Shipping from GitHub to Maven Central and S3, using Travis-CI

If you use GitHub and SBT and need to deliver your artifacts to Maven Central, you want it to be simple to installation and control. We’ve compiled some commands on how our SBT plugin can assist

Introduction
As a part of open sourcing our scala-automation framework, we wanted to open the build and artifacts and placed them in the cloud. Our necessities had been simple. Firstly, we wanted to run our automated exams on every decide to scala-automation. Secondly, to make matters easy for customers, we desired that allows you to kick off a launch via without a doubt tagging the grasp department with the model quantity we desired to release. For us, a release consists of each sending signed binaries to Maven Central and publishing a beneficial changelog on the net. Finally, we wanted to avoid making commits back to our GitHub repo throughout the release technique, as is executed by the sbt-launch plugin.

Image result for plug

Our plugin is based on sbt-git, sbt-sonatype, sbt-pgp and sbt-s3, so you need to fulfil their necessities to use it.

Follow the steps beneath to apply our plugin to your own SBT challenge.

Step 1: Setting up your PGP key and Sonatype account
Set up the sbt-sonatype plugin as in step with the SBT documentation: http://www.Scala-sbt.Org/0.Thirteen/docs/Using-Sonatype.Html

Test that you could run sbt put up-signed and sbt sonatypeReleaseAll the use of http://www.Scala-sbt.Org/sbt-pgp/ and https://github.Com/xerial/sbt-sonatype

 

RELATED ARTICLES :

Step 2: Preparing your Secrets
Firstly, add the subsequent line to your .Gitignore

neighborhood.*
Secondly, reproduction your pubring.Gpg and secring.Gpg to the mission listing as local.Pubring.Gpg and neighborhood.Secring.Gpg.

Finally, move your secrets and techniques to a brand new file neighborhood.Credentials.Sbt as follows:

import com.Typesafe.Sbt.SbtPgp._

// this has to move in an sbt record because if we use an external
// credentials residences document it ignores it
credentials += Credentials(
“Sonatype Nexus Repository Manager”,
“oss.Sonatype.Org”,
“<SONATYPE_USERNAME>”,
“<SONATYPE_PASSWORD>”
)

pgpPassphrase := Some(“<PGP_PASSPHRASE>”.ToCharArray)

credentials += Credentials(
“Amazon S3”,
“<YOUR_S3_BUCKET>.S3.Amazonaws.Com”,
“<AMAZON_API_USER_KEY>”,
“<AMAZON_API_PASSWORD_KEY>”
)
Background: Why use Travis CI?
Travis is an established cloud-based totally construct gadget, free for open supply tasks. It takes your source and a special .Travis.Yml build definition from your public repo, runs the construct on a build engine, and reviews the high level end result. Other functions include robotically emailing you while your builds finish, and updating the widget on GitHub pull requests with the build repute.

There are numerous matters I like approximately Travis – you don’t need to manipulate or pay for the servers, it’s tried and examined, and it’s quite simple. Unfortunately, not like many other build structures, Travis doesn’t encompass an included report save to your construct output – handiest the console output is retained and it’s as much as you to shop artifacts somewhere else. Since Amazon S3 affords storage and internet access, and has an sbt-s3 plugin, it’s a terrific region to keep any vital documents.

Shipping from a construct engine is repeatable and at ease, and access can be controlled thru the repository.

Step three: Encrypting your mystery documents
It’s easy to encrypt variables using the travis command – see http://medical doctors.Travis-ci.Com/person/encryption-keys/

Choose a robust encryption password. It is important that it is sturdy because humans can down load your encrypted documents and brute force assault them regionally. You gained’t have to kind this password regularly.

Firstly, run these commands to let Travis CI realize your password.

Gem install travis
cd <YOUR_LOCAL_MIRROR>
travis encrypt ENCRYPTION_PASSWORD=<YOUR_ENCRYPTION_PASSWORD> –upload
Secondly, encrypt your mystery documents together with your password.

Openssl aes-256-cbc -in nearby.Secring.Gpg -out secring.Gpg.Enc -skip pass:<YOUR_ENCRYPTION_PASSWORD>
openssl aes-256-cbc -in nearby.Pubring.Gpg -out pubring.Gpg.Enc -pass skip:<YOUR_ENCRYPTION_PASSWORD>
openssl aes-256-cbc -in local.Credentials.Sbt -out credentials.Sbt.Enc -pass bypass:<YOUR_ENCRYPTION_PASSWORD>
Finally, edit .Travis.Yml to feature these lines. This tells travis to decrypt your files for the duration of the build.

It it critical to apply $ENCRYPTION_PASSWORD as proven and not substitute your actual password here as this record can be unencrypted for your repository.

Before_install:
– openssl aes-256-cbc -bypass bypass:$ENCRYPTION_PASSWORD -in secring.Gpg.Enc -out nearby.Secring.Gpg -d
– openssl aes-256-cbc -bypass pass:$ENCRYPTION_PASSWORD -in pubring.Gpg.Enc -out neighborhood.Pubring.Gpg -d
– openssl aes-256-cbc -pass bypass:$ENCRYPTION_PASSWORD -in credentials.Sbt.Enc -out neighborhood.Credentials.Sbt -d
Now whilst the Travis build runs, the documents must be decrypted robotically.

Background: Generating a Change Log
Usually, users need a first rate changelog in order that they recognize whether or no longer to take a new version. I preferred the idea, however didn’t like more problem of writing it. I determined to percentage the trouble with the aid of pulling the changelog from the git records, thereby making it everyone’s task. I determined that most of the commits were too low stage to encompass, however pull requests typically offer useful facts, and with the default remark that github includes, I should hyperlink lower back to the pull request from a changelog.

For implementation, I decided that it’d be simplest to parse the output of git log with parser combinators, and rework it to HTML. You can see my implementation here.

Generating the changelog become excellent, but I had to add it someplace. I decided AWS S3 would do, as you could store static files there cost effectively and serve them over HTTP.

I determined a sbt-s3 plugin at https://github.Com/sbt/sbt-s3 and determined to use that for my plugin.

Step four: Configuring the sbt-sonatype-launch plugin
Firstly, edit your project/plugins.Sbt and add this line:

addSbtPlugin(“com.Gu” % “sbt-sonatype-launch” % “1.Zero”)
Next edit your construct.Sbt to configure the plugin:

lazy val root = (project in file(“.”)).EnablePlugins(ShipAutoPlugin)

pgpSecretRing := report(“neighborhood.Secring.Gpg”)

pgpPublicRing := document(“neighborhood.Pubring.Gpg”)

mappings in add ++= Seq((new java.Io.File(“medical doctors/changelog.Css”),”changelog.Css”))

host in upload := “YOUR_S3_BUCKET.S3.Amazonaws.Com”
Finally, ensure your .Travis.Yml runs the sbt-sonatype-release goal:

script: sbt testAndOptionallyShip
Step 5: Kicking off a Release
Since Travis is driven from GitHub, we need to indicate inside the repo whilst we want a brand new launch to take place. The cleanest workflow is to tag grasp with the model variety we need to launch, then the build can do a little extra steps to do the release.

To kick off a release – in this situation v1.Zero – simply run the subsequent two instructions:

git tag -a v1.Zero -m “new edition shipped”
git push origin v1.Zero
Check Travis CI to monitor your construct. Once it has completed, your artifacts should be available.

Summary
We have installation an SBT challenge to deliver to Maven Central and save a changelog to AWS the use of the sbt-sonatype-release plugin. Now, whenever the grasp department is tagged vN.NN a new edition will mechanically ship.