Ichi chinyorwa chakagadzirirwa vanogadzira java vane chido chekukurumidza kuburitsa zvigadzirwa zvavo mu sonatype uye/kana maven central repositories vachishandisa GitLab. Muchikamu chino ini ndichataura nezve kumisikidza gitlab-runner, gitlab-ci uye maven-plugin kugadzirisa dambudziko iri.
Zvinotarisirwa:
- Chengetedza kuchengetedza kwemvn uye GPG makiyi.
- Chengetedza kuitwa kweruzhinji CI mabasa.
- Kuisa zviwanikwa (kuburitswa/snapshot) kunzvimbo dzinochengeterwa veruzhinji.
- Kutarisa otomatiki kweshanduro dzakaburitswa kuti dzibudiswe mu maven central.
- Mhinduro yakajairika yekurodha zvigadzirwa kune repository yemapurojekiti akawanda.
- Nyore uye nyore kushandisa.
Zviri mukati
General information Kumisikidza chirongwa chekuendesa muGitLab GitLab Runner GitLab CI Pom.xml kugadzirisa mugumisiro mhedziso
General information
- Tsanangudzo yakadzama yemaitiro ekuburitsa zvigadzirwa muMaven Central kuburikidza neSonatype OSS Repository Hosting Service yakatotsanangurwa mu.
chinyorwa ichi mushandisigoogleplex , saka ini ndichanongedzera kuchinyorwa ichi munzvimbo dzakakodzera. - Pre-register for
Sonatype JIRA uye vhura tikiti rekuvhura repository (verenga chikamu kuti uwane rumwe ruzivoGadzira tikiti paSonatype JIRA ) Mushure mekuvhura repository, iyo yekupinda/password mbiri kubva kuJIRA (inozonzi iyo Sonatype account) ichashandiswa kurodha zvigadzirwa kuSonatype nexus. - Tevere, maitiro ekugadzira kiyi yeGPG anotsanangurwa zvakaomarara. Ona chikamu kuti uwane rumwe ruzivo
Kugadzirisa GnuPG kusaina zvigadzirwa - Kana iwe ukashandisa iyo Linux koni kugadzira kiyi yeGPG (gnupg/gnupg2), saka unofanirwa kuisa.
rng-zvishandiso kugadzira entropy. Zvikasadaro, chizvarwa chakakosha chinogona kutora nguva yakareba kwazvo. - Kuchengeta mabasa paruzhinji GPG makiyi
http://keys.gnupg.net http://pool.sks-keyservers.net http://keyserver.ubuntu.com
Kumisikidza chirongwa chekuendesa muGitLab
- Chekutanga pane zvese, iwe unofanirwa kugadzira uye kugadzirisa purojekiti umo iyo pombi ichachengeterwa kuendesa zvigadzirwa. Ndakatumidza chirongwa changu zviri nyore uye zvisina kuoma -
deploy - Mushure mekugadzira iyo repository, iwe unofanirwa kudzora kupinda kwekuchinja repository.
Enda kupurojekiti -> Zvirongwa -> Repository -> Mapazi Akachengetedzwa. Isu tinodzima mitemo yese uye tinowedzera mutemo mumwechete neWildcard * ine kodzero yekusundira uye kusanganisa chete kune vashandisi vane basa reMaintainers. Mutemo uyu uchashanda kune vese vashandisi vezvose zviri zviviri chirongwa ichi neboka rine chirongwa ichi.
- Kana paine vachengeti vakati wandei, saka mhinduro yakanakisa ingave yekudzikamisa kuwana purojekiti musimboti.
Enda kupurojekiti -> Zvirongwa -> Zvakawanda -> Kuonekwa, maficha epurojekiti, mvumo uye kuseta kuoneka kweProjekiti ku Private.
