Skip to content

Commit

Permalink
ci: backport codebuild release from 2.x (#229)
Browse files Browse the repository at this point in the history
  • Loading branch information
@texastony
texastony authored Jan 6, 2022
1 parent 156e801 commit 4b19168
Show file tree
Hide file tree
Showing 8 changed files with 276 additions and 0 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
### Maintenance
* Upgrade AWS SDK
* Upgrade build dependencies
* Partially automate release process

## 1.15.1 -- 2021-02-12
Fixes released jar files to ensure JDK 8 compatibility.
Expand Down
5 changes: 5 additions & 0 deletions buildspec.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,3 +23,8 @@ batch:
env:
env:
image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
- identifier: static_analysis
buildspec: codebuild/static-analysis.yml
env:
env:
image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
86 changes: 86 additions & 0 deletions codebuild/release/release-prod.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,86 @@
version: 0.2
# 'release-prod' is an AWS::CodeBuild::BuildSpec that Releases to Sonatype and then validates the release with 'validate-prod'
# Command to trigger this codebuild from an authorized command line.
# aws codebuild start-build-batch \
# --region us-west-2 \
# --project-name java-ddb-ec-release \
# --environment-variables-override name=VERSION,value=<INSERT_VERSION>,type=PLAINTEXT name=COMMIT_ID,value=<INSERT_COMMIT_ID>,type=PLAINTEXT"

env:
secrets-manager:
GPG_KEY: Maven-GPG-Keys-Credentials:Keyname
GPG_PASS: Maven-GPG-Keys-Credentials:Passphrase
SONA_USERNAME: Sonatype-Team-Account:Username
SONA_PASSWORD: Sonatype-Team-Account:Password

phases:
install:
runtime-versions:
java: openjdk8
pre_build:
commands:
- git checkout $COMMIT_ID
- FOUND_VERSION=$(grep version sdk1/pom.xml | head -n 2 | sed -n 's/[ \t]*<version>\(.*\)<\/version>/\1/p')
- |
if expr ${FOUND_VERSION} != ${VERSION}; then
echo "pom.xml version (${FOUND_VERSION}) does not match expected version (${VERSION}), stopping"
exit 1;
fi
- export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
- aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz
- tar -xvf ~/mvn_gpg.tgz -C ~
build:
commands:
- |
mvn deploy \
-Ppublishing \
-DperformRelease \
-Dgpg.homedir="$HOME/mvn_gpg" \
-DautoReleaseAfterClose=true \
-Dgpg.keyname="$GPG_KEY" \
-Dgpg.passphrase="$GPG_PASS" \
-Dsonatype.username="$SONA_USERNAME" \
-Dsonatype.password="$SONA_PASSWORD" \
-s $SETTINGS_FILE
batch:
fast-fail: false
build-graph:
- identifier: release_to_prod
- identifier: validate_prod_release_openjdk8
depend-on:
- release_to_prod
buildspec: codebuild/release/validate-prod.yml
env:
variables:
JAVA_ENV_VERSION: openjdk8
JAVA_NUMERIC_VERSION: 8
image: aws/codebuild/standard:3.0
- identifier: validate_prod_release_openjdk11
depend-on:
- release_to_prod
buildspec: codebuild/release/validate-prod.yml
env:
variables:
JAVA_ENV_VERSION: openjdk11
JAVA_NUMERIC_VERSION: 11
image: aws/codebuild/standard:3.0
- identifier: validate_prod_release_corretto8
depend-on:
- release_to_prod
buildspec: codebuild/release/validate-prod.yml
env:
variables:
JAVA_ENV_VERSION: corretto8
JAVA_NUMERIC_VERSION: 8
image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
- identifier: validate_prod_release_corretto11
depend-on:
- release_to_prod
buildspec: codebuild/release/validate-prod.yml
env:
variables:
JAVA_ENV_VERSION: corretto11
JAVA_NUMERIC_VERSION: 11
image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
91 changes: 91 additions & 0 deletions codebuild/release/release-staging.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,91 @@
version: 0.2
# 'release-staging' is an AWS::CodeBuild::BuildSpec that Stages a release on CodeArtifact and validates the staging using 'validate-staging'
# Command to trigger this codebuild from an authorized command line.
# aws codebuild start-build-batch \
# --region us-west-2 \
# --project-name java-ddb-ec-test-release \
# --environment-variables-override name=VERSION,value=<INSERT_VERSION>,type=PLAINTEXT name=COMMIT_ID,value=<INSERT_COMMIT_ID>,type=PLAINTEXT

env:
variables:
REGION: us-east-1
DOMAIN: crypto-tools-internal
REPOSITORY: java-ddbec-staging
parameter-store:
ACCOUNT: /CodeBuild/AccountId
secrets-manager:
GPG_KEY: Maven-GPG-Keys-Credentials:Keyname
GPG_PASS: Maven-GPG-Keys-Credentials:Passphrase

