From 8aebbb72595f28d3db6294c0795abdd40b4ef383 Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Wed, 13 Nov 2024 16:51:27 +1100 Subject: [PATCH 1/7] #130 Modify the Dockerfile used for the Release process to use the supported Quay.io hosted containers. --- Dockerfile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 75c74c3b..70e2defc 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:latest +FROM quay.io/performancecopilot/pcp -RUN apt-get update && apt-get install -y git pcp pcp-gui gpg -RUN apt-get install -y openjdk-11-jdk maven \ No newline at end of file +RUN yum update -y +RUN yum install -y pcp-gui java-11-openjdk maven maven-openjdk11 From 771349a0148dc1b8776531cdac9a168cf09ea2e6 Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Wed, 13 Nov 2024 16:52:52 +1100 Subject: [PATCH 2/7] #130 Make the surefire plugin use a JVM option to allow Mockito to work properly inside the release container. this does have the sideaffect of slowing each of the tests, perhaps I'll modify this to be a profile triggered by an environment option, but for now it's not _too_ slow to run the build. --- pom.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/pom.xml b/pom.xml index 062d6e93..532a9d70 100644 --- a/pom.xml +++ b/pom.xml @@ -142,6 +142,9 @@ maven-surefire-plugin 3.0.0-M4 + + -XX:+StartAttachListener + **/*IntegrationTest.java From 5c55a52eb471fc4c355173a031fe1ef5a89d9fe2 Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Thu, 14 Nov 2024 09:13:23 +1100 Subject: [PATCH 3/7] #130 Turns out, this isn't actually needed. Maybe needed for a newer JDK, but not 11. --- pom.xml | 3 --- 1 file changed, 3 deletions(-) diff --git a/pom.xml b/pom.xml index 532a9d70..062d6e93 100644 --- a/pom.xml +++ b/pom.xml @@ -142,9 +142,6 @@ maven-surefire-plugin 3.0.0-M4 - - -XX:+StartAttachListener - **/*IntegrationTest.java From 7d56c143e2b7f25c88619a5b27f828cfa3c4dc11 Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Thu, 14 Nov 2024 09:13:46 +1100 Subject: [PATCH 4/7] #130 Simplify launch with WORKDIR --- Dockerfile | 2 ++ 1 file changed, 2 insertions(+) diff --git a/Dockerfile b/Dockerfile index 70e2defc..29722126 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,3 +2,5 @@ FROM quay.io/performancecopilot/pcp RUN yum update -y RUN yum install -y pcp-gui java-11-openjdk maven maven-openjdk11 + +WORKDIR /parfait \ No newline at end of file From 5cd8ecf422e15e5d99976083463bbb260b51f0f8 Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Thu, 14 Nov 2024 11:12:50 +1100 Subject: [PATCH 5/7] #130 Introduce concept of .releasing.env which needs to be ignored by git --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 7ffcedaa..5bb536c1 100644 --- a/.gitignore +++ b/.gitignore @@ -10,3 +10,4 @@ release.properties *.class *.iml *.swp +.releasing.env From 4ad7d8bce3c1435c5914e1bdbeab36fb3e19601a Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Thu, 14 Nov 2024 11:32:37 +1100 Subject: [PATCH 6/7] #130 Introduce Release batch file which launches the Docker build/release process and automates GPG key fun --- Dockerfile | 8 ++++++-- releasing-scripts/docker-release-build.sh | 14 ++++++++++++++ releasing.sh | 16 ++++++++++++++++ 3 files changed, 36 insertions(+), 2 deletions(-) create mode 100755 releasing-scripts/docker-release-build.sh create mode 100755 releasing.sh diff --git a/Dockerfile b/Dockerfile index 29722126..44ed0dab 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,10 @@ FROM quay.io/performancecopilot/pcp RUN yum update -y -RUN yum install -y pcp-gui java-11-openjdk maven maven-openjdk11 +RUN yum install -y pcp-gui git java-11-openjdk maven maven-openjdk11 + +WORKDIR /parfait + +ENV GIT_AUTHOR_NAME="" +ENV GIT_AUTHOR_EMAIL="" -WORKDIR /parfait \ No newline at end of file diff --git a/releasing-scripts/docker-release-build.sh b/releasing-scripts/docker-release-build.sh new file mode 100755 index 00000000..4c6bec00 --- /dev/null +++ b/releasing-scripts/docker-release-build.