ProHoster > Blog > Pulega > Faʻatulagaina GitLab CI e tuʻuina atu se poloketi java i le maven central
Faʻatulagaina GitLab CI e tuʻuina atu se poloketi java i le maven central
O lenei tusiga e faʻamoemoe mo tagata atinaʻe java e manaʻomia le vave faʻasalalau a latou oloa i sonatype ma / poʻo maven faleoloa tutotonu e faʻaaoga ai GitLab. I lenei tusiga, o le a ou talanoa e uiga i le setiina o le gitlab-runner, gitlab-ci ma le maven-plugin e foia ai lenei faafitauli.
Mea e manaʻomia:
Teuga saogalemu o mvn ma GPG ki.
Saogalemu le faatinoina o galuega a le lautele o le CI.
Tu'u i luga mea fa'apitoa (fa'asa'oloto/ata) i fale teuoloa lautele.
Siaki otometi o fa'asalalauga fa'asalalauga mo fa'asalalauga i le maven central.
O se fofo lautele mo le tuʻuina atu o mea taua i se fale teu oloa mo le tele o galuega faatino.
O se faʻamatalaga auiliili o le masini mo le lolomiina o mea taua i Maven Central e ala i le Sonatype OSS Repository Hosting Service ua uma ona faʻamatalaina i totonu. lenei tusiga tagata faʻaaoga Googolplex, o lea o le a ou faasino i lenei tusiga i nofoaga saʻo.
mua'i resitala ile Sonatype JIRA ma amata se pepa ulufale e tatala ai le fale teu oloa (mo nisi faʻamatalaga, faitau le vaega Fausia se pepa Sonatype JIRA). A maeʻa ona tatalaina le fale teu oloa, o le JIRA login / password pair (o loʻo taʻua mulimuli ane o le Sonatype account) o le a faʻaaogaina e faʻapipiʻi ai mea i le Sonatype nexus.
E le gata i lea, o le faagasologa o le fausiaina o se ki GPG o loʻo faʻamatalaina matua mago. Va'ai le vaega mo nisi fa'amatalaga. Fa'atulagaina le GnuPG e Saini Mea Fa'atino
Afai o loʻo e faʻaogaina le Linux console e faʻatupu ai se GPG key (gnupg/gnupg2), ona e manaʻomia lea e faʻapipiʻi. rng-meafaigaluega e gaosia ai le entropy. A leai, o le fa'atupuina autu e mafai ona umi se taimi.
Muamua lava, e tatau ona e fatuina ma faʻapipiʻi se poloketi lea o le a teuina ai le paipa mo le faʻapipiʻiina o mea taua. Sa ou taʻua laʻu galuega faatino faigofie ma le lavelave - faʻapipiʻi
A maeʻa ona fatuina le fale teu oloa, e te manaʻomia le faʻatapulaʻaina o avanoa e sui ai le fale teu oloa.
Alu i le poloketi -> Faʻatonu -> Faʻamaumauga -> Lala Puipuia. Matou te tape uma tulafono ma faʻaopoopo se tulafono e tasi ma Wildcard * ma le aia tatau e tulei ma tuʻufaʻatasia mo naʻo tagata faʻaoga e iai le matafaioi a le Tausi. O lenei tulafono o le a aoga mo tagata uma o loʻo faʻaogaina lenei poloketi ma le vaega o loʻo iai lenei poloketi.
Afai e tele tagata tausi, o le fofo sili o le faʻatapulaʻaina o avanoa i le poloketi i le mataupu faavae.
Alu i le poloketi -> Faʻatonu -> Lautele -> Vaʻaia, foliga o galuega, faʻatagaga ma seti le vaʻaia o le Poloketi i patino.
E i ai la'u poloketi i avanoa lautele, talu ai ou te faʻaaogaina laʻu lava GitLab Runner ma naʻo aʻu e mafai ona faʻaoga e sui le fale teu oloa. Ia, o le mea moni e le o se mea ou te fiafia i ai le faʻaalia o faʻamatalaga patino i ogalaau paipa lautele.
