ProHoster > Блог > Isakoso > Ṣiṣeto GitLab CI lati gbejade iṣẹ akanṣe java kan si maven aringbungbun
Ṣiṣeto GitLab CI lati gbejade iṣẹ akanṣe java kan si maven aringbungbun
Nkan yii jẹ ipinnu fun awọn olupilẹṣẹ Java ti o nilo lati ṣe atẹjade awọn ọja wọn ni iyara ni sonatype ati/tabi awọn ibi ipamọ aarin maven ni lilo GitLab. Ninu nkan yii Emi yoo sọrọ nipa siseto gitlab-runner, gitlab-ci ati maven-plugin lati yanju iṣoro yii.
Awọn ibeere ṣaaju:
Ibi ipamọ to ni aabo ti mvn ati awọn bọtini GPG.
Ni aabo ipaniyan ti gbangba CI awọn iṣẹ-ṣiṣe.
Ikojọpọ awọn ohun-ọṣọ (itusilẹ/fọto) si awọn ibi ipamọ ti gbogbo eniyan.
Ṣiṣayẹwo aifọwọyi ti awọn ẹya itusilẹ fun titẹjade ni aringbungbun maven.
Ojutu gbogbogbo fun ikojọpọ awọn ohun-ọṣọ si ibi ipamọ fun awọn iṣẹ akanṣe lọpọlọpọ.
Apejuwe alaye ti ẹrọ fun titẹjade awọn ohun-ọṣọ ni Maven Central nipasẹ Sonatype OSS Iṣẹ alejo gbigba ibi ipamọ ti tẹlẹ ti ṣe apejuwe ninu Arokọ yi olumulo Gogolplex, nitorina Emi yoo tọka si nkan yii ni awọn aaye to tọ.
Kọkọ-forukọsilẹ fun Sonatype JIRA ati ṣii tikẹti lati ṣii ibi ipamọ (ka apakan fun awọn alaye diẹ sii Ṣẹda a tiketi on Sonatype JIRA). Lẹhin ṣiṣi ibi ipamọ naa, iwọle/ọrọ igbaniwọle bata lati JIRA (eyiti a tọka si bi akọọlẹ Sonatype) yoo ṣee lo lati gbe awọn ohun-ọṣọ si Sonatype nexus.
Ti o ba lo console Linux lati ṣe ina bọtini GPG kan (gnupg/gnupg2), lẹhinna o nilo lati fi sii rng-irinṣẹ lati se ina entropy. Bibẹẹkọ, iran bọtini le gba akoko pipẹ pupọ.
Ni akọkọ, o nilo lati ṣẹda ati tunto iṣẹ akanṣe ninu eyiti opo gigun ti epo yoo wa ni ipamọ fun gbigbe awọn ohun-ọṣọ. Mo pe iṣẹ akanṣe mi ni irọrun ati lainidi - ranṣẹ
Lẹhin ṣiṣẹda ibi ipamọ, o nilo lati ni ihamọ iwọle lati yi ibi-ipamọ pada.
Lọ si iṣẹ akanṣe -> Eto -> Ibi ipamọ -> Awọn ẹka aabo. A pa gbogbo awọn ofin rẹ ati ṣafikun ofin kan pẹlu Wildcard * pẹlu ẹtọ lati Titari ati dapọ nikan fun awọn olumulo pẹlu ipa Olutọju. Ofin yii yoo ṣiṣẹ fun gbogbo awọn olumulo ti iṣẹ akanṣe yii ati ẹgbẹ ti iṣẹ akanṣe yii jẹ.
Ti ọpọlọpọ awọn olutọju ba wa, lẹhinna ojutu ti o dara julọ yoo jẹ lati ṣe idinwo wiwọle si iṣẹ naa ni opo.
Lọ si iṣẹ akanṣe -> Eto -> Gbogbogbo -> Hihan, awọn ẹya akanṣe, awọn igbanilaaye ati ṣeto hihan Project si ikọkọ.
Mo ni iṣẹ akanṣe ti o wa ni gbangba, nitori Mo lo GitLab Runner ti ara mi ati pe Mo nikan ni aye lati yi ibi ipamọ naa pada. O dara, ni otitọ, kii ṣe ninu awọn ifẹ mi lati ṣafihan alaye ikọkọ ni awọn iwe opo gigun ti epo gbogbogbo.
