-
Notifications
You must be signed in to change notification settings - Fork 102
/
Copy path.gitlab-ci.yml
80 lines (61 loc) · 2.21 KB
/
.gitlab-ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
stages:
- deploy_to_sonatype
- create_key
variables:
REGISTRY: 486234852809.dkr.ecr.us-east-1.amazonaws.com
# From the tagged repo, push the release artifact
deploy_to_sonatype:
stage: deploy_to_sonatype
rules:
# All releases are manual
- when: manual
allow_failure: true
tags:
- "runner:docker"
image: maven:3.6.3-jdk-8-slim
script:
# Ensure we don't print commands being run to the logs during credential
# operations
- set +x
- echo "Installing AWSCLI..."
- apt update
- apt install -y python3 python3-pip
- python3 -m pip install awscli
- echo "Fetching Sonatype user..."
- export SONATYPE_USER=$(aws ssm get-parameter --region us-east-1 --name ci.java-dogstatsd-client.publishing.sonatype_username --with-decryption --query "Parameter.Value" --out text)
- echo "Fetching Sonatype password..."
- export SONATYPE_PASS=$(aws ssm get-parameter --region us-east-1 --name ci.java-dogstatsd-client.publishing.sonatype_password --with-decryption --query "Parameter.Value" --out text)
- echo "Fetching signing key password..."
- export GPG_PASSPHRASE=$(aws ssm get-parameter --region us-east-1 --name ci.java-dogstatsd-client.signing.gpg_passphrase --with-decryption --query "Parameter.Value" --out text)
- echo "Fetching signing key..."
- gpg_key=$(aws ssm get-parameter --region us-east-1 --name ci.java-dogstatsd-client.signing.gpg_private_key --with-decryption --query "Parameter.Value" --out text)
- printf -- "$gpg_key" | gpg --import --batch
- set -x
- echo "Building release..."
- mvn -DperformRelease=true --settings ./settings.xml clean deploy
artifacts:
expire_in: 6 mos
paths:
- ./target/*.jar
- ./target/*.pom
- ./target/*.asc
- ./target/*.md5
- ./target/*.sha1
- ./target/*.sha256
- ./target/*.sha512
# This job creates the GPG key used to sign the releases
create_key:
stage: create_key
when: manual
tags:
- "runner:docker"
image: $REGISTRY/ci/agent-key-management-tools/gpg:1
variables:
PROJECT_NAME: "java-dogstatsd-client"
EXPORT_TO_KEYSERVER: "false"
script:
- /create.sh
artifacts:
expire_in: 13 mos
paths:
- ./pubkeys/