Release management build configuration added (openremote#766)

igeeks · Jul 19, 2022 · 4874e89 · 4874e89
1 parent 01c4686
commit 4874e89
Show file tree

Hide file tree

Showing 27 changed files with 440 additions and 92 deletions.
diff --git a/.ci_cd/README.md b/.ci_cd/README.md
@@ -16,7 +16,7 @@ docker image tag updates. The file layout is:
       // Comma separated list of tags to push to openremote/manager docker hub image
       // This can only be used on the main openremote repo (openremote/openremote)
       "distribute": {
-        "tags": "develop"
+        "docker": "develop"
       },
       // Singleton or array of deployments to execute, a deployment consists of (environment and/or managerTag see variables for explanation)
       "deploy": {
@@ -26,7 +26,7 @@ docker image tag updates. The file layout is:
     },
     "master": {
       "distribute": {
-        "tags": "latest"
+        "docker": "latest"
       }
     }
   },
@@ -35,7 +35,8 @@ docker image tag updates. The file layout is:
     // Comma separated list of tags to push to openremote/manager docker hub image $version is replaced with release version
     // This can only be used on the main openremote repo (openremote/openremote)
     "distribute": {
-      "tags": "latest,$version"
+      "docker": "latest,$version",
+      "maven": "$version"
     },
     // Singleton or array of deployments to execute, a deployment consists of (environment and/or managerTag see variables for explanation)
     "deploy": {

diff --git a/.ci_cd/aws/provision_account.sh b/.ci_cd/aws/provision_account.sh
@@ -147,7 +147,10 @@ if [ "$VPCID" == 'None' ]; then
   VPCID=$(aws ec2 create-default-vpc --query "Vpc.VpcId" --output text $ACCOUNT_PROFILE)
 
   # Add IPv6 CIDR
-  IPV6CIDR=$(aws ec2 associate-vpc-cidr-block --amazon-provided-ipv6-cidr-block --ipv6-cidr-block-network-border-group $AWS_REGION --vpc-id $VPCID --query "Ipv6CidrBlockAssociation.Ipv6CidrBlock" --output text $ACCOUNT_PROFILE)
+  aws ec2 associate-vpc-cidr-block --amazon-provided-ipv6-cidr-block --ipv6-cidr-block-network-border-group $AWS_REGION --vpc-id $VPCID $ACCOUNT_PROFILE
+  # Wait a short while for it to be provisioned
+  sleep 10
+  IPV6CIDR=$(aws ec2 describe-vpcs --vpc-ids $VPCID --query "Vpcs[0].Ipv6CidrBlockAssociationSet[0].Ipv6CidrBlock" --output text $ACCOUNT_PROFILE)
 
   # Add IPv6 CIDR to each subnet and add IPv6 route for internet gateway
   SUBNETID1=$(aws ec2 describe-subnets --filter "Name=vpc-id,Values=$VPCID" --query "Subnets[0].[SubnetId]" --output text $ACCOUNT_PROFILE)

diff --git a/.ci_cd/ci_cd.json b/.ci_cd/ci_cd.json
@@ -2,7 +2,7 @@
 	"push": {
 		"master": {
 			"distribute": {
-				"tags": "develop,latest"
+				"docker": "develop,latest"
 			},
 			"deploy": {
 				"managerTag": "develop",
@@ -12,7 +12,8 @@
 	},
 	"release": {
 		"distribute": {
-			"tags": "latest,$version"
+			"docker": "latest,$version",
+      "maven": "$version"
 		},
 		"deploy": {
 			"managerTag": "latest",

diff --git a/.github/workflows/ci_cd.yml b/.github/workflows/ci_cd.yml
@@ -67,7 +67,7 @@ on:
 
   # When a release is published
   release:
-    types: [published]    
+    types: [published]
 
   # Manual trigger
   workflow_dispatch:
@@ -287,7 +287,10 @@ jobs:
                   os.system(f"echo 'Outputting manifest info for tag: {key}'")
                   os.system(f"docker manifest inspect openremote/manager:{key} > ~/manager-tags-new/{key}")
               os.system("echo 'Tag manifests generated:'")
-              os.system("find ~/manager-tags-new")        
+              os.system("find ~/manager-tags-new")
+        env:
+          EVENT_NAME: ${{ github.event_name }}
+          REF_NAME: ${{ github.ref_name }}
 