Ndine purojekiti inowanikwa neruzhinji, sezvo ini ndichishandisa yangu yangu GitLab Runner uye ini chete ndinokwanisa kushandura repository. Zvakanaka, chaizvo, hazvisi mune zvandinofarira kuratidza ruzivo rwepachivande mumapaipi eruzhinji. - Kusimbisa mitemo yekushandura repository
Enda kupurojekiti -> Zvirongwa -> Repository -> Push Mitemo uye isa iyo Committer kurambidzwa, Tarisa kuti munyori ari GitLab mushandisi mireza. Ndinokurudzirawo kugadzirisakuita siginecha , uye isa Ramba isina kusaina anoita mureza. - Tevere iwe unofanirwa kugadzirisa chinokonzeresa kuti utange mabasa
Enda kupurojekiti -> Zvirongwa -> CI / CD -> Pipeline zvinokonzeresa uye gadzira nyowani inokonzeresa-chiratidzo
Ichi chiratidzo chinogona kuwedzerwa nekukurumidza kune yakajairwa gadziriso yezvakasiyana zveboka remapurojekiti.
Enda kuboka -> Zvirongwa -> CI / CD -> Variables uye wedzera shandukoDEPLOY_TOKEN
ine trigger-token in value.
GitLab Runner
Ichi chikamu chinotsanangura magadzirirwo ekuita mabasa pa deploy uchishandisa yako (Yakananga) uye yeruzhinji (Yakagovaniswa) mumhanyi.
Specific Runner
Ini ndinoshandisa zvangu vamhanyi nekuti, chekutanga pane zvese, zviri nyore, nekukurumidza, uye zvakachipa.
Kune mumhanyi, ini ndinokurudzira Linux VDS ine 1 CPU, 2 GB RAM, 20 GB HDD. Mutengo wenyaya i~3000₽ pagore.
Mumhanyi wangu
Kune mumhanyi ndakatora VDS 4 CPU, 4 GB RAM, 50 GB SSD. Mutengo ~11000₽ uye handina kumbozvidemba.
Ndine 7 michini yese. 5 paaruba uye 2 paihor.
Saka tine mumhanyi. Iye zvino tichazvigadzirisa.
Isu tinoenda kumuchina kuburikidza neSSH uye kuisa java, git, maven, gnupg2.
Kuisa gitlab mumhanyi
- Gadzira boka idzva
runner
sudo groupadd runner
- Gadzira dhairekitori ye maven cache uye ipa mvumo yeboka
runner
Unogona kusvetuka pfungwa iyi kana usingaronge kumhanya vamhanyi vakati wandei pamushini mumwe.mkdir -p /usr/cache/.m2/repository chown -R :runner /usr/cache chmod -R 770 /usr/cache
- Gadzira mushandisi
gitlab-deployer
uye wedzera kubokarunner
useradd -m -d /home/gitlab-deployer gitlab-deployer usermod -a -G runner gitlab-deployer
- Wedzera kufaira
/etc/ssh/sshd_config
mutsara unoteveraAllowUsers root@* [email protected]
- Reboot
sshd
systemctl restart sshd
- Kuisa password yemushandisi
gitlab-deployer
(zvinogona kuve nyore, sezvo paine chinorambidzwa localhost)passwd gitlab-deployer
- Isa GitLab Runner (Linux x86-64)
sudo wget -O /usr/local/bin/gitlab-runner https://gitlab-runner-downloads.s3.amazonaws.com/latest/binaries/gitlab-runner-linux-amd64 sudo chmod +x /usr/local/bin/gitlab-runner ln -s /usr/local/bin/gitlab-runner /etc/alternatives/gitlab-runner ln -s /etc/alternatives/gitlab-runner /usr/bin/gitlab-runner
- Enda kune webhusaiti gitlab.com -> deploy-project -> Settings -> CI/CD -> Runners -> Specific Runners uye kopira chiratidzo chekunyoresa.
Sikirini
- Kunyoresa mumhanyi
gitlab-runner register --config /etc/gitlab-runner/gitlab-deployer-config.toml
gadzira
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
- Tinotarisa kuti mumhanyi akanyoreswa. Enda kune webhusaiti gitlab.com -> deploy-project -> Settings -> CI/CD -> Runners -> Specific Runners -> Vanomhanya vakagadzirirwa chirongwa ichi
Sikirini
- Wedzera kuparadzanisa sevhisi
/etc/systemd/system/gitlab-deployer.service
[Unit] Description=GitLab Deploy Runner After=syslog.target network.target ConditionFileIsExecutable=/usr/local/bin/gitlab-runner [Service] StartLimitInterval=5 StartLimitBurst=10 ExecStart=/usr/local/bin/gitlab-runner "run" "--working-directory" "/home/gitlab-deployer" "--config" "/etc/gitlab-runner/gitlab-deployer-config.toml" "--service" "gitlab-deployer" "--syslog" "--user" "gitlab-deployer" Restart=always RestartSec=120 [Install] WantedBy=multi-user.target
- Ngatitangei sevhisi.
