Explore automating maven releases #153

ajkannan · 2015-08-31T23:41:09Z

Right now, releases to maven are done manually, and it would be nice to do this within a script triggered by Travis. This may be a bit tricky because deploying requires signing the bits.

mziccard · 2015-09-14T07:40:11Z

This would be super cool. You are also right, it might be tricky and there's a bit of a lack of information on how to do it. If I remember correctly we should add a <profile> element in settings.xml to tell the gpg maven plugin where to look for the gpg keys:

<properties>
  <gpg.homedir>${TRAVIS_BUILD_DIR}/target/travis</gpg.homedir>
  <gpg.keyname>KEYNAME</gpg.keyname>
  <gpg.passphrase>PASSPHRASE</gpg.passphrase>
</properties>

The pgp keys must then be signed (using either travis file-encrypt or openssl directly) and put in the repository (travis branch), lets call them secring.gpg.enc and pubring.gpg.enc. We must then add the decryption commands to the before_install phase in .travis.yml. If we use travis file-encrypt to encrypt the files the command should also output the code to decrypt them. We must only change the path to the encrypted files (as they will be in /target/travis), something like:

before-install:
- openssl aes-256-cbc -K $encrypted_0a6446eb3ae3_key -iv $encrypted_0a6446eb3ae3_key -in secring.gpg.enc -out local.secring.gpg -d
- openssl aes-256-cbc -K $encrypted_0z6656gf43dc_key -iv $encrypted_0z6656gf43dc_key -in pubring.gpg.enc -out local.pubring.gpg -d

Once this is set up mvn clean deploy should do the job.
We could then trigger mvn clean deploy when tags are pushed (TRAVIS_TAG variable would be set with the tag name).

This PR was generated using Autosynth. 🌈 Synth log will be available here: https://source.cloud.google.com/results/invocations/2f00b5dd-1724-4895-ab0f-d5436bcf295b/targets - [ ] To automatically regenerate this PR, check this box. Source-Link: googleapis/synthtool@7d65281

- [ ] Regenerate this pull request now. chore(bazel): update gax-java to 2.18.4 PiperOrigin-RevId: 463115700 Source-Link: googleapis/googleapis@52130a9 Source-Link: https://github.com/googleapis/googleapis-gen/commit/6a4d9d9bb3afb20b0f5fa4f5d9f6740b1d0eb19a Copy-Tag: eyJwIjoiLmdpdGh1Yi8uT3dsQm90LnlhbWwiLCJoIjoiNmE0ZDlkOWJiM2FmYjIwYjBmNWZhNGY1ZDlmNjc0MGIxZDBlYjE5YSJ9

…-info-reports-plugin to v3.4.1 (#153) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [org.apache.maven.plugins:maven-project-info-reports-plugin](https://maven.apache.org/plugins/) | `3.4.0` -> `3.4.1` | [![age](https://badges.renovateapi.com/packages/maven/org.apache.maven.plugins:maven-project-info-reports-plugin/3.4.1/age-slim)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://badges.renovateapi.com/packages/maven/org.apache.maven.plugins:maven-project-info-reports-plugin/3.4.1/adoption-slim)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://badges.renovateapi.com/packages/maven/org.apache.maven.plugins:maven-project-info-reports-plugin/3.4.1/compatibility-slim/3.4.0)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://badges.renovateapi.com/packages/maven/org.apache.maven.plugins:maven-project-info-reports-plugin/3.4.1/confidence-slim/3.4.0)](https://docs.renovatebot.com/merge-confidence/) | --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, click this checkbox. --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/googleapis/java-deploy).

🤖 I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).

🤖 I have created a release *beep* *boop* --- ### Updating meta-information for bleeding-edge SNAPSHOT release. --- This PR was generated with [Release Please](https://togithub.com/googleapis/release-please). See [documentation](https://togithub.com/googleapis/release-please#release-please).

ajkannan self-assigned this Sep 30, 2015

This was referenced Oct 2, 2015

Add encrypted signing tools #204

Merged

Automate push to maven central repository for releases #205

Merged

aozarov closed this as completed in #205 Oct 2, 2015

yoshi-automation added 🚨 This issue needs some love. triage me I really want to be triaged. labels Apr 6, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Explore automating maven releases #153

Explore automating maven releases #153

ajkannan commented Aug 31, 2015

mziccard commented Sep 14, 2015

Explore automating maven releases #153

Explore automating maven releases #153

Comments

ajkannan commented Aug 31, 2015

mziccard commented Sep 14, 2015