opendev/gerrit
Code Issues Proposed changes
gerrit/Documentation/dev-release-deploy-config.txt
Dave Borowitz 1d23e19f87 Remove gwtjsonrpc library dependency 
We no longer use GWT at all so this dep is not really appropriate. All
necessary code has been copied into Gerrit core.

Change-Id: I5e81f0c8fc37710101395301706bc7c3e09eeaec
2018-12-19 10:13:09 -08:00

184 lines
5.5 KiB
Plaintext
Raw Blame History

= Deploy Gerrit Artifacts
[[deploy-configuration-setting-maven-central]]
== Deploy Configuration settings for Maven Central
Some Gerrit artifacts (e.g. the Gerrit WAR file, the Gerrit Plugin API
and the Gerrit Extension API) are published on Maven Central in the
`com.google.gerrit` repository.
To be able to publish artifacts to Maven Central some preparations must
be done:
* Create an account on
link:https://issues.sonatype.org/secure/Signup!default.jspa[Sonatype's Jira].
+
Sonatype is the company that runs Maven Central and you need a Sonatype
account to be able to upload artifacts to Maven Central.
* Configure your Sonatype user and password in `~/.m2/settings.xml`:
+
----
<server>
<id>sonatype-nexus-staging</id>
<username>USER</username>
<password>PASSWORD</password>
</server>
----
* Request permissions to upload artifacts to the `com.google.gerrit`
repository on Maven Central:
+
Ask for this permission by adding a comment on the
link:https://issues.sonatype.org/browse/OSSRH-7392[OSSRH-7392] Jira
ticket at Sonatype.
+
The request needs to be approved by someone who already has this
permission by commenting on the same issue.
* Generate and publish a PGP key
+
A PGP key is needed to be able to sign the release artifacts before
the upload to Maven Central, and to sign the release announcement email.
+
Generate and publish a PGP key as described in
link:http://central.sonatype.org/pages/working-with-pgp-signatures.html[
Working with PGP Signatures]. In addition to the keyserver mentioned
there it is recommended to also publish the key to the
link:https://keyserver.ubuntu.com/[Ubuntu key server].
+
Please be aware that after publishing your public key it may take a
while until it is visible to the Sonatype server.
+
Add an entry for the public key in the
link:https://gerrit.googlesource.com/homepage/+/md-pages/releases/public-keys.md[key list]
on the homepage.
+
The PGP passphrase can be put in `~/.m2/settings.xml`:
+
----
<settings>
<profiles>
<profile>
<id>gpg</id>
<properties>
<gpg.executable>gpg2</gpg.executable>
<gpg.passphrase>mypassphrase</gpg.passphrase>
</properties>
</profile>
</profiles>
<activeProfiles>
<activeProfile>gpg</activeProfile>
</activeProfiles>
</settings>
----
+
It can also be included in the key chain on OS X.
[[deploy-configuration-settings-xml]]
== Deploy Configuration in Maven `settings.xml`
Gerrit Subproject Artifacts are stored on
link:https://developers.google.com/storage/[Google Cloud Storage].
Via the link:https://console.developers.google.com/project/164060093628[Developers Console] the
Gerrit maintainers have access to the `Gerrit Code Review` project.
This projects host several buckets for storing Gerrit artifacts:
* `gerrit-api`:
+
Bucket to store the Gerrit Extension API Jar and the Gerrit Plugin API
Jar.
* `gerrit-maven`:
+
Bucket to store Gerrit Subproject Artifacts (e.g. `gwtorm` etc.).
To upload artifacts to a bucket the user must authenticate with a
username and password. The username and password need to be retrieved
from the link:https://console.cloud.google.com/storage/settings?project=api-project-164060093628[
Storage Setting in the Google Cloud Platform Console]:
Select the `Interoperability` tab, and if no keys are listed under
`Interoperable storage access keys`, select 'Create a new key'.
Using `Access Key` as username and `Secret` as the password, add the
configuration in the `~/.m2/settings.xml` file to make the credentials
known to Maven:
----
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>gerrit-api-repository</id>
<username>GOOG..EXAMPLE.....EXAMPLE</username>
<password>EXAMPLE..EXAMPLE..EXAMPLE</password>
</server>
<server>
<id>gerrit-maven-repository</id>
<username>GOOG..EXAMPLE.....EXAMPLE</username>
<password>EXAMPLE..EXAMPLE..EXAMPLE</password>
</server>
<server>
<id>gerrit-plugins-repository</id>
<username>GOOG..EXAMPLE.....EXAMPLE</username>
<password>EXAMPLE..EXAMPLE..EXAMPLE</password>
</server>
</servers>
</settings>
----
[[deploy-configuration-subprojects]]
=== Gerrit Subprojects
* You will need to have the following in the `pom.xml` to make it
deployable to the `gerrit-maven` storage bucket:
----
<distributionManagement>
<repository>
<id>gerrit-maven-repository</id>
<name>Gerrit Maven Repository</name>
<url>gs://gerrit-maven</url>
<uniqueVersion>true</uniqueVersion>
</repository>
</distributionManagement>
----
[NOTE]
In case of JGit the `pom.xml` already contains a `distributionManagement`
section. To deploy the artifacts to the `gerrit-maven` repository, replace
the existing `distributionManagement` section with this snippet.
* Add these two snippets to the `pom.xml` to enable the wagon provider:
----
<pluginRepositories>
<pluginRepository>
<id>gerrit-maven</id>
<url>https://gerrit-maven.commondatastorage.googleapis.com</url>
</pluginRepository>
</pluginRepositories>
----
----
<build>
<extensions>
<extension>
<groupId>com.googlesource.gerrit</groupId>
<artifactId>gs-maven-wagon</artifactId>
<version>3.3</version>
</extension>
</extensions>
</build>
----
GERRIT
------
Part of link:index.html[Gerrit Code Review]
SEARCHBOX
---------
View Git Blame Copy Permalink