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +set -e + +echo "Starting PMCD" +/usr/libexec/pcp/lib/pmcd start + +echo "Importing GPGKEY" +# this trick allows the GPG secret key to be imported via the command line +# thank goodness for Google +echo $MAVEN_GPG_PASSPHRASE | gpg --batch --yes --passphrase-fd 0 --import /root/gpgkeyexport/gpgkey.prvt.asc + +echo "Building Parfait" +mvn clean verify gpg:sign diff --git a/releasing.sh b/releasing.sh new file mode 100755 index 00000000..0b173d21 --- /dev/null +++ b/releasing.sh @@ -0,0 +1,16 @@ +#!/bin/sh + +set -e + +[ ! -f .releasing.env ] && echo ".releasing.env file not found" && exit 1 +source .releasing.env + +[ ! $GIT_USERNAME ] && echo "GIT_USERNAME is not set" && exit 1 +[ ! $GIT_EMAIL ] && echo "GIT_EMAIL is not set" && exit 1 +[ ! $GPG_PASSPHRASE ] && echo "GPG_PASSPHRASE is not set" && exit 1 + +docker build . -t parfait-build +docker run --rm --env GIT_USERNAME="${GIT_USERNAME}" --env GIT_EMAIL="${GIT_EMAIL}" --env MAVEN_GPG_PASSPHRASE="${GPG_PASSPHRASE}" -v `pwd`:/parfait -v ~/.m2:/root/.m2 -v ~/gpgkeyexport:/root/gpgkeyexport parfait-builder sh -c 'releasing-scripts/docker-release-build.sh' + + + From 5b94753536d732f81cf0142b5e2b4f219c6bee8e Mon Sep 17 00:00:00 2001 From: tallpsmith Date: Thu, 14 Nov 2024 13:25:37 +1100 Subject: [PATCH 7/7] #130 Updating RELEASING.md with the current steps, and small edits to README to indicate supported JDKs (for the build itself). --- README.md | 2 +- RELEASING.md | 81 ++++++++++++++-------------------------------------- 2 files changed, 22 insertions(+), 61 deletions(-) diff --git a/README.md b/README.md index 5565f9eb..4ca361fa 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,7 @@ Parfait is a performance monitoring library for Java which extracts metrics and # Requirements -Parfait requires Java 11 (as of Parfait 1.2.x). +Parfait requires Java 11-17 (as of Parfait 1.2.x). While Parfait (the published library) should _run_ on newer JVMs, the current test code only successfully runs on Java versions 11-17. # About parfait diff --git a/RELEASING.md b/RELEASING.md index 416c76cf..72c9c188 100644 --- a/RELEASING.md +++ b/RELEASING.md @@ -5,11 +5,12 @@ To release parfait out to the wider community, you will need the following: * checked out the Parfait git repo locally * Maven - * gpg + * gpg & a published GPG public key * An account on [OSS Sonatype Repo](https://oss.sonatype.org/) If you're releasing from a Mac/OSX, then you'll also need: - * Docker + * Docker/colima/Podman + OSS Sonatype ------------ @@ -25,7 +26,7 @@ gpg Part of the Maven release process uses `gpg` to digitally sign the releases using a signature. Please refer to the OSSRH Overview guide above in the OSS Sonatype section as most of the links stem from there. -As outlined in the docs, to streamline the release process I recommend encoding your `gpg` password into ``~/.m2/settings.xml`: +As outlined in the docs, to streamline the release process I recommend encoding your `gpg` details (but not your password) into ``~/.m2/settings.xml`: ... @@ -35,7 +36,6 @@ As outlined in the docs, to streamline the release process I recommend encoding gpg tallpsmith@gmail.com - .................. ... @@ -46,6 +46,12 @@ As outlined in the docs, to streamline the release process I recommend encoding ... +You can configure your GPG passphrase via an environment variable before running the release process: + +```markdown + +export MAVEN_GPG_PASSPHRASE=.... +``` Otherwise you will be asked for the passphrase for every single Parfait module (which is quite a few).... @@ -89,74 +95,29 @@ Once the `Release` action is performed you & others in the OSS Sonatype group fo Releasing from OSX ================== -There are some