forked from bbottema/simple-java-mail
-
Notifications
You must be signed in to change notification settings - Fork 0
/
how to release.txt
66 lines (52 loc) · 3.17 KB
/
how to release.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
Prerequisite:
You need GPG installed (comes along with GIT installation in the \bin folder) and you need to create a keyring, used for signing artifacts.
If you have an existing key, simply import it:
gpg --allow-secret-key-import --import <keyring>.gpg
That, or you can install one of the binaries to import the key, from here: https://www.gnupg.org/download/index.html
To import the keyring in a CI/CD environment (CircleCI, Azure Devops, Bamboo, Jenkins etc.), you need to import the keyring
externally (or us a private Repo). Alternatively you can import the ASCII export of the key configured as a property secret
so you can ECHO it to a file during the build. Once exposed as file, you can use it to sign:
To generate the ASCII export of a key so you can store it a secret property in your build environment:
- gpg --no-default-keyring --armor --secret-keyring ./secring.gpg --keyring ./pubring.gpg --export-secret-key USER > secring.gpg.asc
- sed ':a;N;$!ba;s/\n/\\n/g' secring.gpg.asc, OR
- base64 encode the text
To be able to have your CI/CD script also commit the new version, you need to add github.com's official host finger print.
- https://serverfault.com/a/701637/157338
- https://discuss.circleci.com/t/error-sending-to-agent-inappropriate-ioctl-for-device/17465/2
- https://medium.com/@Joachim8675309/generating-gpg-key-files-cc447431415a
- http://frankiesardo.github.io/posts/2015-04-19-automate-everything-with-circleci.html
- https://github.com/toknapp/arweave4s/blob/master/.circleci/config.yml
- https://serverfault.com/questions/447028/non-interactive-git-clone-ssh-fingerprint-prompt
- https://superuser.com/questions/232373/how-to-tell-git-which-private-key-to-use
To release through CI/CD pipeline in CircleCI
1. update release notes and github readme page and push changes
2. go to the CI/CD pipeline https://circleci.com/gh/bbottema/simple-java-mail
3. select the version release needed
To release manually:
1. update release notes and github readme page (don't commit)
2. remove SNAPSHOT version from the <version> property
4. mvn -DperformRelease=true clean deploy
(set password in settings.xml or use local pgp key password, for which the public key must have been sent to a public key server,
eg: gpg --keyserver hkp://keyserver.ubuntu.com --send-keys 05AC6403)
server needed in settings.xml (see below)
5. Go to https://oss.sonatype.org and release the artifact so it is submitted to Maven Central
6. add new SNAPSHOT version to the <version> property, execute and commit everything
maven's settings.xml:
<server>
<id>ossrh</id>
<username>sonatype user</username>
<password>sonatype password</password>
</server>
To have a global gpg password so that it will use that automatically:
<profiles>
<profile>
<id>gpg</id>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.passphrase>password</gpg.passphrase>
</properties>
</profile>
</profiles>
<activeProfiles>
<activeProfile>gpg</activeProfile>
</activeProfiles>