Migrating to Sonatype OSSRH from JCenter (#968)

Fixes #697 This change replaces JCenter with Sonatype OSSRH for snapshot and release management. To complete this change, we will need to add additional information to Travis, specifically the GPG information to sign the artifacts during a release. It's my opinion that those values should be in Travis directly and not here in this repository. I'm open to other suggestions and feedback on this approach. Additional changes include: * Updating BOM template to include SCM per OSSRH rules. * Removed Bintray and GitHub credentials, they are no longer needed. * Adding GPG Signing Values * Code Signing Paths
5 years ago · 29df3e40bf
7 changed files with 77 additions and 63 deletions
--- a/.travis.yml
+++ b/.travis.yml
@ -10,54 +10,21 @@ jdk:
				@@ -10,54 +10,21 @@ jdk:
  - openjdk8
  - openjdk11

-before_install:
-  # Parameters used during release
-  - git config user.name "$GH_USER"
-  - git config user.email "$GH_USER_EMAIL"
-  # setup https authentication credentials, used by ./mvnw release:prepare
-  - git config credential.helper "store --file=.git/credentials"
-  - echo "https://$GH_TOKEN:@github.com" > .git/credentials
+before_install: ./travis/sign.sh

 jobs:
  include:
    - stage: snapshot
-      name: "Deploy Snapshot to JCenter"
+      name: "Deploy Snapshot to OSSRH"
      if: branch = master AND type != pull_request AND commit_message !~ /^(prepare release ([0-9\.]+))$/
      jdk: openjdk8
      install: true
      script:
        - ./mvnw -B -nsu -s ./travis/settings.xml -P release -pl -:feign-benchmark -DskipTests=true deploy
    - stage: release
-      name: "Release to JCenter"
+      name: "Release to OSSRH and Central"
      if: tag =~ /^[0-9\.]+$/
      jdk: openjdk8
      install: true
      script:
-        - ./mvnw -B -nsu -s ./travis/settings.xml -P release -pl -:feign-benchmark -DskipTests=true deploy
-    - stage: sync
-      name: "Sync with Maven Central"
-      if: tag =~ /^[0-9\.]+$/
-      jdk: openjdk8
-      install: true
-      script:
-        # this step can take an inordinate amount of time, so the wait should push it to 30 minutes
-        - travis_wait 30 ./mvnw -B -nsu -s ./travis/settings.xml -N io.zipkin.centralsync-maven-plugin:centralsync-maven-plugin:sync
-
-env:
-  global:
-    # Ex. travis encrypt BINTRAY_USER=your_github_account
-    - secure: "VeTOgXwhZLf8uwlnYpB9tuY+NV6kiooRN0FMDoWCXuPPSz/tX2mqmshBXDYsJu0EcRtZb21MkbQwbdJ8Th9K/bvj4sGNK1PrBm9Hmz6e2AvAcxn3ROv86GMTkd7O25OsipTT+/qWrbR3s3lHQxYo5WMsrlEmJ/EF5y5Go5wx90c="
-    # Ex. travis encrypt BINTRAY_KEY=xxx-https://bintray.com/profile/edit-xxx --add
-    - secure: "WND+fjAqpdHArSbXAK7l0dpQLrX0hL/XymV02rhe0pVT1g0J1V32ncqDCVnn/73wTiECTen6y3o1vq3ByIdT9tUErt3o8oEROQsI/cVX9IhvJ/DtcW1lqafXKmQZwDQsifVxhKroW1VuZQbGrKnqVUzfqx5OzxgoNVWpkkxhf50="
-    # Ex. travis encrypt GH_USER_EMAIL=for_github@domain.com --add
-    - secure: "dG1Qt8bqe3TsmLOmYpWYsI55N0zLWCsupdpS7zMOedpM2q0laac56uc2gGV6qQIPdJQdCWzr9CE/h1nG4lJdJfreC13reQ3PDF79Yh8tMvdO1iwrSeIQ7eeRY6hs72GUtdIhfwetUgwCgIJpmBHS7O3yJhxQAOmu5twAuABiuSE="
-    # Ex. travis encrypt GH_USER=your_github_account --add