phases:
install:
runtime-versions:
java: openjdk8
pre_build:
commands:
- git checkout $COMMIT_ID
- FOUND_VERSION=$(grep version sdk1/pom.xml | head -n 2 | sed -n 's/[ \t]*<version>\(.*\)<\/version>/\1/p')
- |
if expr ${FOUND_VERSION} != ${VERSION}; then
echo "pom.xml version (${FOUND_VERSION}) does not match expected version (${VERSION}), stopping"
exit 1;
fi
- export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
- export CODEARTIFACT_TOKEN=$(aws codeartifact get-authorization-token --domain $DOMAIN --domain-owner $ACCOUNT --query authorizationToken --output text --region ${REGION})
- export CODEARTIFACT_REPO_URL=https://${DOMAIN}-${ACCOUNT}.d.codeartifact.${REGION}.amazonaws.com/maven/${REPOSITORY}
- aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz
- tar -xvf ~/mvn_gpg.tgz -C ~
build:
commands:
- |
mvn deploy \
-PpublishingCodeArtifact \
-DperformRelease \
-Dgpg.homedir="$HOME/mvn_gpg" \
-DautoReleaseAfterClose=true \
-Dgpg.keyname="$GPG_KEY" \
-Dgpg.passphrase="$GPG_PASS" \
-Dcodeartifact.token=$CODEARTIFACT_TOKEN \
-DaltDeploymentRepository=codeartifact::default::$CODEARTIFACT_REPO_URL \
-s $SETTINGS_FILE
batch:
fast-fail: false
build-graph:
- identifier: release_to_staging
- identifier: validate_staging_release_openjdk8
depend-on:
- release_to_staging
buildspec: codebuild/release/validate-staging.yml
env:
variables:
JAVA_ENV_VERSION: openjdk8
JAVA_NUMERIC_VERSION: 8
image: aws/codebuild/standard:3.0
- identifier: validate_staging_release_openjdk11
depend-on:
- release_to_staging
buildspec: codebuild/release/validate-staging.yml
env:
variables:
JAVA_ENV_VERSION: openjdk11
JAVA_NUMERIC_VERSION: 11
image: aws/codebuild/standard:3.0
- identifier: validate_staging_release_corretto8
depend-on:
- release_to_staging
buildspec: codebuild/release/validate-staging.yml
env:
variables:
JAVA_ENV_VERSION: corretto8
JAVA_NUMERIC_VERSION: 8
image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
- identifier: validate_staging_release_corretto11
depend-on:
- release_to_staging
buildspec: codebuild/release/validate-staging.yml
env:
variables:
JAVA_ENV_VERSION: corretto11
JAVA_NUMERIC_VERSION: 11
image: aws/codebuild/amazonlinux2-x86_64-standard:3.0
31 changes: 31 additions & 0 deletions codebuild/release/settings.xml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,31 @@
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>codeartifact</id>
<username>aws</username>
<password>${codeartifact.token}</password>
</server>
<server>
<id>sonatype-nexus-staging</id>
<username>${sonatype.username}</username>
<password>${sonatype.password}</password>
</server>
</servers>

<profiles>
<profile>
<id>codeartifact</id>
<repositories>
<repository>
<id>codeartifact</id>
<name>codeartifact</name>
<url>${codeartifact.url}</url> <!-- passed via command line to avoid hardcoding it here -->
</repository>
</repositories>
</profile>
</profiles>

</settings>
18 changes: 18 additions & 0 deletions codebuild/release/validate-prod.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
version: 0.2
# 'validate-prod' is an AWS::CodeBuild::BuildSpec that validates a Sonatype release against the examples

phases:
install:
runtime-versions:
java: $JAVA_ENV_VERSION
pre_build:
commands:
- cd examples
build:
commands:
- |
mvn verify \
-Dcheckstyle.skip \
-Dddbec.version=$VERSION \
-Dmaven.compiler.target=$JAVA_NUMERIC_VERSION \
-Dmaven.compiler.source=$JAVA_NUMERIC_VERSION
35 changes: 35 additions & 0 deletions codebuild/release/validate-staging.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
version: 0.2
# 'validate-staging' is an AWS::CodeBuild::BuildSpec that validates artifacts from CodeArtifact against the examples

env:
variables:
REGION: us-east-1
DOMAIN: crypto-tools-internal
REPOSITORY: java-ddbec-staging
parameter-store:
ACCOUNT: /CodeBuild/AccountId

phases:
install:
commands:
- pip install awscli
runtime-versions:
java: $JAVA_ENV_VERSION
pre_build:
commands:
- export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
- export CODEARTIFACT_TOKEN=$(aws codeartifact get-authorization-token --domain $DOMAIN --domain-owner $ACCOUNT --query authorizationToken --output text --region ${REGION})
- export CODEARTIFACT_REPO_URL=https://${DOMAIN}-${ACCOUNT}.d.codeartifact.${REGION}.amazonaws.com/maven/${REPOSITORY}
- cd examples
build:
commands:
- |
mvn verify \
-Pcodeartifact \
-Dcheckstyle.skip \
-Dddbec.version=$VERSION \
-Dmaven.compiler.target=$JAVA_NUMERIC_VERSION \
-Dmaven.compiler.source=$JAVA_NUMERIC_VERSION \
-Dcodeartifact.token=$CODEARTIFACT_TOKEN \
-Dcodeartifact.url=$CODEARTIFACT_REPO_URL \
-s $SETTINGS_FILE
9 changes: 9 additions & 0 deletions codebuild/static-analysis.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
version: 0.2

phases:
install:
runtime-versions:
java: corretto11
build:
commands:
- mvn com.coveo:fmt-maven-plugin:check

0 comments on commit 4b19168

Please sign in to comment.