       - name: Load manager tag cache
         if: ${{ steps.check_cicd_json.outputs.files_exists == 'true' && github.event_name == 'schedule' }}
@@ -312,7 +315,8 @@ jobs:
           refName = os.getenv('REF_NAME')
           isMainRepo = os.getenv('IS_MAIN_REPO')
           deploys = None
-          tags = None
+          dockerPublishTags = None
+          mavenPublishTag = None
           deployEnvironment = None
           
           f = open(".ci_cd/ci_cd.json")
@@ -361,25 +365,33 @@ jobs:
               eventConfig = eventConfig[refName]
               if eventConfig is not None:
                 deploys = eventConfig['deploy'] if 'deploy' in eventConfig else None
-                if 'distribute' in eventConfig and 'tags' in eventConfig['distribute']:
-                  tags = eventConfig['distribute']['tags']
+                if 'distribute' in eventConfig and 'docker' in eventConfig['distribute']:
+                  dockerPublishTags = eventConfig['distribute']['docker']
 
             elif eventName == "release" and refName in eventConfig:
 
               eventConfig = eventConfig[refName]
               if eventConfig is not None:
                 deploys = eventConfig['deploy'] if 'deploy' in eventConfig else {}
-                if 'distribute' in eventConfig and 'tags' in eventConfig['distribute']:
-                  tags = eventConfig['distribute']['tags']
+                if 'distribute' in eventConfig:
+                  if 'docker' in eventConfig['distribute']:
+                     dockerPublishTags = eventConfig['distribute']['docker']
+                  if 'maven' in eventConfig['distribute']:
+                     mavenPublishTag = eventConfig['distribute']['maven']
              
-          if tags is not None and isMainRepo == 'true':
-            tags = tags.replace("$version", refName)
-            firstTag = tags.split(",")[0]
-            os.system(f"echo ::set-output name=firstTag::{firstTag}")
-            os.system(f" echo 'Manager tags to push to docker: {tags}'")
-            tags = " ".join(map(lambda t: f"-t openremote/manager:{t.strip()}", tags.split(",")))
-            os.system(f"echo ::set-output name=tags::{tags}")
-                  
+          if dockerPublishTags is not None and isMainRepo == 'true':
+            dockerPublishTags = dockerPublishTags.replace("$version", refName)
+            firstDockerTag = dockerPublishTags.split(",")[0]
+            os.system(f"echo ::set-output name=firstDockerTag::{firstDockerTag}")
+            os.system(f" echo 'Manager tags to push to docker: {dockerPublishTags}'")
+            dockerPublishTags = " ".join(map(lambda t: f"-t openremote/manager:{t.strip()}", dockerPublishTags.split(",")))
+            os.system(f"echo ::set-output name=dockerTags::{dockerPublishTags}")
+          
+          if mavenPublishTag is not None and isMainRepo == 'true':
+            mavenPublishTag = mavenPublishTag.replace("$version", refName)
+            os.system(f" echo 'Maven publish version: {mavenPublishTag}'")
+            os.system(f"echo ::set-output name=mavenTag::{mavenPublishTag}")
+          
           deployStr = None
           if deploys is not None:
             if not isinstance(deploys, list):
@@ -471,12 +483,26 @@ jobs:
           echo "::set-output name=buildPath::$buildPath"
           echo "::set-output name=refTag::$commitShaShort"
         env:
-          FIRST_MANAGER_TAG: ${{ steps.ci-cd-output.outputs.firstTag }}
-          MANAGER_TAGS: ${{ steps.ci-cd-output.outputs.tags }}
+          FIRST_MANAGER_TAG: ${{ steps.ci-cd-output.outputs.firstDockerTag }}
+          MANAGER_TAGS: ${{ steps.ci-cd-output.outputs.dockerTags }}
           DEPLOYMENTS: ${{ steps.deployments.outputs.value }}
           IS_CUSTOM_PROJECT: ${{ steps.check_custom_project.outputs.files_exists }}
           TEST_UI_CMD: ${{ steps.test-ui-command.outputs.value }}
-
+
+      - name: Define maven publish command
+        id: maven-publish-command
+        if: ${{ steps.ci-cd-output.outputs.mavenTag != '' }}
+        shell: bash
+        run: |
+          command="./gradlew publish -PopenremoteVersion=$MAVEN_TAG -PsigningKey=$SIGNING_KEY -PsigningPassword=$SIGNING_PASSWORD -PpublishUsername=$MAVEN_USERNAME -P$MAVEN_PASSWORD"
+          echo "::set-output name=value::$command"
+        env:
+          MAVEN_TAG: ${{ steps.ci-cd-output.outputs.mavenTag }}
+          SIGNING_PASSWORD: ${{ steps.inputs-and-secrets.outputs._TEMP_SIGNING_PASSWORD }}
+          SIGNING_KEY: ${{ steps.inputs-and-secrets.outputs._TEMP_SIGNING_KEY }}
+          MAVEN_USERNAME: ${{ steps.inputs-and-secrets.outputs._TEMP_MAVEN_USERNAME }}
+          MAVEN_PASSWORD: ${{ steps.inputs-and-secrets.outputs._TEMP_MAVEN_PASSWORD }}
+
       - name: Define deployment docker build command
         id: deployment-docker-command
         shell: bash
@@ -508,13 +534,14 @@ jobs:
         shell: bash
         run: |
           if [ -n "$MANAGER_DOCKER_CMD" ]; then
-            echo "::set-output name=value::./gradlew installDist"
+            echo "::set-output name=value::./gradlew installDist -PopenremoteVersion=$REF_NAME"
           elif [ -n "$DEPLOYMENT_DOCKER_CMD" ]; then
             echo "::set-output name=value::./gradlew -p deployment installDist"
           fi
         env:
           MANAGER_DOCKER_CMD: ${{ steps.manager-docker-command.outputs.value }}
           DEPLOYMENT_DOCKER_CMD: ${{ steps.deployment-docker-command.outputs.value }}
+          REF_NAME: ${{ github.ref_name }}
 