systemctl enable gitlab-deployer.service systemctl start gitlab-deployer.service systemctl status gitlab-deployer.service
- Tinotarisa kuti mumhanyi arikumhanya.
Muenzaniso:
Kugadzira makiyi eGPG
- Kubva pamushini mumwe chete isu tinopinda kuburikidza ne ssh pasi pemushandisi
gitlab-deployer
(izvi zvakakosha pakugadzira kiyi yeGPG)ssh [email protected]
- Isu tinogadzira kiyi nekupindura mibvunzo. Ndakashandisa zita rangu uye email.
Iva nechokwadi chekutsanangura password yekiyi. Zvigadzirwa zvichasainwa nekiyi iyi.gpg --gen-key
- Kuongorora
gpg --list-keys -a /home/gitlab-deployer/.gnupg/pubring.gpg ---------------------------------------- pub 4096R/00000000 2019-04-19 uid Petruha Petrov <[email protected]> sub 4096R/11111111 2019-04-19
- Kuisa kiyi yedu yeruzhinji kune kiyi server
gpg --keyserver keys.gnupg.net --send-key 00000000 gpg: sending key 00000000 to hkp server keys.gnupg.net
Kugadzira Maven
- Login semushandisi
gitlab-deployer
su gitlab-deployer
- Gadzira maven directory repository uye batanidza kune cache (usaite chikanganiso)
Unogona kusvetuka pfungwa iyi kana usingaronge kumhanya vamhanyi vakati wandei pamushini mumwe.mkdir -p ~/.m2/repository ln -s /usr/cache/.m2/repository /home/gitlab-deployer/.m2/repository
- Gadzira kiyi huru
mvn --encrypt-master-password password {hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}
- Gadzira faira ~/.m2/settings-security.xml
<settingsSecurity> <master>{hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}</master> </settingsSecurity>
- Kunyorera password yeiyo Sonatype account
mvn --encrypt-password SONATYPE_PASSWORD {98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}
- Gadzira faira ~/.m2/settings.xml
<settings> <profiles> <profile> <id>env</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.passphrase>GPG_SECRET_KEY_PASSPHRASE</gpg.passphrase> </properties> </profile> </profiles> <servers> <server> <id>sonatype</id> <username>SONATYPE_USERNAME</username> <password>{98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}</password> </server> </servers> </settings>
kupi,
GPG_SECRET_KEY_PASSPHRASE - password yekiyi yeGPG
SONATYPE_USERNAME - sonatype account login
Izvi zvinopedzisa kuseta kweanomhanya, unogona kuenderera kune chikamu
Shared Runner
Kugadzira makiyi eGPG
- Chekutanga pane zvese, iwe unofanirwa kugadzira kiyi yeGPG. Kuti uite izvi, isa gnupg.
yum install -y gnupg
- Isu tinogadzira kiyi nekupindura mibvunzo. Ndakashandisa zita rangu uye email. Iva nechokwadi chekutsanangura password yekiyi.
gpg --gen-key
- Kuratidza ruzivo pakiyi
gpg --list-keys -a pub rsa3072 2019-04-24 [SC] [expires: 2021-04-23] 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 uid [ultimate] tttemp <[email protected]> sub rsa3072 2019-04-24 [E] [expires: none]
- Kuisa kiyi yedu yeruzhinji kune kiyi server
gpg --keyserver keys.gnupg.net --send-key 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 gpg: sending key 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 to hkp server keys.gnupg.net
- Tinowana kiyi yakavanzika
gpg --export-secret-keys --armor 2D0D1706366FC4AEF79669E24D09C55BBA3FD728 -----BEGIN PGP PRIVATE KEY BLOCK----- lQWGBFzAqp8BDADN41CPwJ/gQwiKEbyA902DKw/WSB1AvZQvV/ZFV77xGeG4K7k5 ... =2Wd2 -----END PGP PRIVATE KEY BLOCK-----
- Enda kune zvigadziriso zveprojekiti -> Zvirongwa -> CI / CD -> Zvinosiyana uye chengetedza kiyi yakavanzika mune inosiyana.