Faʻamauina tulafono mo le suia o le fale teu oloa
Alu i le poloketi -> Faʻatonu -> Faʻamaumauga -> Push Rules ma seti fuʻa faʻatapulaʻaina Committer, Siaki pe o le tusitala o se tagata GitLab. Ou te fautuaina foi le seti faia saini, ma seti le Fu'a Te'ena e le'i sainia.
Le isi, e tatau ona e faʻatulagaina se faʻaoso e faʻatino galuega
Alu i le poloketi -> Seti -> CI / CD -> Pipeline faʻaosoina ma fatuina se faʻailoga fou
O lenei faʻailoga e mafai ona vave faʻaopoopo i le faʻatulagaga lautele o fesuiaiga mo se vaega o galuega faatino.
Alu i le vaega -> Faʻatonu -> CI / CD -> Faʻaliliuga ma faʻaopopo se fesuiaiga DEPLOY_TOKEN fa'atasi ai ma fa'ailoga fa'ailoga i le tau.
O lenei vaega o loʻo faʻamatalaina ai le faʻatulagaina mo le faʻatinoina o galuega i luga o le faʻaogaina o le tagata taʻavale (Faʻapitoa) ma tagata lautele (Faʻasoa).
Tamomo'e fa'apitoa
Ou te faʻaaogaina aʻu lava tagata tamoʻe, aua o le mea muamua e faigofie, vave, taugofie.
Mo le tagata tamo'e ou te fautuaina le Linux VDS ma le 1 PPU, 2 GB RAM, 20 GB HDD. Fa'amatalaga tau ~ 3000₽ i le tausaga.
O lo'u tamo'e
Mo le tagata tamo'e na ou ave VDS 4 CPU, 4 GB RAM, 50 GB SSD. E tau ~11000₽ ma e le'i salamō lava.
E 7 a'u masini. 5 i le aruba ma le 2 i le ihor.
O lea la, e iai le matou tagata tamoʻe. O lea o le a matou setiina.
Matou te alu i le masini e ala i le SSH ma faʻapipiʻi java, git, maven, gnupg2.
Fausia se lisi mo le maven cache ma tuʻuina atu aia tatau a vaega runner
E mafai ona e fa'ase'e le la'asaga lea pe afai e te le'o fuafua e ta'avale ni tagata tamo'e se tele i le masini e tasi.
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
Siaki ua lesitala le tagata tamo'e. Alu i le gitlab.com -> deploy-project -> Seti -> CI/CD -> Runners -> Fa'apitoa Taufetuli -> Tagata tamo'e fa'agaoioia mo lenei poloketi
Matou te fatuina se ki e ala i le taliina o fesili. Sa ou faaaogaina lo'u lava igoa ma le imeli.
Ia mautinoa e faʻamaonia le upu faʻamaonia mo le ki. O mea taulima o le a sainia i lenei ki.
gpg --gen-key
Siakiina
gpg --list-keys -a
/home/gitlab-deployer/.gnupg/pubring.gpg
----------------------------------------
pub 4096R/00000000 2019-04-19
uid Petruha Petrov <[email protected]>
sub 4096R/11111111 2019-04-19
Tu'u atu a matou ki fa'alaua'itele i le keyserver
gpg --keyserver keys.gnupg.net --send-key 00000000
gpg: sending key 00000000 to hkp server keys.gnupg.net
Matou te alu i lalo o le tagata faʻaoga gitlab-deployer
su gitlab-deployer
Fausia se maven directory fale teu oloa ma feso'ota'i ma le fa'aoga (aua ne'i sese)
O lenei laasaga e mafai ona faase'e pe afai e te le o fuafua e tamomoe ni tagata tamo'e i luga o le masini e tasi.
Faʻaopoopo le faila .gitlab-ci.yml i le aʻa o le galuega faʻapipiʻi
O lo'o tu'uina mai e le fa'amaumauga ni galuega fa'atino e lua. Tamomo'e Fa'apitoa po'o Fa'asoa Fa'atasi.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
I galuega java e tatau ona tuʻuina atu i faleoloa lautele, e tatau ona e faʻaopoopoina 2 laasaga e sii mai ai le Faʻasalalauga ma le Snapshot versions.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
I lenei fofo, na ou alu i luma ma filifili e faʻaaoga se tasi CI template mo galuega java.
