search

opensearch-project / opensearch-testcontainers

Apache License 2.0
19 stars 10 forks source link

Publish maven snapshots using GitHub Actions #75

Closed gaiksaya closed 1 year ago

gaiksaya commented 1 year ago

Coming from opensearch-build#3185

What is happening?

We are de-coupling the task of publishing the maven snapshots from centralized build workflow to individual repositories. What this means is each repo can now publish maven snapshots using GitHub Actions. This change unblocks the dependent components from waiting for a successful build before they can consume the snapshots. This also ensures that all snapshots are independent and up to date.

What do you need to do?

  1. Determine what artifacts you publish to maven. Most plugins publish only zips. Example.
  2. Add below repository under publishing in build.gradle:
    repositories {
        maven {
            name = "Snapshots"
            url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
            credentials {
                username "$System.env.SONATYPE_USERNAME"
                password "$System.env.SONATYPE_PASSWORD"
            }
        }
    }

Example

  1. Determine what gradle task will publish the content to snapshots repo. Example: ./gradlew publishPluginZipPublicationToSnapshotsRepository.
  2. Create a pull request to set up a GitHub action that will fetch the credentials and publish the snpahots to https://aws.oss.sonatype.org/ See sample workflow.
  3. Add @gaiksaya as a reviewer, who will also take care of creating the IAM role that is required to fetch the credentials and add it to the GitHub Secrets.

    Testing

Test by editing the snapshot repository by updating the Snapshots target repository from maven to a local file system path.

build.gradle

        maven {
            name = "Snapshots" //  optional target repository name
            url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
            credentials {
                username "$System.env.SONATYPE_USERNAME"
                password "$System.env.SONATYPE_PASSWORD"
            }
        }

->

    maven {
        name = "Snapshots" //  optional target repository name
        url = "snapshots"
    }

Run the command ./gradlew which will publish the files in the file system under the 'snapshots' folder, then scan with find or your favor directory scanner to see the zip + pom with sha files

% find snapshots | sort                                                                                                                                                                               ~/git/security
snapshots
snapshots/org
snapshots/org/opensearch
snapshots/org/opensearch/plugin
snapshots/org/opensearch/plugin/opensearch-security
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha512
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha512
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha512
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.md5
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha1
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha256
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha512

Please feel free to reach out to @opensearch-project/engineering-effectiveness.