Tighting awọn ofin fun iyipada ibi ipamọ
Lọ si iṣẹ akanṣe naa -> Eto -> Ibi ipamọ -> Awọn ofin Titari ati ṣeto ihamọ olupilẹṣẹ, Ṣayẹwo boya onkọwe jẹ awọn asia olumulo GitLab. Mo tun ṣeduro iṣeto dá Ibuwọlu, ki o si ṣeto awọn Kọ unsigned dá asia.
Nigbamii o nilo lati tunto okunfa kan lati ṣe ifilọlẹ awọn iṣẹ-ṣiṣe
Lọ si ise agbese -> Eto -> CI / CD -> Pipeline okunfa ati ki o ṣẹda titun kan okunfa-àmi
Aami yii le ṣe afikun lẹsẹkẹsẹ si iṣeto gbogbogbo ti awọn oniyipada fun ẹgbẹ kan ti awọn iṣẹ akanṣe.
Lọ si ẹgbẹ -> Eto -> CI / CD -> Awọn oniyipada ati ṣafikun oniyipada kan DEPLOY_TOKEN pẹlu okunfa-àmi ni iye.
Yi apakan apejuwe awọn iṣeto ni fun ṣiṣe awọn iṣẹ-ṣiṣe lori ran awọn lilo ti ara rẹ (Pato) ati gbangba (Pin) Isare.
Olusare pato
Mo lo awọn asare ti ara mi nitori, ni akọkọ, o rọrun, yara, ati olowo poku.
Fun olusare, Mo ṣeduro Linux VDS pẹlu 1 Sipiyu, 2 GB Ramu, 20 GB HDD. Iye idiyele jẹ ~ 3000 ₽ fun ọdun kan.
Isare mi
Fun olusare ni mo mu VDS 4 Sipiyu, 4 GB Ramu, 50 GB SSD. Iye owo ~ 11000₽ ati pe ko kabamọ rara.
Mo ni lapapọ 7 ero. 5 pa aruba og 2 pa ihor.
Nitorina a ni olusare. Bayi a yoo tunto rẹ.
A lọ si ẹrọ nipasẹ SSH ati fi Java, git, maven, gnupg2 sori ẹrọ.
Runtime platform arch=amd64 os=linux pid=17594 revision=3001a600 version=11.10.0
Running in system-mode.
Please enter the gitlab-ci coordinator URL (e.g. https://gitlab.com/):
https://gitlab.com/
Please enter the gitlab-ci token for this runner:
REGISTRATION_TOKEN
Please enter the gitlab-ci description for this runner:
[ih1174328.vds.myihor.ru]: Deploy Runner
Please enter the gitlab-ci tags for this runner (comma separated):
deploy
Registering runner... succeeded runner=ZvKdjJhx
Please enter the executor: docker-ssh, parallels, virtualbox, docker-ssh+machine, kubernetes, docker, ssh, docker+machine, shell:
shell
Runner registered successfully. Feel free to start it, but if it's running already the config should be automatically reloaded!
A ṣayẹwo pe olusare ti forukọsilẹ. Lọ si oju opo wẹẹbu gitlab.com -> deploy-project -> Eto -> CI/CD -> Awọn asare -> Awọn asare pato -> Awọn asare ṣiṣẹ fun iṣẹ akanṣe yii
Iboju
Fi kun lọtọ iṣẹ /etc/systemd/system/gitlab-deployer.service
A ṣe ipilẹṣẹ bọtini kan nipa didahun awọn ibeere. Mo lo orukọ ti ara mi ati imeeli.
Rii daju lati pato ọrọ igbaniwọle fun bọtini naa. Awọn ohun-ọṣọ yoo wa ni fowo si pẹlu bọtini yii.
gpg --gen-key
Ṣiṣayẹwo
gpg --list-keys -a
/home/gitlab-deployer/.gnupg/pubring.gpg
----------------------------------------
pub 4096R/00000000 2019-04-19
uid Petruha Petrov <[email protected]>
sub 4096R/11111111 2019-04-19
Ikojọpọ bọtini gbogbo eniyan si olupin bọtini
gpg --keyserver keys.gnupg.net --send-key 00000000
gpg: sending key 00000000 to hkp server keys.gnupg.net
Ṣafikun faili .gitlab-ci.yml si gbongbo iṣẹ akanṣe naa
Awọn iwe afọwọkọ iloju meji iyasoto imuṣiṣẹ awọn iṣẹ-ṣiṣe. Olusare pato tabi Pipin Isare lẹsẹsẹ.