-    - secure: "DY28uU8wadasLCWSpl6KJyilGAAjSKzr3VPQ8by02eLDaAgCVq5KeYM0tjM804Rzhq3bjcXofaldj9QpWNTYC5SL6IIN5I5W+dWIZ8JzZ/rjOZgtJMMr4zcjOc5set9MsTUirB694m3c8bzhQZkah9YwUa/OuX1D8Ym/806igsE="
-    # Ex. travis encrypt GH_TOKEN=XXX-https://github.com/settings/tokens-XXX --add
-    - secure: "NmydUhuJLZ/Eg0cpCz6eZiYvsLHtSYrLIAOT2VHfUdzl/Q3PGXoodTpTqRkW7Uuj5lSYYw6cQnhiTly2dvomQYj+es5hSfIzFLvlF0x7L+aFX2IySJhn2Cg8tp5H0hn2UL8t6jDfmdJrLwGKT6EsiXYIgt4dPWJ7ZZ1SRDFp2Cg="
-    # Ex. travis encrypt SONATYPE_USER=your_sonatype_account
-    - secure: "ONAU76S0WBGcQGf0mr7KxKQjFvhhu73GNuQG8j47pxhJojNlNpWBbu+EGkgaInWKMtO89iBtpicVlXZc06HtbSqv7L93gbMo+xgp5daLlQg4gocDixjB1I2oPPITFFoztu76nOA1IBWRLTKu+w+Y2tKOmzWm+5v2UKD6fz7SYoo="
-    # Ex. travis encrypt SONATYPE_PASSWORD=your_sonatype_password
-    - secure: "UaVTxnw8klS36WLAdcmubqrHIgS4o5NcIqQMPIihk0tv3VEvCJSGvc2b7EPyQZMvm5TR3mXq5IJUAHp8j3seAHfYWmLIZWzvn7Y5mLRw8Kh9up7GzXl8Idui0AEHAAL2mfvE9smlOKPS5D13LKc6tOGFER66itHW3Jg1QoijDmQ="
-    # Ex. travis encrypt GITHUB_TOKEN=token_for_tests
-    - secure: "H4PuppuPE3lkvVQ1osulhgWeZmpIkDKj/z74lx4MUeDPNtcuqpwmTVWtL5Zyjf8CxlALX2djx4RIBshaQAu4GtKarPLONinNLZ/TCtoK8dF08/ESxLEiLQzwGkS+geWoEFiZncB5Px2T7ZbUfVFO3crVY9CLn35znR8k1uidocL0JlyVPGwCwuBxFmDhs3BZh3JvbwSikAVRvlCRU6BbREFQbSK1EamuUju/rlo+dx7W5tiiuEJJ50c8vpgatTFyy821YP82fMRrhuBDpS4/rsL9DmLhQTEbCjZW+22DhEFPRlo0XIfidC7APybXnu3oO+jFuGaFKiQdy7sjB03g/Bz5H7jAIAkbl8UpbjN+IoeUU/OgMuBYf5wJjPDYUEdI3CXqywPn0xYZwVsOcSg+UkQGYdW9ux/U+nKsYLXLWWhst2QMFzbmO94KCrpgCW4mshr/5WP4XU6cEJwDsKMAUPWuOk0KMMjIufSgvPvteWZwT9akZwzEMuGaUQ5kLr1X6xTPv1cKXTreitaoOLQs28kmPVfTwVEdareaSVXcRqeflJJBSXkAgBqGhV5CAEUaUgt9/QD0Jj5RGyRPllFcydXVLTPeg62X/L5COswlvJhPkvfNnkbMpDQZYojKKPmAf+UqZJmVYPpOoNEXygldueKeunWkna/wYkMj0YnOkM8="
+        - ./mvnw -B -nsu -s ./travis/settings.xml -P release -pl -:feign-benchmark -DskipTests=true deploy
--- a/mvnw.cmd
+++ b/mvnw.cmd
@ -117,11 +117,11 @@ for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do s
				@@ -117,11 +117,11 @@ for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do s
 :endReadAdditionalConfig

 SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe"
-
-set WRAPPER_JAR=""%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar""
+
+set WRAPPER_JAR=""%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar""
 set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain

-# avoid using MAVEN_CMD_LINE_ARGS below since that would loose parameter escaping in %*
+@rem avoid using MAVEN_CMD_LINE_ARGS below since that would loose parameter escaping in %*
 %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %*
 if ERRORLEVEL 1 goto error
 goto end
--- a/pom.xml
+++ b/pom.xml
@ -90,6 +90,7 @@
				@@ -90,6 +90,7 @@
    <bom.template.file.path>file://${project.basedir}/src/config/bom.xml</bom.template.file.path>
    <maven-scm-plugin.version>1.11.2</maven-scm-plugin.version>
    <maven-versions-plugin.version>2.7</maven-versions-plugin.version>
+    <maven-gpg-plugin.version>1.6</maven-gpg-plugin.version>
  </properties>
  <url>https://github.com/openfeign/feign</url>
  <inceptionYear>2012</inceptionYear>
@ -140,12 +141,12 @@
				@@ -140,12 +141,12 @@

