ProHoster > Блог > Whakahaerenga > Te whakatu GitLab CI ki te tuku i tetahi kaupapa java ki te maven central
Te whakatu GitLab CI ki te tuku i tetahi kaupapa java ki te maven central
Ko tenei tuhinga mo nga kaiwhakawhanake java e hiahia ana ki te whakaputa tere i o raatau hua ki te sonatype me/ranei maven pokapū putunga ma te whakamahi i a GitLab. I roto i tenei tuhinga ka korero ahau mo te whakarite i te gitlab-runner, gitlab-ci me te maven-plugin hei whakaoti i tenei raru.
Nga whakaritenga:
Pupuri haumaru o mvn me nga taviri GPG.
Te mahi haumaru o nga mahi CI a te iwi.
Te tuku i nga taonga toi (whakaputa/whakaahua) ki nga whare pupuri a te iwi.
Te tirotiro aunoa i nga putanga tuku mo te whakaputanga ki te pokapū maven.
He otinga whanui mo te tuku i nga taonga toi ki te putunga mo nga kaupapa maha.
He whakamaarama taipitopito mo te tikanga mo te whakaputa taonga ki Maven Central ma te Sonatype OSS Repository Hosting Service kua korerohia i roto i tenei tuhinga kaiwhakamahi Ko te Googolplex, no reira ka korero ahau ki tenei tuhinga i nga waahi tika.
Rēhita-mua mo Sonatype JIRA me te whakatuwhera i tetahi tikiti hei whakatuwhera i te putunga (panuihia te waahanga mo etahi atu korero Waihangatia he tikiti mo Sonatype JIRA). Whai muri i te whakatuwheratanga o te putunga, ka whakamahia te takirua takiuru/kupuhipa mai i te JIRA (ka kiia i muri nei ko te kaute Sonatype) ki te tuku i nga taonga toi ki te Sonatype nexus.
Mena ka whakamahi koe i te papatohu Linux ki te whakaputa i te kī GPG (gnupg/gnupg2), katahi koe me whakauru. rng-taputapu ki te whakaputa entropy. Ki te kore, ka roa pea te whakatipuranga matua.
Tuatahi, me hanga me te whirihora i tetahi kaupapa e penapena ai te paipa mo te tuku taonga. I whakaingoatia e ahau taku kaupapa he ngawari me te ngawari - whakato
I muri i te hanga i te putunga, me whakatiki te uru ki te huri i te putunga.
Haere ki te kaupapa -> Tautuhinga -> Repository -> Peka Tiaki. Ka mukua e matou nga ture katoa ka taapirihia he ture kotahi me te Wildcard * me te mana ki te pana me te hanumi mo nga kaiwhakamahi anake kei a raatau te mahi a te Kaipupuri. Ka whai hua tenei ture mo nga kaiwhakamahi katoa o tenei kaupapa me te roopu no ratou tenei kaupapa.
Mena he maha nga kaitiaki, ko te otinga pai ko te whakawhāiti i te uru ki te kaupapa i runga i te maapono.
Haere ki te kaupapa -> Tautuhinga -> Whānui -> Te Tirohanga, nga ahuatanga kaupapa, nga whakaaetanga me te tautuhi i te tirohanga Kaupapa ki Private.
He kaupapa e taea ana e te iwi whanui taku mahi, na te mea ka whakamahi ahau i taku ake GitLab Runner a ko au anake te uru ki te huri i te putunga. Ae, ko te tikanga, ehara i taku hiahia ki te whakaatu korero motuhake i roto i nga raarangi paipa a te iwi.
Te whakamau i nga ture mo te whakarereke i te putunga
Haere ki te kaupapa -> Tautuhinga -> Repository -> Ture Pana me te whakarite i te aukati Kaituku, Tirohia mehemea he haki kaiwhakamahi GitLab te kaituhi. Ka tūtohu ano ahau ki te whakarite tuku hainatanga, ka tautuhi i te haki Whakakahoretia te hainatanga.