.gitlab-ci.yml
stages:
- deploy
Specific Runner:
extends: .java_deploy_template
# Задача будет выполняться на вашем shell-раннере
tags:
- deploy
Shared Runner:
extends: .java_deploy_template
# Задача будет выполняться на публичном docker-раннере
tags:
- docker
# Образ из раздела GitLab Runner -> Shared Runner -> Docker
image: registry.gitlab.com/group/deploy-project:latest
before_script:
# Импортируем GPG ключ
- printf "${GPG_SECRET_KEY}" | gpg --batch --import
# Сохраняем maven конфигурацию
- printf "${SETTINGS_SECURITY_XML}" > ~/.m2/settings-security.xml
- printf "${SETTINGS_XML}" > ~/.m2/settings.xml
.java_deploy_template:
stage: deploy
# Задача сработает по триггеру, если передана переменная DEPLOY со значением java
only:
variables:
- $DEPLOY == "java"
variables:
# отключаем клонирование текущего проекта
GIT_STRATEGY: none
script:
# Предоставляем возможность хранения пароля в незашифрованном виде
- git config --global credential.helper store
# Сохраняем временные креды пользователя gitlab-ci-token
# Токен работает для всех публичных проектов gitlab.com и для проектов группы
- echo "https://gitlab-ci-token:${CI_JOB_TOKEN}@gitlab.com" >> ~/.git-credentials
# Полностью чистим текущую директорию
- rm -rf .* *
# Клонируем проект который, будем деплоить в Sonatype Nexus
- git clone ${DEPLOY_CI_REPOSITORY_URL} .
# Переключаемся на нужный коммит
- git checkout ${DEPLOY_CI_COMMIT_SHA} -f
# Если хоть один pom.xml содержит параметр autoReleaseAfterClose валим сборку.
# В противном случае есть риск залить сырые артефакты в maven central
- >
for pom in $(find . -name pom.xml); do
if [[ $(grep -q autoReleaseAfterClose "$pom" && echo $?) == 0 ]]; then
echo "File $pom contains prohibited setting: <autoReleaseAfterClose>";
exit 1;
fi;
done
# Если параметр DEPLOY_CI_COMMIT_TAG пустой, то принудительно ставим SNAPSHOT-версию
- >
if [[ "${DEPLOY_CI_COMMIT_TAG}" != "" ]]; then
mvn versions:set -DnewVersion=${DEPLOY_CI_COMMIT_TAG}
else
VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive exec:exec)
if [[ "${VERSION}" == *-SNAPSHOT ]]; then
mvn versions:set -DnewVersion=${VERSION}
else
mvn versions:set -DnewVersion=${VERSION}-SNAPSHOT
fi
fi
# Запускаем задачу на сборку и деплой артефактов
- mvn clean deploy -DskipTests=true
Ninu awọn iṣẹ akanṣe Java ti o yẹ ki o gbejade si awọn ibi ipamọ gbogbo eniyan, o nilo lati ṣafikun awọn igbesẹ meji lati ṣe igbasilẹ awọn ẹya Tu silẹ ati fọtoyiya.
.gitlab-ci.yml
stages:
- build
- test
- verify
- deploy
<...>
Release:
extends: .trigger_deploy
# Запускать задачу только пo тегу.
only:
- tags
Snapshot:
