .gitlab-ci.yml kanggo ROOT saka project nyebarke
Skrip kasebut nyedhiyakake rong tugas panyebaran sing eksklusif. Runner Spesifik utawa Runner Shared.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
proyek Jawa
Ing proyek java sing mesthine bakal diunggah menyang repositori umum, sampeyan kudu nambah 2 langkah kanggo ngundhuh versi Rilis lan Snapshot.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}Ing solusi iki, Aku lunga sethitik luwih lan mutusaké kanggo nggunakake siji cithakan CI kanggo proyèk java.
Rincian liyane
Aku nggawe proyek sing kapisah ing ngendi aku nyelehake cithakan CI kanggo proyek java .
umum.yml
stages:
- build
- test
- verify
- deploy
variables:
SONAR_ARGS: "
-Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA}
-Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}
"
.build_java_project:
stage: build
tags:
- touchbit-shell
variables:
SKIP_TEST: "false"
script:
- mvn clean
- mvn package -DskipTests=${SKIP_TEST}
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.build_sphinx_doc:
stage: build
tags:
- touchbit-shell
variables:
DOCKERFILE: .indirect/docs/Dockerfile
script:
- docker build --no-cache -t ${CI_PROJECT_NAME}/doc -f ${DOCKERFILE} .
.junit_module_test_run:
stage: test
tags:
- touchbit-shell
variables:
MODULE: ""
script:
- cd ${MODULE}
- mvn test
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.junit_test_run:
stage: test
tags:
- touchbit-shell
script:
- mvn test
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.sonar_review:
stage: verify
tags:
- touchbit-shell
dependencies: []
script:
- >
if [ "$CI_BUILD_REF_NAME" == "master" ]; then
mvn compile sonar:sonar -Dsonar.login=$SONAR_LOGIN $SONAR_ARGS
else
mvn compile sonar:sonar -Dsonar.login=$SONAR_LOGIN $SONAR_ARGS -Dsonar.analysis.mode=preview
fi
.trigger_deploy:
stage: deploy
tags:
- touchbit-shell
variables:
URL: "https://gitlab.com/api/v4/projects/10345765/trigger/pipeline"
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
.trigger_release_deploy:
extends: .trigger_deploy
only:
- tags
.trigger_snapshot_deploy:
extends: .trigger_deploy
when: manual
except:
- tags
Akibaté, ing proyèk java dhewe, .gitlab-ci.yml katon banget kompak lan ora verbose.
.gitlab-ci.yml
include: https://gitlab.com/TouchBIT/gitlab-ci/raw/master/common.yml
Shields4J:
extends: .build_java_project
Sphinx doc:
extends: .build_sphinx_doc
variables:
DOCKERFILE: .docs/Dockerfile
Sonar review:
extends: .sonar_review
dependencies:
- Shields4J
Release:
extends: .trigger_release_deploy
Snapshot:
extends: .trigger_snapshot_deploy
Konfigurasi Pom.xml
Topik iki diterangake kanthi rinci. в , mula aku bakal nerangake sawetara nuansa nggunakake plugin. Aku uga bakal njlèntrèhaké carane gampang lan anteng sampeyan bisa nggunakake nexus-staging-maven-pluginyen sampeyan ora pengin utawa ora bisa nggunakake org.sonatype.oss:oss-parent minangka wong tuwa kanggo proyek sampeyan.
maven-instal-plugin
Nginstal modul menyang repositori lokal.