GPG_SECRET_KEY
Kugadzira Maven
- Gadzira kiyi huru
mvn --encrypt-master-password password {hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}
- Enda kune zvigadziriso zvepurojekiti -> Zvirongwa -> CI / CD -> Variables uye chengeta mune inosiyana
SETTINGS_SECURITY_XML
mitsara inotevera:<settingsSecurity> <master>{hnkle5BJ9HUHUMP+CXfGBl8dScfFci/mpsur/73tR2I=}</master> </settingsSecurity>
- Kunyorera password yeiyo Sonatype account
mvn --encrypt-password SONATYPE_PASSWORD {98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}
- Enda kune zvigadziriso zvepurojekiti -> Zvirongwa -> CI / CD -> Variables uye chengeta mune inosiyana
SETTINGS_XML
mitsara inotevera:<settings> <profiles> <profile> <id>env</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.passphrase>GPG_SECRET_KEY_PASSPHRASE</gpg.passphrase> </properties> </profile> </profiles> <servers> <server> <id>sonatype</id> <username>sonatype_username</username> <password>{98Wv5+u+Tn0HX2z5G/kR4R8Z0WBgcDBgi7d12S/un+SCU7uxzaZGGmJ8Cu9pAZ2J}</password> </server> </servers> </settings>
kupi,
GPG_SECRET_KEY_PASSPHRASE - password yekiyi yeGPG
SONATYPE_USERNAME - sonatype account login
Shandisa docker mufananidzo
- Isu tinogadzira yakapusa Dockerfile kuti imhanye deploy mabasa neinodiwa vhezheni yeJava. Pazasi pane muenzaniso wealpine.
FROM java:8u111-jdk-alpine RUN apk add gnupg maven git --update-cache --repository http://dl-4.alpinelinux.org/alpine/edge/community/ --allow-untrusted && mkdir ~/.m2/
- Kuunganidza mudziyo weprojekiti yako
docker build -t registry.gitlab.com/group/deploy .
- Isu tinotendesa uye tinoisa mudziyo muregistry.
docker login -u USER -p PASSWORD registry.gitlab.com docker push registry.gitlab.com/group/deploy
GitLab CI
Deploy project
Wedzera iyo .gitlab-ci.yml faira kumudzi weiyo deploy project
Iyo script inopa maviri akasarudzika ekutumira mabasa. Specific Runner kana Shared Runner zvakateerana.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
Java project
Mumapurojekiti ejava anofanirwa kukwikwidzwa kune veruzhinji repositori, iwe unofanirwa kuwedzera 2 nhanho kudhawunirodha Release uye Snapshot shanduro.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
Mumhinduro iyi, ndakaenda mberi zvishoma uye ndakafunga kushandisa imwe CI template yemapurojekiti ejava.
More details
Ndakagadzira purojekiti yakasiyana
common.yml
stages:
- build
- test
- verify
- deploy
variables:
SONAR_ARGS: "
-Dsonar.gitlab.commit_sha=${CI_COMMIT_SHA}
-Dsonar.gitlab.ref_name=${CI_COMMIT_REF_NAME}
"
.build_java_project:
stage: build
tags:
- touchbit-shell
variables:
SKIP_TEST: "false"
script:
- mvn clean
- mvn package -DskipTests=${SKIP_TEST}
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.build_sphinx_doc:
stage: build
tags:
- touchbit-shell
variables:
DOCKERFILE: .indirect/docs/Dockerfile
script:
- docker build --no-cache -t ${CI_PROJECT_NAME}/doc -f ${DOCKERFILE} .
