Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Publish snapshots to maven via GHA #361

Closed
Tracked by #3185
gaiksaya opened this issue Feb 18, 2023 · 3 comments
Closed
Tracked by #3185

Publish snapshots to maven via GHA #361

gaiksaya opened this issue Feb 18, 2023 · 3 comments
Labels

Comments

@gaiksaya
Copy link
Member

gaiksaya commented Feb 18, 2023

Coming from opensearch-build#3185

What is happening?

We are de-coupling the task of publishing the maven snapshots from centralized build workflow to individual repositories. What this means is each repo can now publish maven snapshots using GitHub Actions.
This change unblocks the dependent components from waiting for a successful build before they can consume the snapshots. This also ensures that all snapshots are independent and up to date.

What do you need to do?

  1. Determine what artifacts you publish to maven. Most plugins publish only zips. Example.
  2. Add below repository under publishing in build.gradle:
    repositories {
        maven {
            name = "Snapshots"
            url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
            credentials {
                username "$System.env.SONATYPE_USERNAME"
                password "$System.env.SONATYPE_PASSWORD"
            }
        }
    }

Example

  1. Determine what gradle task will publish the content to snapshots repo. Example: ./gradlew publishPluginZipPublicationToSnapshotsRepository.
  2. Create a pull request to set up a GitHub action that will fetch the credentials and publish the snpahots to https://aws.oss.sonatype.org/ See sample workflow.
  3. Add @gaiksaya as a reviewer, who will also take care of creating the IAM role that is required to fetch the credentials and add it to the GitHub Secrets.

Testing

Test by editing the snapshot repository by updating the Snapshots target repository from maven to a local file system path.

build.gradle

        maven {
            name = "Snapshots" //  optional target repository name
            url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
            credentials {
                username "$System.env.SONATYPE_USERNAME"
                password "$System.env.SONATYPE_PASSWORD"
            }
        }

->

        maven {
            name = "Snapshots" //  optional target repository name
            url = "snapshots"
        }

Run the command ./gradlew which will publish the files in the file system under the 'snapshots' folder, then scan with find or your favor directory scanner to see the zip + pom with sha files

% find snapshots | sort                                                                                                                                                                               ~/git/security
snapshots
snapshots/org
snapshots/org/opensearch
snapshots/org/opensearch/plugin
snapshots/org/opensearch/plugin/opensearch-security
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha512
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha512
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha512
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.md5
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha1
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha256
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha512

Please feel free to reach out to @opensearch-project/engineering-effectiveness.

@gaiksaya
Copy link
Member Author

For common-utils looks like the situation is slightly different https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/common-utils/3.0.0.0-SNAPSHOT/
We are publishing jars not zips

@lezzago
Copy link
Member

lezzago commented Feb 22, 2023

Changes have been merged

@lezzago lezzago closed this as completed Feb 22, 2023
@gaiksaya
Copy link
Member Author

Hi @lezzago @eirsep @AWSHurneyt ,

Looks like publishing snapshots is not working on push for 2.x branch https://github.com/opensearch-project/common-utils/actions/workflows/maven-publish.yml?query=branch%3A2.x

Can you look into it?

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

No branches or pull requests

3 participants