       - name: Login to DockerHub
         if: ${{ steps.manager-docker-command.outputs.pushRequired == 'true' }}
@@ -576,6 +603,7 @@ jobs:
           echo 'Test backend command: ${{ steps.test-backend-command.outputs.value }}'
           echo 'Test UI command: ${{ steps.test-ui-command.outputs.value }}'
           echo 'Manager docker build command: ${{ steps.manager-docker-command.outputs.value }}'
+          echo 'Maven publish command: ${{ steps.maven-publish-command.outputs.value }}'
           echo 'Deployment docker build command: ${{ steps.deployment-docker-command.outputs.value }}'
           echo 'InstallDist command: ${{ steps.install-command.outputs.value }}'
           echo "Java version: $(java --version)"
@@ -693,10 +721,14 @@ jobs:
         run: |
           ${{ steps.manager-docker-command.outputs.value }}
 
+      - name: Run maven publish command
+        if: steps.maven-publish-command.outputs.value != ''
+        run: |
+          ${{ steps.maven-publish-command.outputs.value }}
+
       - name: Run frontend tests
         if: steps.test-ui-command.outputs.value != ''
-        run: |
-          
+        run: |          
           composeProfile='profile/dev-ui.yml'
           
           if [ $IS_CUSTOM_PROJECT == 'true' ]; then

diff --git a/LICENSE.txt b/LICENSE.txt
@@ -29,7 +29,6 @@ com.fasterxml.jackson.jaxrs:*: APACHE LICENSE, VERSION 2.0
 com.fasterxml:classmate: APACHE LICENSE, VERSION 2.0
 com.google.code.findbugs: GNU LESSER GENERAL PUBLIC LICENSE, VERSION 3
 com.google.errorprone:error_prone_annotations: APACHE LICENSE, VERSION 2.0
-com.google.guava:*: APACHE LICENSE, VERSION 2.0
 com.ning:async-http-client: APACHE LICENSE, VERSION 2.0
 com.sun.xml.bind:*: GNU GENERAL PUBLIC LICENSE, VERSION 2.0 WITH CLASSPATH EXCEPTION
 com.zaxxer:HikariCP: APACHE LICENSE, VERSION 2.0

diff --git a/agent/build.gradle b/agent/build.gradle
@@ -1,5 +1,7 @@
 apply plugin: "java-library"
 apply plugin: "groovy"
+apply plugin: "maven-publish"
+apply plugin: "signing"
 
