-
Notifications
You must be signed in to change notification settings - Fork 981
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #234 from chewiebug/release-1.36
prepare release 1.36
- Loading branch information
Showing
139 changed files
with
20,160 additions
and
1,016 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,3 @@ | ||
| component_depth: 8 | ||
| languages: | ||
| - java |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,5 @@ | ||
| FROM ruby:latest | ||
|
|
||
| RUN gem install travis | ||
|
|
||
| CMD /bin/bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| # cicd | ||
| This directory contains a settings.xml + script file that can be used to | ||
| deploy to the SonaType OSS repository from a Travis CI build. | ||
|
|
||
| The full instructions are here: | ||
| http://knowm.org/configure-travis-ci-to-deploy-snapshots/ | ||
|
|
||
| # gpg | ||
| ## documentation | ||
| - https://stackoverflow.com/questions/38276762/travis-gpg-signing-failed-secret-key-not-available | ||
| - https://github.com/making/travis-ci-maven-deploy-skelton | ||
| - https://www.gnupg.org/gph/en/manual.html | ||
|
|
||
| expiration date of current keys: 2021-11-28 | ||
|
|
||
| ## issues with outdated openssl version in travis-ci (30.11.2019) | ||
| -> docker ruby image (ruby 2.6.5p114) uses openssl 1.1.1d; travis-ci uses openssl 1.0.2g | ||
| -> preferred command would be "openssl enc -e -v -iter 3 -aes-256-cbc -pass pass:$ENCRYPTION_PASSWORD -in ./xxx.gpg -out xxx.gpg.enc" | ||
| two issues: | ||
| - "-iter 3" is not known -> drop option | ||
| - key derivation mechanism was changed between openssl 1.1.x and 1.0.x | ||
| -- https://stackoverflow.com/questions/39637388/encryption-decryption-doesnt-work-well-between-two-different-openssl-versions/39641378#39641378 | ||
| -- -> use -md sha1 to enable decryption by openssl 1.0.x | ||
|
|
||
| ## steps to create / renew pubring.gpg.enc + secring.gpg.enc | ||
| ### run docker image | ||
| - docker run --rm -it --mount type=bind,src=D:\Users\joerg2\Daten\java\git\GCViewer\cicd\gpg,dst=/usr/gpg ruby/travis /bin/bash | ||
| - cd /usr/gpg | ||
|
|
||
| ### create private + public key | ||
| - gpg --generate-key | ||
| -- [email protected] | ||
| -- gpg zert für maven signierung | ||
| - gpg --output pubring.gpg --export [email protected] | ||
| - gpg --armor --export [email protected] > pubring.gpg.txt | ||
| -- upload to public key server (http://keyserver.ubuntu.com:11371) | ||
| - gpg --export-secret-keys > secring.gpg | ||
|
|
||
| ### encrypt keys | ||
| - export ENCRYPTION_PASSWORD=<encryption password> | ||
| - openssl enc -e -v -aes-256-cbc -md sha1 -pass pass:$ENCRYPTION_PASSWORD -in ./pubring.gpg -out ./pubring.gpg.enc | ||
| - openssl enc -e -v -aes-256-cbc -md sha1 -pass pass:$ENCRYPTION_PASSWORD -in ./secring.gpg -out ./secring.gpg.enc |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,92 @@ | ||
| #!/bin/bash | ||
| # -e: exit on any non-true return value | ||
| # -u: exit, if an unset variable is being used | ||
| # https://ss64.com/bash/set.html | ||
| set -eu | ||
|
|
||
| echo "TRAVIS_PULL_REQUEST = ${TRAVIS_PULL_REQUEST}" | ||
| echo "TRAVIS_BRANCH = ${TRAVIS_BRANCH}" | ||
| echo "TRAVIS_JDK_VERSION = ${TRAVIS_JDK_VERSION}" | ||
|
|
||
| ##################### | ||
| # functions | ||
| ##################### | ||
| function perform_snapshot_release() { | ||
| echo "----------------" | ||
| echo build and deploy to sourceforge \(SNAPSHOT only\) | ||
| echo "----------------" | ||
| mvn clean deploy javadoc:javadoc -P sourceforge-release --settings ./cicd/settings.xml | ||
