Upgrade to sbt-gpg and GnuPG 2+ #5423
Conversation
- Replace usage of `sbt-release` with direct invocations of `sbt-sonatype` [commands](https://github.com/xerial/sbt-sonatype#commands) - Replace `gitSnapshots` and `version.sbt` file flow with a `version` variable in `sharedSettings` - Replace usage of `sbt-pgp` with `sbt-gpg`—use GnuPG within container image so that the builds no longer require state on build executor - Remove `sbt-bintray` which was blocking the new workflow with `publish`
| @@ -28,7 +28,7 @@ node { | |||
|
|
|||
| env.RF_SETTINGS_BUCKET = 'rasterfoundry-staging-config-us-east-1' | |||
|
|
|||
| if (env.BRANCH_NAME == 'develop' || env.BRANCH_NAME =~ /test\// || env.BRANCH_NAME =~ /hotfix\// ) { | |||
| if (env.BRANCH_NAME == 'develop' || env.BRANCH_NAME =~ /test\// || env.BRANCH_NAME =~ /hotfix\// || env.BRANCH_NAME == 'PR-5423') { | |||
There was a problem hiding this comment.
Reminder to remove before merge.
| git.gitTagToVersionNumber in ThisBuild := { tag: String => | ||
| if (tag matches "[0-9]+\\..*") Some(tag) | ||
| else None | ||
| } | ||
|
|
There was a problem hiding this comment.
This is from the docs for sbt-git. We don't use it in any of the GeoTrellis projects, so I'm removing it from here.
| version := { | ||
| // TODO: leave an explaination as to why this is here. e.g. Vagrant -> not | ||
| // mounting .git -> separate sbt container for development | ||
| if (git.gitHeadCommit.value.isEmpty) "dev" |
There was a problem hiding this comment.
Some of the containers used to compile Scala do not mount the .git folder in as a compromise made with Vagrant, so we can't always rely on git describe working to version artifacts.
| @@ -130,7 +130,6 @@ services: | |||
| - $HOME/.coursier:/root/.coursier | |||
| - $HOME/.sbt:/root/.sbt | |||
| - $HOME/.aws:/root/.aws:ro | |||
| - $HOME/.gnupg:/root/.gnupg:ro | |||
There was a problem hiding this comment.
This is no longer stateful 🎉 .
| @@ -10,7 +10,7 @@ DIR="$(dirname "$0")" | |||
|
|
|||
| function usage() { | |||
| echo -n \ | |||
| "Usage: $(basename "$0") | |||
There was a problem hiding this comment.
I suggest viewing this file with whitespace changes disabled.
There was a problem hiding this comment.
Nice combined effort to get things up-to-date, but also to update the signing key.
I have a few high level questions that occured to me as I was reviewing the changes. Hard to know for sure whether they will lead to issues or not until we go through a proper release, but they felt valuable to raise.
| @@ -48,11 +48,11 @@ node { | |||
| credentialsId: 'SONATYPE_PASSWORD', | |||
| variable: 'SONATYPE_PASSWORD'], | |||
| [$class: 'StringBinding', | |||
| credentialsId: 'PGP_HEX_KEY', | |||
There was a problem hiding this comment.
Reminder to delete this (and PGP_PASSPHRASE) from Jenkins after this PR is merged.
There was a problem hiding this comment.
Nice work. 👍 I was able to confirm that the signing key was renewed until 2021.
As far as the next RF release goes, it might be good to push for one now, if it makes sense, to avoid any unnecessary timeline pressure.
Overview
Make the following changes in-order to align the release signing / publishing workflow with that of GeoTrellis satellite projects:
sbt-releasewith direct invocations ofsbt-sonatypecommandsgitSnapshotsandversion.sbtfile flow with aversionvariable insharedSettingssbt-pgpwithsbt-gpg—use GnuPG within container image so that the builds no longer require state on build executorsbt-bintraywhich was blocking the new workflow withpublishIn addition, the signing subkey was renewed out-of-band.
Checklist
BUILDCONFIG.APP_NAMETesting Instructions
See Jenkins CI build: http://jenkins.staging.rasterfoundry.com/job/Raster%20Foundry/job/raster-foundry/job/PR-5423/5/display/redirect.
The changes to
Jenkinsfile.centralincorporate the same flow that is used for releases to GeoTrellis projects. @notthatbreezy, can you let me know when the next release of Raster Foundry will be? The path of least resistance (and little consequence) will be to test those changes live.Resolves #5265