starts the effort to simplify artifact release #995
Conversation
Codecov Report
@@ Coverage Diff @@
## auto-releases #995 +/- ##
=================================================
+ Coverage 83.41% 83.99% +0.58%
=================================================
Files 50 50
Lines 856 856
Branches 51 54 +3
=================================================
+ Hits 714 719 +5
+ Misses 142 137 -5
Continue to review full report at Codecov.
|
|
Thank, @arron-green! I will take a look into this today. |
|
@vkostyukov no problem. glad to help on next steps to find the right balance in what you're looking for :) |
build.sbt
Outdated
| ) | ||
| val pattern = """"com.github.finagle" %% "finch-.*" % "(.*)"""".r | ||
|
|
||
| filesToUpdate.foreach{ fileName => |
There was a problem hiding this comment.
This needs a space after foreach
build/build.sh
Outdated
| chmod 600 local.deploy_key.pem | ||
| ssh-add local.deploy_key.pem | ||
| git config --global user.name "${CI_DEPLOY_USERNAME}" | ||
| git config --global user.email "${CI_DEPLOY_EMAIL}" |
There was a problem hiding this comment.
What are those CI_DEPLOY values by default? Should we set them into something?
There was a problem hiding this comment.
Perhaps I should somehow use the same email/user name while generating a github deploy key: https://help.github.com/articles/generating-a-new-ssh-key-and-adding-it-to-the-ssh-agent/#generating-a-new-ssh-key
There was a problem hiding this comment.
I think I understand now. Maybe we should just hard-code these into something? Let me think about this for a bit.
There was a problem hiding this comment.
As we don't really have a Finch domain yet, I made an email alias from my personal domain: [email protected]. Let's just use it for now as a hard-coded value.
There was a problem hiding this comment.
Okay cool. How about Finch CI for the username so it's easy to distinguish automated CI deploys vs deploys made by you?
There was a problem hiding this comment.
borrowing ideas from https://github.com/traneio/arrows/blob/master/build/build.sh#L21
There was a problem hiding this comment.
Yep. Finch CI sounds good!
| openssl aes-256-cbc -pass env:ENCRYPTION_PASSWORD -in ./build/credentials.sbt.enc -out local.credentials.sbt -d | ||
| openssl aes-256-cbc -pass env:ENCRYPTION_PASSWORD -in ./build/deploy_key.pem.enc -out local.deploy_key.pem -d | ||
|
|
||
| if [[ "${TRAVIS_BRANCH}" == "master" && $(cat version.sbt) != *"SNAPSHOT"* ]]; then |
There was a problem hiding this comment.
What does commit the new version back? Or maybe we aren't doing it yet?
There was a problem hiding this comment.
The magic seems to be part of the sbt-release functionality defined here
https://github.com/sbt/sbt-release/blob/v1.0.9/src/main/scala/ReleaseExtra.scala#L77-L93
Used as part of the release process defined here https://github.com/finagle/finch/pull/995/files#diff-fdc3abdfd754eeb24090dbd90aeec2ceR131
TBH, i haven't tested the release process yet. I have an internal jfrog account where i can test with a sandbox repo. Maybe i can create a dummy repo to test out the versioning. I also need to read up a bit more on sbt-release and understand how the next version gets promoted. In theory it should be 0.26.0-SNAPSHOT when a new release is performed. Maybe setting to 1.0.0-SNAPSHOT is a manual step before committing to the 1.0.0 milestone
Wasn't super familiar with this plugin but seems like it can do a bit more than what is currently being done. Seems like it can apparently automate release notes?
| @@ -14,5 +17,6 @@ cache: | |||
| - $HOME/.sbt/boot/ | |||
| script: | |||
| - sbt ++$TRAVIS_SCALA_VERSION validate | |||
| # - "./build/build.sh" | |||
There was a problem hiding this comment.
Maybe we should just give up on built matrix and start using build.sh? It seems to be what Flavio is doing for Arrows (https://github.com/traneio/arrows/blob/master/.travis.yml).
There was a problem hiding this comment.
makes sense to me!
There was a problem hiding this comment.
@fwbrasil i see you went through a couple of different iterations on doing cross builds to finally hardcoding 2.12 in your build script. Any helpful gotchas that you discovered in the process?
| @@ -75,6 +103,10 @@ lazy val publishSettings = Seq( | |||
| Some("releases" at nexus + "service/local/staging/deploy/maven2") | |||
| }, | |||
| publishArtifact in Test := false, | |||
| pgpSecretRing := file("local.secring.gpg"), | |||
There was a problem hiding this comment.
Should we add local.* into .gitignore?
There was a problem hiding this comment.
Also, what's interesting is I have gpg 2.2.10 installed locally and it doesn't use the secring.gpg file (according to this doc):
A secret keyring as used by GnuPG versions before 2.1. It is not used by GnuPG 2.1 and later.
I'm not sure which version of gpg utility sbt-gpg depends on so perhaps I should downgrade to make sure I generate both files.
There was a problem hiding this comment.
Nevermind. I'll modify the .gitignore in my separate branch.
There was a problem hiding this comment.
Adding to the .gitignore makes sense to me to prevent accidental commits. As to the GPG situation i can look into the sbt-release plugin to see what version that it supports. Maybe that's no longer a required setting for newer versions of GPG.
There was a problem hiding this comment.
I decided to use the older version of GPG I installed via brew. I'm pretty sure that version works just fine with sbt-gpg plugin:
$ gpg --version
gpg (GnuPG) 1.4.18
Copyright (C) 2014 Free Software Foundation, Inc.
|
@arron-green, I think I did everything right: #999 (although I haven't really checked anything). |
| @@ -75,6 +103,10 @@ lazy val publishSettings = Seq( | |||
| Some("releases" at nexus + "service/local/staging/deploy/maven2") | |||
| }, | |||
| publishArtifact in Test := false, | |||
| pgpSecretRing := file("local.secring.gpg"), | |||
There was a problem hiding this comment.
Nevermind. I'll modify the .gitignore in my separate branch.
* starts the effort to simplify artifact release * lint fix * hardcoded name and email
In the spirit of hacktoberfest, this PR is a start to simplify the effort required to release finch artifacts.
@vkostyukov I'm going to need your help with finishing this PR as i'm sure you have the keys to publish these artifacts.
as suggested i used https://www.theguardian.com/info/developer-blog/2014/sep/16/shipping-from-github-to-maven-central-and-s3-using-travis-ci as a reference
Requires the following files to be added to the
./builddirectorymasterbranch whenversion.sbtdoes not containSNAPSHOTgpgsecret ringgpgpublic ringI also wasn't sure on what to add for the github commits for releasing so i figured we could take advantage of environment variables set through travis. I defined
CI_DEPLOY_USERNAMEandCI_DEPLOY_EMAILAlso worth noting that the matrix style building of
2.11and2.12might not make sense with this PR. I don't think thesbt releasecommand used in thebuild.shmakes sense if it kicks off two separate travis jobs. Therefore i left the execution ofbuild.shcommented out for nowWe might need to iterate on this a few times to find the right balance of auto release vs semi-automatic release
Fixes #977