.junit_module_test_run:
stage: test
tags:
- touchbit-shell
variables:
MODULE: ""
script:
- cd ${MODULE}
- mvn test
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.junit_test_run:
stage: test
tags:
- touchbit-shell
script:
- mvn test
artifacts:
when: always
expire_in: 30 day
paths:
- "*/target/reports"
.sonar_review:
stage: verify
tags:
- touchbit-shell
dependencies: []
script:
- >
if [ "$CI_BUILD_REF_NAME" == "master" ]; then
mvn compile sonar:sonar -Dsonar.login=$SONAR_LOGIN $SONAR_ARGS
else
mvn compile sonar:sonar -Dsonar.login=$SONAR_LOGIN $SONAR_ARGS -Dsonar.analysis.mode=preview
fi
.trigger_deploy:
stage: deploy
tags:
- touchbit-shell
variables:
URL: "https://gitlab.com/api/v4/projects/10345765/trigger/pipeline"
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
.trigger_release_deploy:
extends: .trigger_deploy
only:
- tags
.trigger_snapshot_deploy:
extends: .trigger_deploy
when: manual
except:
- tags
Nekuda kweizvozvo, mumapurojekiti ejava pachawo, .gitlab-ci.yml inotaridzika zvakanyanya uye kwete verbose
.gitlab-ci.yml
include: https://gitlab.com/TouchBIT/gitlab-ci/raw/master/common.yml
Shields4J:
extends: .build_java_project
Sphinx doc:
extends: .build_sphinx_doc
variables:
DOCKERFILE: .docs/Dockerfile
Sonar review:
extends: .sonar_review
dependencies:
- Shields4J
Release:
extends: .trigger_release_deploy
Snapshot:
extends: .trigger_snapshot_deploy
Pom.xml kugadzirisa
Nyaya iyi inotsanangurwa zvakadzama. nexus-staging-maven-plugin
kana usingade kana usingakwanise kushandisa org.sonatype.oss:oss-mubereki semubereki pachirongwa chako.
maven-install-plugin
Inoisa mamodule mudura renzvimbo.
Inobatsira kwazvo kuonesa kwenzvimbo kwemhinduro mune mamwe mapurojekiti, pamwe necheki.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-install-plugin</artifactId>
<executions>
<execution>
<id>install-project</id>
<!-- Если у вас многомодульный проект с деплоем родительского помика -->
<phase>install</phase>
<!-- Явно указываем файлы для локальной установки -->
<configuration>
<file>target/${project.artifactId}-${project.version}.jar</file>
```target/${project.artifactId}-${project.version}-sources.jar</sources>
<pomFile>dependency-reduced-pom.xml</pomFile>
<!-- Принудительное обновление метаданных проекта -->
<updateReleaseInfo>true</updateReleaseInfo>
<!-- Контрольные суммы для проверки целостности -->
<createChecksum>true</createChecksum>
</configuration>
</execution>
</executions>
</plugin>
maven-javadoc-plugin
Kugadzira javadoc yeprojekti.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>
Kana iwe uine module isina java (semuenzaniso zviwanikwa chete)
Kana kuti haudi kugadzira javadoc musimboti, wobva wabatsira maven-jar-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jar-plugin</artifactId>
<executions>
<execution>
<id>empty-javadoc-jar</id>
<phase>generate-resources</phase>
<goals>
<goal>jar</goal>
</goals>
<configuration>
<classifier>javadoc</classifier>
<classesDirectory>${basedir}/javadoc</classesDirectory>
</configuration>
</execution>
</executions>
</plugin>
maven-gpg-plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<!-- Сборка будет падать, если отсутствует GPG ключ -->
<!-- Подписываем артефакты только на фазе deploy -->
<phase>deploy</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
nexus-staging-maven-plugin
Configuration:
<project>
<!-- ... -->
<build>
<plugins>
<!-- ... -->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
</plugin>
</plugins>
<pluginManagement>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<extensions>true</extensions>
<configuration>
<serverId>sonatype</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<!-- Обновляем метаданные, чтобы пометить артефакт как release -->
<!-- Не влияет на snapshot версии -->
<updateReleaseInfo>true</updateReleaseInfo>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<!-- Отключаем плагин -->
<skip>true</skip>
</configuration>
</plugin>
</plugins>
</pluginManagement>
</build>
<distributionManagement>
<snapshotRepository>
<id>sonatype</id>
<name>Nexus Snapshot Repository</name>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>sonatype</id>
<name>Nexus Release Repository</name>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
