Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Publish snapshots to maven via GHA #239

Closed
Tracked by #3185
gaiksaya opened this issue Feb 18, 2023 · 3 comments
Closed
Tracked by #3185

Publish snapshots to maven via GHA #239

gaiksaya opened this issue Feb 18, 2023 · 3 comments

Comments

@gaiksaya
Copy link
Member

gaiksaya commented Feb 18, 2023

Coming from opensearch-build#3185

What is happening?

We are de-coupling the task of publishing the maven snapshots from centralized build workflow to individual repositories. What this means is each repo can now publish maven snapshots using GitHub Actions.
This change unblocks the dependent components from waiting for a successful build before they can consume the snapshots. This also ensures that all snapshots are independent and up to date.

What do you need to do?

  1. Determine what artifacts you publish to maven. Most plugins publish only zips. Example.
  2. Add below repository under publishing in build.gradle:
    repositories {
        maven {
            name = "Snapshots"
            url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
            credentials {
                username "$System.env.SONATYPE_USERNAME"
                password "$System.env.SONATYPE_PASSWORD"
            }
        }
    }

Example

  1. Determine what gradle task will publish the content to snapshots repo. Example: ./gradlew publishPluginZipPublicationToSnapshotsRepository.
  2. Create a pull request to set up a GitHub action that will fetch the credentials and publish the snpahots to https://aws.oss.sonatype.org/ See sample workflow.
  3. Add @gaiksaya as a reviewer, who will also take care of creating the IAM role that is required to fetch the credentials and add it to the GitHub Secrets.

Testing

Test by editing the snapshot repository by updating the Snapshots target repository from maven to a local file system path.

build.gradle

        maven {
            name = "Snapshots" //  optional target repository name
            url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
            credentials {
                username "$System.env.SONATYPE_USERNAME"
                password "$System.env.SONATYPE_PASSWORD"
            }
        }

->

        maven {
            name = "Snapshots" //  optional target repository name
            url = "snapshots"
        }

Run the command ./gradlew which will publish the files in the file system under the 'snapshots' folder, then scan with find or your favor directory scanner to see the zip + pom with sha files

% find snapshots | sort                                                                                                                                                                               ~/git/security
snapshots
snapshots/org
snapshots/org/opensearch
snapshots/org/opensearch/plugin
snapshots/org/opensearch/plugin/opensearch-security
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/maven-metadata.xml.sha512
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.pom.sha512
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.md5
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha1
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha256
snapshots/org/opensearch/plugin/opensearch-security/3.0.0.0-SNAPSHOT/opensearch-security-3.0.0.0-20230214.224249-1.zip.sha512
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.md5
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha1
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha256
snapshots/org/opensearch/plugin/opensearch-security/maven-metadata.xml.sha512

Please feel free to reach out to @opensearch-project/engineering-effectiveness.

@gaiksaya
Copy link
Member Author

Hi @opensearch-project/asynchronous-search,

This was tagged for 2.6.0 and did not get in. Can you take a look and take action accordingly?
This is not a product change but an infra change and we will be soon decommissioning the central workflow. See META issue for details.

Thanks!

@bbarani
Copy link
Member

bbarani commented Mar 1, 2023

@opensearch-project/asynchronous-search @Arpit-Bandejiya Can you please prioritize this effort? We will be disabling the snapshot upload through distribution build process by March 15 2023.

@Arpit-Bandejiya
Copy link
Collaborator

Hi @bbarani @gaiksaya will take this before 15th March

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

3 participants