Publish snapshots to maven #2438
Conversation
Adds a workflow to publish snapshots to the OpenSearch-Project maven repository when updates are pushed to main, 1.* branches, or 2.* branches. Following the example from https://github.com/opensearch-project/opensearch-sdk-java Signed-off-by: Peter Nied <[email protected]>
|
@gaiksaya We need our repository setup so we can retrieve the credentials for access Sonotype, can you help me get that done? |
Signed-off-by: Peter Nied <[email protected]>
Codecov Report
📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more @@ Coverage Diff @@
## main #2438 +/- ##
============================================
- Coverage 61.28% 61.21% -0.08%
+ Complexity 3330 3324 -6
============================================
Files 260 260
Lines 18487 18487
Branches 3267 3267
============================================
- Hits 11330 11317 -13
- Misses 5565 5575 +10
- Partials 1592 1595 +3
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here. |
|
Hey @peternied this PR should also consider the pluginZips to be published under we should also ship them to the maven so that the plugin zips are also published via this workflow. |
|
@prudhvigodithi I've updated the description with that output. Are there other changes that should be included? |
|
So I cloned your fork @peternied and saw that the task differs repo to repo based on how publications are configured. For this repo seems like it is |
Signed-off-by: Peter Nied <[email protected]>
|
@prudhvigodithi @gaiksaya I've fix the publish task and wrote the test process into the description. |
|
@peternied |
|
Update: We do not publish jars for security plugin. In that case we can also remove https://github.com/opensearch-project/security/blob/main/build.gradle#L64-L67 |
|
To add more context security plugin at preset is used only via zips (may be this could change in future), example https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/opensearch-security/3.0.0.0-SNAPSHOT/, the folder all contains zips. For zips publish we already have a reserved groupID So long story short for security plugin lets only focus on shipping the files part of |
The role has been added to the secrets. Thanks! |
|
@prudhvigodithi I noticed that you have requested changes, but it's not entirely clear to me what changes you would like to see. Could you please provide more specific feedback on what needs to be modified or improved so that I can make the necessary adjustments to the code? |
|
Hey @peternied I have requested changes, before we considered the the task that picks up the files from folder |
|
@peternied Please merge this if you aren't making any more changes. |
* Publish snapshots to maven Adds a workflow to publish snapshots to the OpenSearch-Project maven repository when updates are pushed to main, 1.* branches, or 2.* branches. Following the example from https://github.com/opensearch-project/opensearch-sdk-java Signed-off-by: Peter Nied <[email protected]> (cherry picked from commit 5bdcb29)
|
@gaiksaya Nice, it works! I've got some cleanup - the multiplatform build is entirely unneeded. https://github.com/opensearch-project/security/actions/runs/4196975415/jobs/7278687473 |
* Publish snapshots to maven Adds a workflow to publish snapshots to the OpenSearch-Project maven repository when updates are pushed to main, 1.* branches, or 2.* branches. Following the example from https://github.com/opensearch-project/opensearch-sdk-java Signed-off-by: Peter Nied <[email protected]> Signed-off-by: Maciej Mierzwa <[email protected]>
cwperks
added
backport 1.3
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security/backport-1.3 1.3
# Navigate to the new working tree
pushd ../.worktrees/security/backport-1.3
# Create a new branch
git switch --create backport/backport-2438-to-1.3
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 5bdcb29f02fe3a5e1bbd7367d173ee495ceebfa9
# Push it to GitHub
git push --set-upstream origin backport/backport-2438-to-1.3
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security/backport-1.3Then, create a pull request where the |
|
The backport to To backport manually, run these commands in your terminal: # Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security/backport-1.x 1.x
# Navigate to the new working tree
pushd ../.worktrees/security/backport-1.x
# Create a new branch
git switch --create backport/backport-2438-to-1.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 5bdcb29f02fe3a5e1bbd7367d173ee495ceebfa9
# Push it to GitHub
git push --set-upstream origin backport/backport-2438-to-1.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security/backport-1.xThen, create a pull request where the |
Description
Adds a workflow to publish snapshots to the OpenSearch-Project maven repository when updates are pushed to main, 1.* branches, or 2.* branches.
Following the example from https://github.com/opensearch-project/opensearch-sdk-java
Issues Resolved
Testing
Manually tested by editing the snapshot repository by updating the Snapshots target repository from maven to a local file system path.
build.gradle
->
Run the command
./gradlew publishPluginZipPublicationToSnapshotsRepositorywhich will publish the files in the file system under the 'snapshots' folder, then scan withfindor your favor directory scanner to see the zip + pom with sha filesCheck List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.