</project>
Kana iwe uine akawanda-module purojekiti uye iwe usingade kurodha chaiyo module kune repository, saka iwe unofanirwa kuwedzera. nexus-staging-maven-plugin
nemureza skipNexusStagingDeployMojo
<build>
<plugins>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<configuration>
<skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo>
</configuration>
</plugin>
</plugins>
</build>
Mushure mekudhawunirodha, snapshot/release versions inowanikwa mukati
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>
More pluses
- Rondedzero yakapfuma kwazvo yezvinangwa zvekushanda nenexus repository (
mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin
). - Otomatiki kuburitsa cheki yekurodha kune maven central
mugumisiro
Kuburitsa SNAPSHOT vhezheni
Paunenge uchivaka purojekiti, zvinokwanisika kuvhura basa nemaoko kurodha iyo SNAPSHOT vhezheni kune nexus
Kana basa iri rikatangwa, basa rinoenderana muchirongwa chekuendesa rinotanga (
Yakatemwa log
Running with gitlab-runner 11.10.0 (3001a600)
on Deploy runner JSKWyxUw
Using Shell executor...
Running on ih1174328.vds.myihor.ru...
Skipping Git repository setup
Skipping Git checkout
Skipping Git submodules setup
$ rm -rf .* *
$ git config --global credential.helper store
$ echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
$ git clone ${DEPLOY_CI_REPOSITORY_URL} .
Cloning into 'shields4j'...
$ git checkout ${DEPLOY_CI_COMMIT_SHA}
Note: checking out '850f86aa317194395c5387790da1350e437125a7'.
You are in 'detached HEAD' state. You can look around, make experimental
changes and commit them, and you can discard any commits you make in this
state without impacting any branches by performing another checkout.
If you want to create a new branch to retain commits you create, you may
do so (now or later) by using -b with the checkout command again. Example:
git checkout -b new_branch_name
HEAD is now at 850f86a... skip deploy test-core
$ for pom in $(find . -name pom.xml); do # collapsed multi-line command
$ if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then # collapsed multi-line command
[INFO] Scanning for projects...
[INFO] Inspecting build with total of 4 modules...
[INFO] Installing Nexus Staging features:
[INFO] ... total of 4 executions of maven-deploy-plugin replaced with nexus-staging-maven-plugin
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] Shields4J [pom]
[INFO] test-core [jar]
[INFO] Shields4J client [jar]
[INFO] TestNG listener [jar]
[INFO]
[INFO] --------------< org.touchbit.shields4j:shields4j-parent >---------------
[INFO] Building Shields4J 1.0.0 [1/4]
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- versions-maven-plugin:2.5:set (default-cli) @ shields4j-parent ---
[INFO] Searching for local aggregator root...
[INFO] Local aggregation root: /home/gitlab-deployer/JSKWyxUw/0/TouchBIT/deploy/shields4j
[INFO] Processing change of org.touchbit.shields4j:shields4j-parent:1.0.0 -> 1.0.0-SNAPSHOT
[INFO] Processing org.touchbit.shields4j:shields4j-parent
[INFO] Updating project org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:client
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:test-core
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:test-core
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] Processing org.touchbit.shields4j:testng
[INFO] Updating parent org.touchbit.shields4j:shields4j-parent
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:client
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO] Updating dependency org.touchbit.shields4j:test-core
[INFO] from version 1.0.0 to 1.0.0-SNAPSHOT
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 0.992 s]
[INFO] test-core .......................................... SKIPPED
[INFO] Shields4J client ................................... SKIPPED
[INFO] TestNG listener 1.0.0 .............................. SKIPPED
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 2.483 s
[INFO] Finished at: 2019-04-21T02:40:42+03:00
[INFO] ------------------------------------------------------------------------
$ mvn clean deploy -DskipTests=${SKIP_TESTS}
[INFO] Scanning for projects...
[INFO] Inspecting build with total of 4 modules...