Banget migunani kanggo verifikasi lokal solusi ing proyek liyane, uga checksum.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-install-plugin</artifactId>
<executions>
<execution>
<id>install-project</id>
<!-- Если у вас многомодульный проект с деплоем родительского помика -->
<phase>install</phase>
<!-- Явно указываем файлы для локальной установки -->
<configuration>
<file>target/${project.artifactId}-${project.version}.jar</file>
```target/${project.artifactId}-${project.version}-sources.jar</sources>
<pomFile>dependency-reduced-pom.xml</pomFile>
<!-- Принудительное обновление метаданных проекта -->
<updateReleaseInfo>true</updateReleaseInfo>
<!-- Контрольные суммы для проверки целостности -->
<createChecksum>true</createChecksum>
</configuration>
</execution>
</executions>
</plugin>
maven-javadoc-plugin
Ngasilake javadoc kanggo proyek kasebut.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>Yen sampeyan duwe modul sing ora ngemot java (umpamane mung sumber daya)
Utawa sampeyan ora pengin generate javadoc ing asas, banjur bantuan maven-jar-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<executions>
<execution>
<id>empty-javadoc-jar</id>
<phase>generate-resources</phase>
<goals>
<goal>jar</goal>
</goals>
<configuration>
<classifier>javadoc</classifier>
<classesDirectory>${basedir}/javadoc</classesDirectory>
</configuration>
</execution>
</executions>
</plugin>
maven-gpg-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<!-- Сборка будет падать, если отсутствует GPG ключ -->
<!-- Подписываем артефакты только на фазе deploy -->
<phase>deploy</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
nexus-staging-maven-plugin
Konfigurasi:
<project>
<!-- ... -->
<build>
<plugins>
<!-- ... -->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
</plugin>
</plugins>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<extensions>true</extensions>
<configuration>
<serverId>sonatype</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<!-- Обновляем метаданные, чтобы пометить артефакт как release -->
<!-- Не влияет на snapshot версии -->
<updateReleaseInfo>true</updateReleaseInfo>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<!-- Отключаем плагин -->
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<distributionManagement>
<snapshotRepository>
<id>sonatype</id>
<name>Nexus Snapshot Repository</name>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>sonatype</id>
<name>Nexus Release Repository</name>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
</project>Yen sampeyan duwe proyek multi-modul lan sampeyan ora perlu ngunggah modul tartamtu menyang repositori, sampeyan kudu nambah nexus-staging-maven-plugin karo gendera skipNexusStagingDeployMojo
<build>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<configuration>
<skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo>
</configuration>
</plugin>
</plugins>
</build>Sawise diundhuh, versi snapshot/rilis kasedhiya ing
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>plus liyane
- Dhaptar tujuan sing sugih banget kanggo nggarap repositori nexus (
mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin). - Priksa release otomatis kanggo ngunggah menyang pusat maven
asil
Penerbitan versi SNAPSHOT
Nalika mbangun proyek, sampeyan bisa mbukak tugas kanthi manual kanggo ngundhuh versi SNAPSHOT menyang nexus
Nalika tugas iki diluncurake, tugas sing cocog ing proyek penyebaran bakal dipicu ().
Log sing dipotong
Running with gitlab-runner 11.10.0 (3001a600)
on Deploy runner JSKWyxUw
Using Shell executor...
Running on ih1174328.vds.myihor.ru...
Skipping Git repository setup
Skipping Git checkout
Skipping Git submodules setup
$ rm -rf .* *
$ git config --global credential.helper store
$ echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
$ git clone ${DEPLOY_CI_REPOSITORY_URL} .
Cloning into 'shields4j'...
$ git checkout ${DEPLOY_CI_COMMIT_SHA}
Note: checking out '850f86aa317194395c5387790da1350e437125a7'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b new_branch_name
HEAD is now at 850f86a... skip deploy test-core
$ for pom in $(find . -name pom.xml); do # collapsed multi-line command
$ if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then # collapsed multi-line command
[INFO] Scanning for projects...
[INFO] Inspecting build with total of 4 modules...
[INFO] Installing Nexus Staging features:
[INFO] ... total of 4 executions of maven-deploy-plugin replaced with nexus-staging-maven-plugin
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] Shields4J [pom]
[INFO] test-core [jar]
[INFO] Shields4J client [jar]
[INFO] TestNG listener [jar]
[INFO]
[INFO] --------------< org.touchbit.shields4j:shields4j-parent >---------------
[INFO] Building Shields4J 1.0.0 [1/4]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- versions-maven-plugin:2.5:set (default-cli) @ shields4j-parent ---
[INFO] Searching for local aggregator root...