  <distributionManagement>
    <repository>
-      <id>bintray</id>
-      <url>https://api.bintray.com/maven/openfeign/maven/feign/;publish=1</url>
+      <id>ossrh</id>
+      <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
    </repository>
    <snapshotRepository>
-      <id>jfrog-snapshots</id>
-      <url>http://oss.jfrog.org/artifactory/oss-snapshot-local</url>
+      <id>ossrh</id>
+      <url>https://oss.sonatype.org/content/repositories/snapshots</url>
    </snapshotRepository>
  </distributionManagement>

@ -320,7 +321,6 @@
				@@ -320,7 +321,6 @@
        <version>${slf4j.version}</version>
      </dependency>

-
    </dependencies>
  </dependencyManagement>

@ -617,6 +617,17 @@
				@@ -617,6 +617,17 @@
          <tag>${project.version}</tag>
        </configuration>
      </plugin>
+      <plugin>
+        <groupId>org.sonatype.plugins</groupId>
+        <artifactId>nexus-staging-maven-plugin</artifactId>
+        <version>1.6.8</version>
+        <extensions>true</extensions>
+        <configuration>
+          <serverId>ossrh</serverId>
+          <nexusUrl>https://oss.sonatype.org/</nexusUrl>
+          <autoReleaseAfterClose>true</autoReleaseAfterClose>
+        </configuration>
+      </plugin>
    </plugins>
  </build>

@ -719,6 +730,20 @@
				@@ -719,6 +730,20 @@
              </execution>
            </executions>
          </plugin>
+          <plugin>
+            <groupId>org.apache.maven.plugins</groupId>
+            <artifactId>maven-gpg-plugin</artifactId>
+            <version>${maven-gpg-plugin.version}</version>
+            <executions>
+              <execution>
+                <id>sign-artifacts</id>
+                <goals>
+                  <goal>sign</goal>
+                </goals>
+                <phase>verify</phase>
+              </execution>
+            </executions>
+          </plugin>
        </plugins>
      </build>
    </profile>
--- a/src/config/bom.xml
+++ b/src/config/bom.xml
@ -39,6 +39,13 @@
				@@ -39,6 +39,13 @@
  </licenses>
  #end

+  <scm>
+    <url>https://github.com/openfeign/feign</url>
+    <connection>scm:git:https://github.com/openfeign/feign.git</connection>
+    <developerConnection>scm:git:https://github.com/openfeign/feign.git</developerConnection>
+    <tag>HEAD</tag>
+  </scm>
+
 #if ($model.developers && !$model.developers.isEmpty())
  <developers>#foreach($d in $model.developers)

--- a/travis/codesigning.asc.enc
+++ b/travis/codesigning.asc.enc
--- a/travis/settings.xml
+++ b/travis/settings.xml
@ -14,30 +14,28 @@
				@@ -14,30 +14,28 @@

 -->
 <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
-      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-      xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
                          http://maven.apache.org/xsd/settings-1.0.0.xsd">
  <servers>
    <server>
-      <id>sonatype</id>
+      <id>ossrh</id>
      <username>${env.SONATYPE_USER}</username>
      <password>${env.SONATYPE_PASSWORD}</password>
    </server>
-    <server>
-      <id>bintray</id>
-      <username>${env.BINTRAY_USER}</username>
-      <password>${env.BINTRAY_KEY}</password>
-    </server>
-    <server>
-      <id>jfrog-snapshots</id>
-      <username>${env.BINTRAY_USER}</username>
-      <password>${env.BINTRAY_KEY}</password>
-    </server>
-    <server>
-      <id>github.com</id>
-      <username>${env.GH_USER}</username>
-      <password>${env.GH_TOKEN}</password>
-    </server>
  </servers>
+  <profiles>
+    <profile>
+      <id>ossrh</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <properties>
+        <gpg.executable>gpg</gpg.executable>
+        <gpg.keyname>${env.GPG_KEYNAME}</gpg.keyname>
+        <gpg.passphrase>${env.GPG_PASSPHRASE}</gpg.passphrase>
+      </properties>
+    </profile>
+  </profiles>
 </settings>

--- a/travis/sign.sh
+++ b/travis/sign.sh
@ -0,0 +1,17 @@
				@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+#
+# Copyright 2012-2019 The Feign Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
+# in compliance with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software distributed under the License
+# is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+# or implied. See the License for the specific language governing permissions and limitations under
+# the License.
+#
+
+openssl aes-256-cbc -K $encrypted_8beb152aadd6_key -iv $encrypted_8beb152aadd6_iv -in travis/codesigning.asc.enc -out travis/codesigning.asc -d
+gpg --fast-import travis/codesigning.asc