Faʻamatalaga auiliili
Sa ou faia se galuega faatino ese gitlab-ci lea na ia tuʻuina ai le mamanu CI mo poloketi java masani.yml.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>
Afai ei ai sau module e leai se java (mo se faʻataʻitaʻiga naʻo punaoa)
Pe e te le manaʻo e faʻatupu le javadoc i le mataupu faavae, ona fesoasoani lea maven-jar-plugin
Afai ei ai sau poloketi e tele-module, ma e te le manaʻomia le tuʻuina atu o se module faʻapitoa i le fale teu oloa, ona e manaʻomia lea e faʻaopoopo i le pom.xml o lenei module nexus-staging-maven-plugin ma le fu'a skipNexusStagingDeployMojo
A mae'a ona tu'uina atu fa'amatalaga ata/fa'asa'oloto e maua i totonu fale teu oloa
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>
Fa'aopoopo atili
O se lisi mauoa tele o sini mo le galulue faatasi ma le nexus repository (mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin).
Siaki fa'amatu'u otometi mo le la'uina i totonu o le maven central
Pe a seti le pine, o le galuega tutusa i le galuega faʻapipiʻi e otometi lava ona faʻaosoina e faʻapipiʻi le faʻasalalauga faʻasalalauga i nexus (faataitaiga).
O le vaega pito sili ona lelei o le fa'amuta lata mai e otometi lava ona fa'aoso i le nexus.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------
Ma afai ei ai se mea na faaletonu, o le a le manuia le galuega
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
O le taunuuga, e na o le tasi lava le filifiliga e totoe. Pe tape lenei lomiga pe lolomi.
A maeʻa le faʻamalolo, a maeʻa sina taimi, o mea faʻapitoa o le a i totonu
ototonu
O se faaaliga ia te au le faavasegaina e le maven isi faleteuoloa lautele.
Sa tatau ona ou lafoina le robots.txt ona sa faasino igoa i la'u fale teu oloa tuai.
Ose galuega fa'apipi'i tu'ufa'atasi e mafai ai ona e fa'atinoina ni galuega CI mo le fa'auluina o meafaitino i faleteuoloa mo le tele o gagana tau atina'e.
O le galuega fa'atino e tu'ufua mai fa'alavelave mai fafo ma e na'o tagata fa'aoga e iai le matafaioi a le Pule ma le Tausia.
Ose Fa'atauva'a Fa'apitoa fa'atasi ma se fa'aoga "vevela" e fa'atino ai na'o galuega fa'atino.
Fa'asalalauga o fa'amatalaga ata/fa'asa'oloto i totonu o se faleteuoloa lautele.
Siaki otometi le lomiga fa'asa'olotoga mo le fa'asalalauina i le maven central.
Puipuiga mai le lolomiina otometi o lomiga "mata" ile maven central.
Fausia ma faʻasalalau faʻamatalaga ata "i luga ole kiliki".
Fa'ato'aga ta'itasi mo le mauaina o fa'amatalaga ata/fa'asalalau.
Pipa lautele mo le fausiaina / su'ega / lolomiina o se poloketi java.
O le setiina o le GitLab CI e le faigata tele o se autu e pei ona foliga mai i le tepa muamua. Ua lava le faʻatulagaina o le CI i luga o le turnkey i ni nai taimi, ma o lea ua e mamao ese mai se amateur i lenei mataupu. E le gata i lea, o faʻamaumauga a GitLab e tele naua. Aua e te fefe e fai le laasaga muamua. E aliali mai le auala i lalo o faasitepu o le tagata e savali (Ou te le manatua po o ai na fai mai :)
O le a ou fiafia e tali atu.
I le isi tala, o le a ou faʻaali atu ia te oe le faʻatulagaina o le GitLab CI e faʻatautaia galuega faʻataʻitaʻiga faʻatasi ma le faʻatauvaʻa (faʻataʻitaʻiina auaunaga faʻataʻitaʻiga ma le docker-compose) pe a na o le tasi le atigi tamoʻe.