extends: .trigger_deploy
# Запускаем задачу на публикацию SNAPSHOT версии вручную
when: manual
# Не запускать задачу, если проставлен тег.
except:
- tags
.trigger_deploy:
stage: deploy
variables:
# Отключаем клонирование текущего проекта
GIT_STRATEGY: none
# Ссылка на триггер deploy-задачи
URL: "https://gitlab.com/api/v4/projects/<deploy project ID>/trigger/pipeline"
# Переменные deploy-задачи
POST_DATA: "
token=${DEPLOY_TOKEN}&
ref=master&
variables[DEPLOY]=${DEPLOY}&
variables[DEPLOY_CI_REPOSITORY_URL]=${CI_REPOSITORY_URL}&
variables[DEPLOY_CI_PROJECT_NAME]=${CI_PROJECT_NAME}&
variables[DEPLOY_CI_COMMIT_SHA]=${CI_COMMIT_SHA}&
variables[DEPLOY_CI_COMMIT_TAG]=${CI_COMMIT_TAG}
"
script:
# Не использую cURL, так как с флагами --fail --show-error
# он не выводит тело ответа, если HTTP код 400 и более
- wget --content-on-error -qO- ${URL} --post-data ${POST_DATA}
Ni ojutu yii, Mo lọ siwaju diẹ ati pinnu lati lo awoṣe CI kan fun awọn iṣẹ akanṣe Java.
Alaye diẹ sii
Mo ti ṣẹda lọtọ ise agbese gitlab-ci ninu eyiti Mo gbe awoṣe CI kan fun awọn iṣẹ akanṣe Java wọpọ.yml.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<goals>
<goal>jar</goal>
</goals>
<!-- Генерация javadoc должна быть после фазы генерации ресурсов -->
<phase>prepare-package</phase>
<configuration>
<!-- Очень помогает в публичных проектах -->
<failOnError>true</failOnError>
<failOnWarnings>true</failOnWarnings>
<!-- Убирает ошибку поиска документации в target директории -->
<detectOfflineLinks>false</detectOfflineLinks>
</configuration>
</execution>
</executions>
</plugin>
Ti o ba ni module ti ko ni java ninu (fun apẹẹrẹ awọn orisun nikan)
Tabi o ko fẹ lati ṣe ipilẹṣẹ javadoc ni ipilẹ, lẹhinna ṣe iranlọwọ maven-jar-plugin
Ti o ba ni iṣẹ akanṣe pupọ-module ati pe o ko nilo lati po si module kan pato si ibi ipamọ, lẹhinna o nilo lati ṣafikun nexus-staging-maven-plugin pelu asia skipNexusStagingDeployMojo
<repositories>
<repository>
<id>SonatypeNexus</id>
<url>https://oss.sonatype.org/content/groups/staging/</url>
<!-- Не надо указывать флаги snapshot/release для репозитория -->
</repository>
</repositories>
Awọn afikun diẹ sii
Atokọ ọlọrọ pupọ ti awọn ibi-afẹde fun ṣiṣẹ pẹlu ibi ipamọ nexus (mvn help:describe -Dplugin=org.sonatype.plugins:nexus-staging-maven-plugin).
Ayẹwo idasilẹ aifọwọyi fun ikojọpọ si aringbungbun maven
Nigbati aami kan ba ti fi sii, iṣẹ-ṣiṣe ti o baamu ninu iṣẹ imuṣiṣẹ naa yoo jẹ okunfa laifọwọyi lati ṣe igbasilẹ ẹya idasilẹ si nexus (apẹẹrẹ).
Apakan ti o dara julọ ni pe itusilẹ isunmọ ti nfa laifọwọyi ni nexus.
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1037".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1037
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1037".
Waiting for operation to complete...
.........
[INFO] Remote staged 1 repositories, finished with success.
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 9.603 s]
[INFO] test-core .......................................... SUCCESS [ 3.419 s]
[INFO] Shields4J client ................................... SUCCESS [ 9.793 s]
[INFO] TestNG listener 1.0.0 .............................. SUCCESS [01:23 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 01:47 min
[INFO] Finished at: 2019-04-21T04:05:46+03:00
[INFO] ------------------------------------------------------------------------
Ati pe ti nkan kan ba jẹ aṣiṣe, iṣẹ-ṣiṣe yoo dajudaju kuna
[INFO] Performing remote staging...
[INFO]
[INFO] * Remote staging into staging profile ID "9043b43f77dcc9"
[INFO] * Created staging repository with ID "orgtouchbit-1038".
[INFO] * Staging repository at https://oss.sonatype.org:443/service/local/staging/deployByRepositoryId/orgtouchbit-1038
[INFO] * Uploading locally staged artifacts to profile org.touchbit
[INFO] * Upload of locally staged artifacts finished.