| } | ||
|
|
||
| function init_github() { | ||
| git config --global user.email "[email protected]" | ||
| git config --global user.name "Travis CI" | ||
| git remote add origin-github https://${GH_TOKEN}@github.com/chewiebug/gcviewer.git > /dev/null 2>&1 | ||
| } | ||
|
|
||
| function push_to_github() { | ||
| # https://gist.github.com/willprice/e07efd73fb7f13f917ea | ||
| echo "pushing $1 to github" | ||
| git status | ||
| git push --quiet --set-upstream origin-github $1 | ||
| } | ||
|
|
||
| function merge_with_develop_branch() { | ||
| # assumption: we are not on the develop branch and should merge TRAVIS_BRANCH into develop | ||
| echo "merging ${TRAVIS_BRANCH} into develop" | ||
| # since travis did a shallow clone (git clone --depth=50 ...), we need to fetch the develop branch first | ||
| git config remote.origin.fetch "+refs/heads/*:refs/remotes/origin/*" | ||
| git fetch --depth=10 | ||
| git checkout -t -b develop origin/develop | ||
| git merge ${TRAVIS_BRANCH} | ||
| } | ||
|
|
||
| function perform_release() { | ||
| echo "----------------" | ||
| echo perform release | ||
| echo "----------------" | ||
| # maven release needs a locally checked out branch, otherwise "git symbolic-ref HEAD" will fail | ||
| git checkout ${TRAVIS_BRANCH} | ||
| openssl version | ||
| openssl enc -d -aes-256-cbc -md sha1 -pass pass:$ENCRYPTION_PASSWORD -in $GPG_DIR/pubring.gpg.enc -out $GPG_DIR/pubring.gpg | ||
| openssl enc -d -aes-256-cbc -md sha1 -pass pass:$ENCRYPTION_PASSWORD -in $GPG_DIR/secring.gpg.enc -out $GPG_DIR/secring.gpg | ||
| mvn --batch-mode release:clean release:prepare release:perform --settings ./cicd/settings.xml | ||
| # remove decrypted keyrings | ||
| rm $GPG_DIR/*.gpg | ||
| init_github | ||
| push_to_github ${TRAVIS_BRANCH} | ||
| # push tag, which was just generated by maven-release-plugin | ||
| git push origin-github $(git describe --tags --abbrev=0) | ||
| merge_with_develop_branch | ||
| push_to_github develop | ||
| } | ||
|
|
||
| function perform_verify() { | ||
| echo "----------------" | ||
| echo only verify | ||
| echo "----------------" | ||
| mvn clean verify javadoc:javadoc | ||
| } | ||
|
|
||
| ##################### | ||
| # script | ||
| ##################### | ||
| # Since the same script is run several times with different jdks by the build process, | ||
| # only under certain conditions, a (snapshot) release should be built. | ||
| # Among others, a build loop must be prevented after a "perform_release" build was executed. | ||
| # All other cases (like pull requests) only perform a "verify" | ||
| if [ "${TRAVIS_PULL_REQUEST}" = "false" ] && [[ ! "${TRAVIS_COMMIT_MESSAGE}" = \[maven-release-plugin\]* ]] && [ "${TRAVIS_JDK_VERSION}" = "openjdk8" ] | ||
| then | ||
| if [ "${TRAVIS_BRANCH}" = "develop" ] | ||
| then | ||
| perform_snapshot_release | ||
| elif [[ "${TRAVIS_BRANCH}" = "master" ]] | ||
| then | ||
| perform_release | ||
| else | ||
| # will be done for all other branches pushed into this repository | ||
| perform_verify | ||
| fi | ||
| else | ||
| perform_verify | ||
| fi |
Binary file not shown.
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| docker run --rm -it --mount type=bind,src=%cd%\gpg,dst=/usr/gpg ruby/travis /bin/bash |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" | ||
| > | ||
|
|
||
| <servers> | ||
| <server> | ||
| <id>ossrh</id> | ||
| <username>${env.CI_DEPLOY_USERNAME}</username> | ||
| <password>${env.CI_DEPLOY_PASSWORD}</password> | ||
| </server> | ||
| </servers> | ||
| </settings> |
Oops, something went wrong.