complications releasing from a computer with OSX. As of December 2023, PCP doesn't have a supported OSX distribution, + +There are some complications releasing from a computer with OSX. As of November 2024, PCP doesn't have a supported OSX distribution, and Parfait test harness require interaction with PCP locally to validate. As the Maven release process involves running the tests locally to validate, this is problematic. -To support the release process on OSX, there is a `Dockerfile` used _purely_ as a mechanism for releasing. It is +To support the release process on OSX, there is a release script that leverages a `Dockerfile` used _purely_ as a mechanism for releasing. It is a quick'n'dirty mechanism, ugly and less than ideal, but works. Here's the steps: ``` # Prerequisites: # * ensure your current working directory is in the root of the Parfait repository -# * EXPORT your gpg PRIVATE key in armor format to directory ~/gpgkeyexport (used later) -# - gpg --armor --export 21FFA5EB0E068E51 > ~/gpgkeyexport/tallpsmith@gmail.com.prvt.asc +# * EXPORT your gpg PRIVATE key in armor format to directory ~/gpgkeyexport (used during the build) +# - gpg --armor --export-secret-key 21FFA5EB0E068E51 > ~/gpgkeyexport/gpgkey.prvt.asc # Make sure your ssh key needed for Github is added to a running `ssh-agent` on your local host. $ ssh-add -# Build the Docker image used for running the release -$ docker build . - -# Find the imageID you just built, it should be the one at the top -$ docker images | head -2 -REPOSITORY TAG IMAGE ID CREATED SIZE - b2de17c68635 17 hours ago 851MB - -# Grab that ImageID to set an environment variable -$ IMAGEID=b2de17c68635 - -# Run the Docker image -# - maps the ssh-agent on your host into the container -# - maps the Parfait codebase to /code in the container -# - maps your exported GPG key to a path needed later -# The Docker image is a simple Ubuntu image with Java, PCP, git, and gpg installed -$ docker run -e SSH_AUTH_SOCK="/run/host-services/ssh-auth.sock" -v.:/code -v ~/.m2:/root/.m2 -v ~/gpgkeyexport:/root/gpgkeyexport --mount type=bind,src=/run/host-services/ssh-auth.sock,target=/run/host-services/ssh-auth.sock -it $IMAGEID /bin/sh - -# Now we're in the running container, we need to import the GPG key -# Import your private GPG key into the containers enviroment -# I couldn't find a working way to reference my gpg setup from the container, so this is was a hacky way to solve it -$ gpg --import /root/gpgkeyexport/tallpsmith@gmail.com.prvt.asc - -# start PCP, this is needed by the tests -$ service pmcd start - -# setup git in the container to support the release process -$ git config --global user.email “tallpsmith@gmail.com” -$ git config --global user.name “Paul “Smith -$ git config --global gpg.program gpg - -# change path to where the Parfait code is mapped into the container -$ cd /code - -# This is needed otherwise you’ll get -# gpg: signing failed: Inappropriate ioctl for device -# the GPG signing process needs to prompt you for your passphrase -# even though the Maven GPG plugin allows you to declare the password -# this seems to still be needed... -$ export GPG_TTY=$(tty) - -# The Maven JavaDoc plugin needs to set the JAVA_HOME.. -$ export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-arm64 - -# Now we can finally start the release process itself! -$ mvn release:prepare release:perform - -# You'll be prompted on screen for your GPG passphrase (if you have one) -# Maven will build, test, verify, package and sign and push to OSS Sonatype -# Follow the Standard OSS Sonatype release process from here -# you can now exit the container -$ exit +# Create a `.releasing.env` file (not part of SCM) that contains the following environment variables needed +#GIT_USERNAME= +#GIT_EMAIL= +#GPG_PASSPHRASE= +# Run the Release script +./releasing.sh ```