[INFO] Installing Nexus Staging features:
[INFO] ... total of 4 executions of maven-deploy-plugin replaced with nexus-staging-maven-plugin
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Build Order:
[INFO]
[INFO] Shields4J [pom]
[INFO] test-core [jar]
[INFO] Shields4J client [jar]
[INFO] TestNG listener [jar]
[INFO]
[INFO] --------------< org.touchbit.shields4j:shields4j-parent >---------------
[INFO] Building Shields4J 1.0.0-SNAPSHOT [1/4]
[INFO] --------------------------------[ pom ]---------------------------------
...
DELETED
...
[INFO] * Bulk deploy of locally gathered snapshot artifacts finished.
[INFO] Remote deploy finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0-SNAPSHOT ........................... SUCCESS [ 2.375 s]
[INFO] test-core .......................................... SUCCESS [ 3.929 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.815 s]
[INFO] TestNG listener 1.0.0-SNAPSHOT ..................... SUCCESS [ 36.134 s]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 47.629 s
[INFO] Finished at: 2019-04-21T02:41:32+03:00
[INFO] ------------------------------------------------------------------------
Nekuda kweizvozvo, iyo vhezheni inoiswa mune nexus
Ese snapshot vhezheni anogona kudzimwa kubva pane repository pane webhusaiti
Kutsikisa shanduro yekuburitsa
Kana tag yaiswa, basa rinoenderana muchirongwa chekuendesa rinobva rakonzeresa kurodha vhezheni yekuburitsa kune nexus (
Chikamu chakanakisa ndechekuti kuburitswa kwepedyo kunokonzeresa otomatiki muNexus.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------
Uye kana chimwe chinhu chikatadza, basa racho richakundikana zvechokwadi
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
Somugumisiro, tinosara nesarudzo imwe chete. Dzima iyi kana kuti ibudise.
Mushure mekusunungurwa, mushure menguva yakati zvigadzirwa zvichange zvapinda
offtopic
Kwaive kuwanikwa kwandiri kuti maven indexes mamwe marepositori eruzhinji.
Ndaifanira kuwedzera marobhoti.txt nekuti yairatidza dura rangu rekare.
mhedziso
Zvatinazvo
- Iyo yakaparadzana yekuendesa purojekiti iyo iwe yaunogona kuita akati wandei eCI mabasa ekurodha zvigadzirwa kumatura eruzhinji emitauro yebudiriro.
- Iyo Deploy purojekiti yakaparadzaniswa nekukanganiswa kwekunze uye inogona chete kuchinjwa nevashandisi vane Muridzi uye Muchengeti mabasa.
- Yakaparadzana Specific Runner ine "inopisa" cache yekumhanyisa chete deploy mabasa.
- Kutsikisa snapshot/kuburitsa shanduro munzvimbo inochengeterwa veruzhinji.
- Cheki otomatiki yeshanduro yekuburitsa kuti igadzirire kuburitswa mu maven central.
- Dziviriro kubva kuotomatiki kuburitswa kwe "mbishi" shanduro mu maven central.
- Vaka uye shambadza snapshot shanduro "pakudzvanya".
- Nzvimbo imwe chete yekuwana snapshot/release versions.
- General pombi yekuvaka / yekuyedza / kuburitsa chirongwa chejava.
Kumisikidza GitLab CI haina kuomarara musoro sezvaunoratidzika pakutanga. Zvakakwana kumisikidza CI pane yekutendeuka-kiyi nguva yakati wandei, uye ikozvino iwe uri kure neamateur mune iyi nyaya. Zvakare, zvinyorwa zveGitLab zvakanyanya kuwanda. Usatya kutora danho rekutanga. Mugwagwa unoonekwa pasi pematanho emunhu anofamba (handiyeuke kuti ndiani akazvitaura :)
Ndichafara kugamuchira mhinduro.
Muchinyorwa chinotevera ini ndichataura nezve maitiro ekugadzirisa GitLab CI kumhanya mabasa nekubatanidza bvunzo nemakwikwi (kumhanyisa masevhisi pasi pekuyedzwa uchishandisa docker-compose) kana uchingove negoko rimwe chete mumhanyi.
Source: www.habr.com