-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy path.gitlab-ci.yml
77 lines (64 loc) · 2.51 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
stages:
- deploy_to_sonatype
- create_key
variables:
REGISTRY: 486234852809.dkr.ecr.us-east-1.amazonaws.com
# From the tagged repo, push the release artifact
deploy_to_sonatype:
stage: deploy_to_sonatype
rules:
# All releases are manual
- when: manual
allow_failure: true
tags:
- "runner:docker"
image: openjdk:8
script:
# Ensure we don't print commands being run to the logs during credential
# operations
- set +x
- echo "Installing AWSCLI..."
- apt update
- apt install -y openjdk-11-jdk python3 python3-pip
- python3 -m pip install awscli
- echo "Fetching Sonatype user..."
- export SONATYPE_USER=$(aws ssm get-parameter --region us-east-1 --name ci.dd-javac-plugin.publishing.sonatype_username --with-decryption --query "Parameter.Value" --out text)
- echo "Fetching Sonatype password..."
- export SONATYPE_PASS=$(aws ssm get-parameter --region us-east-1 --name ci.dd-javac-plugin.publishing.sonatype_password --with-decryption --query "Parameter.Value" --out text)
- echo "Fetching GPG private key..."
- export GPG_PRIVATE_KEY=$(aws ssm get-parameter --region us-east-1 --name ci.dd-javac-plugin.signing.gpg_private_key --with-decryption --query "Parameter.Value" --out text)
- echo "Fetching GPG password..."
- export GPG_PASSWORD=$(aws ssm get-parameter --region us-east-1 --name ci.dd-javac-plugin.signing.gpg_passphrase --with-decryption --query "Parameter.Value" --out text)
- set -x
- echo "Building release..."
- ./gradlew build publishToSonatype closeSonatypeStagingRepository --max-workers=1 --build-cache --stacktrace --no-daemon
artifacts:
expire_in: 12 mos
paths:
- build/libs/*.jar
- build/libs/*.asc
- build/publications/maven/*.json
- build/publications/maven/*.xml
- build/publications/maven/*.asc
- dd-javac-plugin-client/build/libs/*.jar
- dd-javac-plugin-client/build/libs/*.asc
- dd-javac-plugin-client/build/publications/maven/*.json
- dd-javac-plugin-client/build/publications/maven/*.xml
- dd-javac-plugin-client/build/publications/maven/*.asc
# This job creates the GPG key used to sign the releases
create_key:
stage: create_key
when: manual
needs: [ ]
tags: [ "runner:docker", "size:large" ]
variables:
PROJECT_NAME: "dd-javac-plugin"
EXPORT_TO_KEYSERVER: "true"
image: $REGISTRY/ci/agent-key-management-tools/gpg:1
script:
- mkdir pubkeys
- /create.sh
artifacts:
expire_in: 13 mos
paths:
- pubkeys