Whai muri ka hiahia koe ki te whirihora i tetahi keu hei whakarewa i nga mahi
Haere ki te kaupapa -> Tautuhinga -> CI / CD -> Pipeline triggers me te hanga i tetahi tohu-tohu hou
Ka taea te taapiri tonu tenei tohu ki te whirihoranga whanui o nga taurangi mo te roopu kaupapa.
Haere ki te roopu -> Tautuhinga -> CI / CD -> Taurangi me te taapiri i tetahi taurangi DEPLOY_TOKEN me te tohu keu i roto i te uara.
Ko tenei waahanga e whakaatu ana i te whirihoranga mo te whakahaere i nga mahi i runga i te tohatoha ma te whakamahi i a koe ake (Tauwhāiti) me te iwi whanui (Tirihia).
Runner motuhake
Ka whakamahi ahau i aku ake oma na te mea, tuatahi, he watea, he tere, he iti.
Mo te kaiwhaiwhai, ka tūtohu ahau he Linux VDS me te 1 PTM, 2 GB RAM, 20 GB HDD. Ko te utu tuku he ~3000₽ ia tau.
Taku omaoma
Mo te kaikawe ka mau ahau i te VDS 4 CPU, 4 GB RAM, 50 GB SSD. Utu ~11000₽ a kore rawa i pouri.
E 7 katoa aku mihini. 5 ki te aruba me te 2 ki te ihor.
No reira he kaiwhaiwhai taatau. Inaianei ka whirihora e matou.
Ka haere matou ki te miihini ma te SSH ka whakauru i te java, git, maven, gnupg2.
Waihangahia he whaiaronga mo te keteroki maven ka tautapa i nga whakaaetanga roopu runner
Ka taea e koe te peke i tenei waahi ki te kore koe e whakaaro ki te whakahaere i etahi oma i runga i te miihini kotahi.
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
Ka tirohia e matou kua rehitatia te kaiwhai. Haere ki te paetukutuku gitlab.com -> deploy-project -> Tautuhinga -> CI/CD -> Runners -> Runners Specific -> Runners activated for this project
Ka hangaia e matou he matua ma te whakautu i nga paatai. I whakamahia e au taku ake ingoa me taku imeera.
Me whakapūtā te kupuhipa mō te kī. Ka hainatia nga taonga me tenei ki.
gpg --gen-key
Arowhai
gpg --list-keys -a
/home/gitlab-deployer/.gnupg/pubring.gpg
----------------------------------------
pub 4096R/00000000 2019-04-19
uid Petruha Petrov <[email protected]>
sub 4096R/11111111 2019-04-19
Te tuku ake i to maatau matua ki te tūmau matua
gpg --keyserver keys.gnupg.net --send-key 00000000
gpg: sending key 00000000 to hkp server keys.gnupg.net
Waihangahia he whaiaronga maven rehitatanga me te hono ki te keteroki (kaua e pohehe)
Ka taea e koe te peke i tenei waahi ki te kore koe e whakaaro ki te whakahaere i etahi oma i runga i te miihini kotahi.
Ka hangaia e matou he Dockerfile tino ngawari ki te whakahaere i nga mahi toha me te putanga e hiahiatia ana o Java. Kei raro nei he tauira mo te alpine.
FROM java:8u111-jdk-alpine
RUN apk add gnupg maven git --update-cache
--repository http://dl-4.alpinelinux.org/alpine/edge/community/ --allow-untrusted &&
mkdir ~/.m2/
Tāpirihia te kōnae .gitlab-ci.yml ki te putake o te kaupapa tohatoha
Ko te tuhinga e whakaatu ana i nga mahi tohatoha e rua. Runner Tauwhāiti, Runner tiritahi ranei.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
I roto i nga kaupapa java e tika ana kia tukuna atu ki nga whare putunga a te iwi, me taapiri e koe kia 2 nga waahanga hei tango i nga putanga Tuku me te Whakaahua.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
I roto i tenei otinga, i haere ahau i etahi atu ka whakatau ahau ki te whakamahi i tetahi tauira CI mo nga kaupapa java.
