[gradle] Plugin release management #201
Conversation
This applies steps necessary for publishing to Sonatype, including sources, javadoc, jar and signing. Also includes full POM details, per Sonatype requirements.
|
I'm explicitly documenting these here, in case they're missed in the build.gradle comments. Signing and deploying require the following properties:
These can be defined as:
Once defined, building and deploying the plugin is simply: |
* master: Fix javadoc in clioption (OpenAPITools#188) Build improvements (OpenAPITools#202) Prepare 3.0.1-SNAPSHOT (OpenAPITools#195)
|
@wing328 @jmini if we want the gradle plugin to make it into 3.0.1, we'll want to merge this and work out any kinks in release. Response to my request for replacing As I understand Jeremie's recent changes, we'd be relying on current maven configuration to execute a deploy that copies artifacts/poms. If this doesn't work, my recommendation is to add |
|
Lets do a recap. Since the beginning I tell that to upload/deploy the generated jar to a distant maven repository we can use:
I do not care. I can help with the maven way, I do not know enough of gradle in order to help. Because having two artifacts with the same name can be really confusing, I have renamed the maven wrapper that calls gradle to
The role of the maven helper is to call gradle to build the gradle plugin as part of the maven build. I also misused PR #202 to see if I was able to upload This was not a clear success and I have reported my findings in #202. During the I am not sure to know what is requested for I have no problem by doing the signing and the upload with gradle. Requirements are:
The long game is to move our entire build to gradle (see #200). So if we have an half-maven half-gradle solution for that moment, this is OK for me. |
|
Let me respond to the points that you called out:
Changes in this PR work for release and for snapshot. With the configuration values I have listed above in place, you call
Uploading to Sonatype repositories is well-documented on Sonatype's site. We can document
Build is failing because CI is not configured with the 5 required configurations as I have mentioned above. Again, I don't know how to configure these, and probably need assistance from @wing328 to get the values in place.
This is the whole point of this PR, and the 5 missing configurations mentioned above are required to get the PR completed. |
|
@jimschubert: I was not implying that you are not meeting the requirements. I just listed them to have something explicit. Sorry if you understood that you should deliver something. Nevertheless, with your additional explanations it becomes more clear (at least to me). The documentation is not for contributors but for people doing a release (for the moment this task is made by @wing328, but I understood that his intention is to involve more people like you and me). I start with really low gradle knowledge and almost none online-CI knowledge (I am a Jenkins user - I never configured circleci, AppVeyor, Travis CI or Shippable) From what I understood @wing328 gave you and me the necessary rights to move forward. I do not know if this include CI setup but I think so. |
|
@wing328: what about the CI jobs that are broken? My understanding is that we need to add some environment variables as described by @jimschubert somewhere in the CI config. We do not want commit our private key and passwords to the repo do we? For maven I guess that we have something similar in place (env variables or maven |
|
I will be updating some scripts later (hopefully tonight). I'll comment when done. |
* master: Add 'unblu inc.' to company list (OpenAPITools#246) put company list in alphabetical order (OpenAPITools#244) [jaxrs-spec] generate spec file (yaml) correctly (OpenAPITools#243) [C++] Adjust the names (script, sample folder, generator) to lang option (OpenAPITools#220) Add GMO Pepabo to company list (OpenAPITools#242) [Spring] Add apiFirst option (OpenAPITools#184) [cli] Write to stdout/stderr, allow redirection (OpenAPITools#207) [JAVA][Client] New object instead of null for empty POST request (OpenAPITools#98) Make yaml serialization deterministic (OpenAPITools#233) Add syntax highlighting to migration guide (OpenAPITools#237) Fix shippable badge (OpenAPITools#232) update company list (OpenAPITools#227) Fix OpenAPITools#210: [Ada] Update the code generator for required and optional parameters (OpenAPITools#211) Delete unused methods in DefaultCodegen (OpenAPITools#209) add note about maven plugins (OpenAPITools#216) add raiffeisen to company list (OpenAPITools#223) add a remark about homebrew installatio (OpenAPITools#217)
…n, not maven-publish plugin
|
I've updated the scripts. Release configuration can be done later, as it's also not in place for Maven. We were operating under a false assumption there. ;) It's a simple add, but considering it's related to all artifacts, I'd like to get this merged and verify that the SNAPSHOT gets published before we tackle automating the release for all artifacts in maven and gradle. |
|
Yes we need to move forward on this, especially if the 3.0.1 release is tomorrow... If the signing config is not there, can we not just ignore the For the moment:
And:
(excuse me if this is a gradle beginner question) |
|
The condition doesn't sign artifacts unless in a non-SNAPSHOT. These errors look more related to my using ??? as placeholders. I'll try and set aside some time this afternoon to setup the signing. I discussed it with William last night as well, so I don't know if he looked at it yet. For 3.0.0, William did it manually, so those configs weren't in place for Maven either. |
jimschubert
force-pushed
the
gradle-plugin-release-management
branch
from
f746932
to
7e0a515
Compare
|
This should be good now. Includes Sonatype publish for Maven and Gradle. Can't evaluate if it works until merged, which William and I discussed merging it Saturday in the morning. |
|
Merging this now to see if there are any hiccups that need ironing out before Monday. |
* master: (26 commits) Prepare 3.0.1 release (OpenAPITools#280) [typescript-angular] strict type checking (OpenAPITools#218) [C++ server] Adjust the names (script, sample folder, generator) to lang option (OpenAPITools#250) Removed warnings for packages included in SDK for Net Core 2.0 (OpenAPITools#269) [cli] Completions command for suggestions (OpenAPITools#213) [Java][RestTemplate] Fix query parameter URL encoding (OpenAPITools#260) [cpp-qt5] Remove std::shared_ptr from Qt5 (OpenAPITools#267) Adds some links to the README (OpenAPITools#261) Update sec.gpg.enc to binary encoded secret Add gpg --check-trustdb, limit gpg to master Re-do encrypted gpg and reference in settings.xml Fix trailing semicolons in after_success Travis CI scripts Use ubuntu keyserver instead of mit (due to timeout) [gradle] Plugin release management (OpenAPITools#201) Updates small typo in qna.md (OpenAPITools#262) Fix ModelUtils.getUnusedSchema() (OpenAPITools#253) Add JaxRS to bin/ensure-up-to-date (OpenAPITools#248) feat(security): add cookie-auth support (OpenAPITools#240) Add 'unblu inc.' to company list (OpenAPITools#246) put company list in alphabetical order (OpenAPITools#244) ...
This applies steps necessary for publishing to Sonatype, including
sources, javadoc, jar and signing. Also includes full POM details, per
Sonatype requirements.
In my original implementation of the plugin, I hadn't realized
maven-publishwas an experimental update tomaven. I had falsely assumed that it applied all necessary logic in the current diff of this PR, but a key requirement (POM signing) is not available inmaven-publish.PR checklist
./bin/to update Petstore sample so that CIs can verify the change. (For instance, only need to run./bin/{LANG}-petstore.shand./bin/security/{LANG}-petstore.shif updating the {LANG} (e.g. php, ruby, python, etc) code generator or {LANG} client's mustache templates). Windows batch files can be found in.\bin\windows\.master.Description of the PR
(details of the change, additional tests that have been done, reference to the issue for tracking, etc)