[INFO] * Closing staging repository with ID "orgtouchbit-1038".
Waiting for operation to complete...
.......
[ERROR] Rule failure while trying to close staging repository with ID "orgtouchbit-1039".
[ERROR]
[ERROR] Nexus Staging Rules Failure Report
[ERROR] ==================================
[ERROR]
[ERROR] Repository "orgtouchbit-1039" failures
[ERROR] Rule "signature-staging" failures
[ERROR] * No public key: Key with id: (1f42b618d1cbe1b5) was not able to be located on <a href=http://keys.gnupg.net:11371/>http://keys.gnupg.net:11371/</a>. Upload your public key and try the operation again.
...
[ERROR] Cleaning up local stage directory after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Deleting context 9043b43f77dcc9.properties
[ERROR] Cleaning up remote stage repositories after a Rule failure during close of staging repositories: [orgtouchbit-1039]
[ERROR] * Dropping failed staging repository with ID "orgtouchbit-1039" (Rule failure during close of staging repositories: [orgtouchbit-1039]).
[ERROR] Remote staging finished with a failure: Staging rules failure!
[INFO] ------------------------------------------------------------------------
[INFO] Reactor Summary:
[INFO]
[INFO] Shields4J 1.0.0 .................................... SUCCESS [ 4.073 s]
[INFO] test-core .......................................... SUCCESS [ 2.788 s]
[INFO] Shields4J client ................................... SUCCESS [ 3.962 s]
[INFO] TestNG listener 1.0.0 .............................. FAILURE [01:07 min]
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
Bi abajade, a fi wa silẹ pẹlu yiyan nikan. Boya pa ẹya yii rẹ tabi ṣe atẹjade.
Lẹhin igbasilẹ, lẹhin igba diẹ awọn ohun-ọṣọ yoo wa
offtopic
O jẹ wiwa fun mi pe maven ṣe atọka awọn ibi ipamọ gbogbo eniyan miiran.
Mo ni lati ṣafikun robots.txt nitori pe o ṣe atọka ibi ipamọ atijọ mi.
Ise agbese imuṣiṣẹ lọtọ ninu eyiti o le ṣe ọpọlọpọ awọn iṣẹ ṣiṣe CI fun ikojọpọ awọn ohun-iṣere si awọn ibi ipamọ ti gbogbo eniyan fun ọpọlọpọ awọn ede idagbasoke.
Ise agbese Deploy jẹ iyasọtọ lati kikọlu ita ati pe o le yipada nipasẹ awọn olumulo nikan pẹlu awọn ipa Olutọju ati Olutọju.
Isare Specific lọtọ pẹlu kaṣe “gbona” lati mu awọn iṣẹ ṣiṣe nikan ṣiṣẹ.
Titẹjade aworan aworan/awọn ẹya itusilẹ ni ibi ipamọ gbogbo eniyan.
Ayẹwo aifọwọyi ti ẹya idasilẹ fun imurasilẹ fun titẹjade ni aringbungbun maven.
Idaabobo lodi si atẹjade laifọwọyi ti awọn ẹya “aise” ni aringbungbun maven.
Kọ ati ṣe atẹjade awọn ẹya aworan “lori tẹ”.
Ibi ipamọ ẹyọkan fun gbigba awọn ẹya fọto fọto/itusilẹ.
Ṣiṣeto GitLab CI kii ṣe idiju koko-ọrọ bi o ṣe dabi ni iwo akọkọ. O to lati ṣeto CI lori ipilẹ turnkey ni igba meji, ati ni bayi o ti jinna si magbowo ninu ọran yii. Pẹlupẹlu, iwe GitLab jẹ apọju pupọ. Maṣe bẹru lati ṣe igbesẹ akọkọ. Ọna naa han labẹ awọn igbesẹ ti eniyan ti nrin (Emi ko ranti ẹniti o sọ :)
Emi yoo dun lati gba esi.
Ninu nkan ti o tẹle Emi yoo sọrọ nipa bii o ṣe le tunto GitLab CI lati ṣiṣẹ awọn iṣẹ ṣiṣe pẹlu awọn idanwo isọpọ ni idije (nṣiṣẹ awọn iṣẹ labẹ idanwo nipa lilo docker-compose) ti o ba ni olusare ikarahun kan nikan.