Nga taipitopito atu
I hanga e ahau he kaupapa motuhake gitlab-ci i whakanohoia e ahau he tauira CI mo nga kaupapa java noa.yml.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>
Mēnā he kōwae tāu kāore he java (hei tauira ko ngā rauemi anake)
Kaore ranei koe e hiahia ki te whakaputa javadoc i runga i te kaupapa, ka awhina maven-jar-plugin
Mēnā he kaupapa kōwae-maha koe, ā, kāore koe e hiahia ki te tuku ake i tētahi kōwae motuhake ki te putunga, me tāpiri koe nexus-staging-maven-plugin me te haki skipNexusStagingDeployMojo
Whai muri i te tango, ka waatea nga waahanga whakaahua/tuku whare putunga
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>
Ētahi atu taapiri
He rarangi tino whai kiko o nga whaainga mo te mahi me te rehitatanga hono (mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin).
Ina whakauruhia he tohu, ko te mahi e rite ana i roto i te kaupapa tohatoha ka whakaoho aunoa ki te tango i te putanga tuku ki te nohonga (tauira).
Ko te waahanga pai rawa atu ko te tukunga tata ka puta aunoa i roto i te nohonga.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------
A, ki te he tetahi mea, ka tino kore te mahi
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
Ko te mutunga mai, kotahi noa te whiringa ka toe. Mukua tenei putanga ka whakaputa ranei.
I muri i te tukunga, i muri i etahi wa ka uru nga taonga
o waho
He kitenga ki ahau ko te maven e tohu ana i etahi atu whare putunga a te iwi.
Me taapiri e au te robots.txt na te mea i tohuhia taku putunga tawhito.
He kaupapa tohatoha motuhake ka taea e koe te whakatinana i nga mahi CI maha mo te tuku i nga taonga toi ki nga whare pupuri a te iwi mo nga momo reo whanaketanga.
Ko te kaupapa Deploy he mokemoke mai i te wawaotanga o waho, ka taea anake te whakarereke e nga kaiwhakamahi me nga turanga Kaipupuri me te Kaipupuri.
He Kaiwhaiwhai Motuhake me te keteroki "wera" hei whakahaere i nga mahi tuku noa.
Te whakaputa i nga waahanga whakaahua/tuku i roto i te putunga putunga whanui.
Tirohanga aunoa o te putanga tuku mo te reri mo te whakaputanga i te maven central.
Parenga ki te whakaputa aunoa o nga putanga "mata" ki te maven central.
Hanga me te whakaputa i nga putanga whakaahua "ma te paato".
He putunga kotahi mo te tiki whakaahua whakaahua/tuku putanga.
Raina paipa mo te hanga/whakamatautau/whakaputa i tetahi kaupapa java.
Ko te whakarite i te GitLab CI ehara i te mea uaua te kaupapa penei i te titiro tuatahi. He nui noa ki te whakatu CI i runga i te kaupapa turnkey i nga wa e rua, a inaianei kei tawhiti atu koe i te runaruna mo tenei kaupapa. Ano, ko nga tuhinga a GitLab he nui noa atu. Kaua e wehi ki te tango i te taahiraa tuatahi. Ka puta te huarahi i raro i nga hikoinga o te tangata e hikoi ana (kare au e mahara na wai i korero :)
Ka koa ahau ki te whiwhi urupare.
I roto i te tuhinga e whai ake nei ka korero ahau me pehea te whirihora i a GitLab CI ki te whakahaere i nga mahi me nga whakamatautau whakaurunga whakataetae (te whakahaere i nga ratonga i raro i te whakamatautau ma te whakamahi i te docker-compose) mena he kotahi noa te kaikawe anga.