[INFO] Local aggregation root: /home/gitlab-deployer/JSKWyxUw/0/TouchBIT/deploy/shields4j
[INFO] Processing change of org.touchbit.shields4j:shields4j-parent:1.0.0 -> 1.0.0-SNAPSHOT
[INFO] Processing org.touchbit.shields4j:shields4j-parent
[INFO] Updating project org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:client
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:test-core
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:test-core
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:testng
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:client
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:test-core
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 0.992 s]
[INFO] test-core .......................................... SKIPPED
[INFO] Shields4J client ................................... SKIPPED
[INFO] TestNG listener 1.0.0 .............................. SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 2.483 s
[INFO] Finished at: 2019-04-21T02:40:42+03:00
[INFO] ------------------------------------------------------------------------
$ mvn clean deploy -DskipTests=${SKIP_TESTS}
[INFO] Scanning for projects...
[INFO] Inspecting build with total of 4 modules...
[INFO] Installing Nexus Staging features:
[INFO] ... total of 4 executions of maven-deploy-plugin replaced with nexus-staging-maven-plugin
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] Shields4J [pom]
[INFO] test-core [jar]
[INFO] Shields4J client [jar]
[INFO] TestNG listener [jar]
[INFO]
[INFO] --------------< org.touchbit.shields4j:shields4j-parent >---------------
[INFO] Building Shields4J 1.0.0-SNAPSHOT [1/4]
[INFO] --------------------------------[ pom ]---------------------------------
...
DELETED
...
[INFO] * Bulk deploy of locally gathered snapshot artifacts finished.
[INFO] Remote deploy finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0-SNAPSHOT ........................... SUCCESS [ 2.375 s]
[INFO] test-core .......................................... SUCCESS [ 3.929 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.815 s]
[INFO] TestNG listener 1.0.0-SNAPSHOT ..................... SUCCESS [ 36.134 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 47.629 s
[INFO] Finished at: 2019-04-21T02:41:32+03:00
[INFO] ------------------------------------------------------------------------Akibaté, versi dimuat menyang nexus .
Kabeh versi snapshot bisa dibusak saka repositori ing situs web ing akun sampeyan.
Nerbitake versi rilis
Nalika tag diinstal, tugas sing cocog ing proyek nyebarake kanthi otomatis micu kanggo ndownload versi rilis menyang nexus ().
Sisih paling apik yaiku rilis cedhak kanthi otomatis dipicu ing nexus.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------Lan yen ana sing salah, tugas kasebut mesthi bakal gagal
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------Akibaté, kita mung duwe siji pilihan. Mbusak versi iki utawa nerbitake.
Sawise diluncurake, sawise sawetara wektu artefak bakal mlebu
offtopic
Iki minangka panemuan kanggo aku manawa maven ngindeks repositori umum liyane.
Aku kudu nambah robots.txt amarga ngindeks repositori lawasku.
kesimpulan
Apa kita duwe
- Proyèk penyebaran kapisah ing ngendi sampeyan bisa ngleksanakake sawetara tugas CI kanggo ngunggah artefak menyang repositori umum kanggo macem-macem basa pangembangan.
- Proyek Deploy diisolasi saka gangguan njaba lan mung bisa diganti dening pangguna sing nduweni peran Pemilik lan Penyelenggara.
- Runner Spesifik sing kapisah kanthi cache "panas" kanggo mbukak mung tugas.
- Nerbitake versi snapshot/rilis ing repositori umum.
- Priksa otomatis versi release kanggo siyap kanggo publikasi ing tengah maven.
- Perlindhungan marang publikasi otomatis versi "mentah" ing pusat maven.
- Gawe lan nerbitake versi snapshot "on klik".
- Repositori siji kanggo entuk versi snapshot / rilis.
- Pipa umum kanggo mbangun / nguji / nerbitake proyek java.
Nyiyapake GitLab CI ora kaya topik sing rumit kaya sing katon sepisanan. Cukup kanggo nyiyapake CI ing basis turnkey kaping pindho, lan saiki sampeyan adoh saka amatir ing perkara iki. Kajaba iku, dokumentasi GitLab akeh banget. Aja wedi njupuk langkah pisanan. Dalan katon ing ngisor undhak-undhakan wong sing mlaku (aku ora kelingan sing ngomong :)
Aku bakal seneng nampa umpan balik.
Ing artikel sabanjure aku bakal ngomong babagan carane ngatur GitLab CI kanggo mbukak tugas kanthi tes integrasi kanthi kompetitif (nglakokake layanan sing diuji nggunakake docker-compose) yen sampeyan mung duwe siji pelari cangkang.
Source: www.habr.com