 dependencies {
 
@@ -46,3 +48,66 @@ dependencies {
 jar {
     archivesBaseName = "openremote-${project.name}"
 }
+
+javadoc {
+    failOnError = false
+}
+
+java {
+    withJavadocJar()
+    withSourcesJar()
+}
+
+publishing {
+    publications {
+        maven(MavenPublication) {
+            group = "io.openremote"
+            artifactId = "openremote-${project.name}"
+            from components.java
+            pom {
+                name = 'OpenRemote Agent'
+                description = 'Provides agent SPI and built in agents; add maven {url "https://jitpack.io"} and maven {url "https://repo.osgeo.org/repository/release/"} and maven {url "https://pkgs.dev.azure.com/OpenRemote/OpenRemote/_packaging/OpenRemote/maven/v1"} to resolve all dependencies'
+                url = 'https://github.com/openremote/openremote'
+                licenses {
+                    license {
+                        name = 'GNU Affero General Public License v3.0'
+                        url = 'https://www.gnu.org/licenses/agpl-3.0.en.html'
+                    }
+                }
+                developers {
+                    developer {
+                        id = 'developers'
+                        name = 'Developers'
+                        email = 'developers@openremote.io'
+                        organization = 'OpenRemote'
+                        organizationUrl = 'https://openremote.io'
+                    }
+                }
+                scm {
+                    connection = 'scm:git:git://github.com/openremote/openremote.git'
+                    developerConnection = 'scm:git:ssh://github.com:openremote/openremote.git'
+                    url = 'https://github.com/openremote/openremote/tree/master'
+                }
+            }
+        }
+    }
+
+    repositories {
+        maven {
+            if (!version.endsWith('-LOCAL')) {
+                credentials {
+                    username findProperty("publishUsername")
+                    password findProperty("publishPassword")
+                }
+            }
+            url = version.endsWith('-LOCAL') ? layout.buildDirectory.dir('repo') : version.endsWith('-SNAPSHOT') ? findProperty("snapshotsRepoUrl") : findProperty("releasesRepoUrl")
+        }
+    }
+}
+
+signing {
+    def signingKey = findProperty("signingKey")
+    def signingPassword = findProperty("signingPassword")
+    useInMemoryPgpKeys(signingKey, signingPassword)
+    sign publishing.publications.maven
+}
diff --git a/agent/src/main/java/org/openremote/agent/protocol/tradfri/util/CoapClient.java b/agent/src/main/java/org/openremote/agent/protocol/tradfri/util/CoapClient.java
@@ -10,9 +10,11 @@
 import org.eclipse.californium.core.network.CoapEndpoint;
 import org.eclipse.californium.core.network.Endpoint;
 import org.eclipse.californium.core.network.EndpointManager;
+import org.eclipse.californium.elements.config.Configuration;
 import org.eclipse.californium.scandium.DTLSConnector;
 import org.eclipse.californium.scandium.config.DtlsConnectorConfig;
-import org.eclipse.californium.scandium.dtls.pskstore.InMemoryPskStore;
+import org.eclipse.californium.scandium.dtls.pskstore.AdvancedSinglePskStore;
+import org.eclipse.californium.scandium.util.SecretUtil;
 import org.openremote.model.util.ValueUtil;
 
 import java.io.IOException;
@@ -66,15 +68,14 @@ public void setCredentials(Credentials credentials){
      */
     private void updateDtlsConnector() throws IOException {
         if(dtlsEndpoint != null) dtlsEndpoint.destroy();
-        DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder();
+        DtlsConnectorConfig.Builder builder = new DtlsConnectorConfig.Builder(new Configuration());
         builder.setAddress(new InetSocketAddress(0));
-        InMemoryPskStore pskStore = new InMemoryPskStore();
-        pskStore.addKnownPeer(new InetSocketAddress(ApiEndpoint.getGatewayIp(), 5684),
-                credentials.getIdentity(),
-                credentials.getKey().getBytes());
-        builder.setPskStore(pskStore);
+        AdvancedSinglePskStore pskStore = new AdvancedSinglePskStore(
+            credentials.getIdentity(),
+            SecretUtil.create(credentials.getKey().getBytes(), "PSK"));
+        builder.setAdvancedPskStore(pskStore);
 
-        DTLSConnector dtlsconnector = new DTLSConnector(builder.build(), null);
+        DTLSConnector dtlsconnector = new DTLSConnector(builder.build());
         CoapEndpoint.Builder endpointBuilder = new CoapEndpoint.Builder();
         endpointBuilder.setConnector(dtlsconnector);