From ab4bcf7c0e28d15906b03fa4451af99021377f64 Mon Sep 17 00:00:00 2001 From: lander86 Date: Thu, 4 Jun 2020 19:55:21 +0200 Subject: [PATCH 1/3] implemented travis pipeline publishing to packagecloud.io maven repository --- .travis.settings.xml | 11 +++ .travis.yml | 15 ++++ ci/.dockerignore | 2 + ci/Dockerfile | 18 +++++ build_jar.sh => ci/build_jar.sh | 13 +++- ci/check_tag.sh | 34 +++++++++ ci/entrypoint.sh | 41 +++++++++++ ci/start_ci.sh | 9 +++ jni/pom.xml | 124 +++++++++++++++++++------------- sample.pom.xml | 24 +++++++ 10 files changed, 239 insertions(+), 52 deletions(-) create mode 100644 .travis.settings.xml create mode 100644 .travis.yml create mode 100644 ci/.dockerignore create mode 100644 ci/Dockerfile rename build_jar.sh => ci/build_jar.sh (56%) mode change 100644 => 100755 create mode 100755 ci/check_tag.sh create mode 100644 ci/entrypoint.sh create mode 100755 ci/start_ci.sh create mode 100644 sample.pom.xml diff --git a/.travis.settings.xml b/.travis.settings.xml new file mode 100644 index 00000000..f9ff255e --- /dev/null +++ b/.travis.settings.xml @@ -0,0 +1,11 @@ + + + + packagecloud-travis + ${env.PACKAGECLOUD_TOKEN} + + + diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 00000000..1d0c9e64 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,15 @@ +os: linux +dist: xenial +language: java +addons: + apt: + packages: + - ant + - libxml-xpath-perl +services: + - docker + +script: >- + source ci/check_tag.sh && + docker build -t zencash/zendoo-sc-cryptolib-builder ./ci && + docker run --rm -v "$(pwd):/build" -e LOCAL_USER_ID="$(id -u)" -e LOCAL_GRP_ID="$(id -g)" -e PUBLISH -e PACKAGECLOUD_TOKEN zencash/zendoo-sc-cryptolib-builder /build/ci/start_ci.sh diff --git a/ci/.dockerignore b/ci/.dockerignore new file mode 100644 index 00000000..864179fd --- /dev/null +++ b/ci/.dockerignore @@ -0,0 +1,2 @@ +* +!entrypoint.sh diff --git a/ci/Dockerfile b/ci/Dockerfile new file mode 100644 index 00000000..b0911698 --- /dev/null +++ b/ci/Dockerfile @@ -0,0 +1,18 @@ +FROM ubuntu:16.04 + +MAINTAINER infrastructure@zensystem.io + +COPY entrypoint.sh /usr/local/bin/entrypoint.sh + +# Get Ubuntu packages +RUN export DEBIAN_FRONTEND=noninteractive \ + && apt-get update \ + && apt-get install -y --no-install-recommends build-essential curl \ + gcc-mingw-w64-x86-64 gosu maven openjdk-8-jdk=8u252-b09-1~16.04 \ + && chmod +x /usr/local/bin/entrypoint.sh \ + && apt-get -y clean \ + && apt-get -y autoclean \ + && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb + +ENTRYPOINT ["/usr/local/bin/entrypoint.sh"] + diff --git a/build_jar.sh b/ci/build_jar.sh old mode 100644 new mode 100755 similarity index 56% rename from build_jar.sh rename to ci/build_jar.sh index a7c9777c..6d54885d --- a/build_jar.sh +++ b/ci/build_jar.sh @@ -1,7 +1,11 @@ +#!/bin/bash + +set -eo pipefail + cargo clean -cargo build --release --target=x86_64-pc-windows-gnu -cargo build --release --target=x86_64-unknown-linux-gnu +cargo build -j$(($(nproc)+1)) --release --target=x86_64-pc-windows-gnu +cargo build -j$(($(nproc)+1)) --release --target=x86_64-unknown-linux-gnu mkdir -p jni/src/main/resources/native/linux64 @@ -12,3 +16,8 @@ cp target/x86_64-pc-windows-gnu/release/zendoo_sc.dll jni/src/main/resources/nat cd jni mvn clean package + +if [ "$PUBLISH" = "true" ]; then + echo "Deploying package to maven repository." + mvn deploy +fi diff --git a/ci/check_tag.sh b/ci/check_tag.sh new file mode 100755 index 00000000..cafde9b9 --- /dev/null +++ b/ci/check_tag.sh @@ -0,0 +1,34 @@ +#!/bin/bash + +set -eo pipefail + +pom_version="$(xpath -q -e '/project/version/text()' jni/pom.xml)" + +echo "TRAVIS_TAG: $TRAVIS_TAG" +echo "jni/pom.xml version: $pom_version" + +export PUBLISH="false" + +if [ ! -z "${TRAVIS_TAG}" ]; then + export GNUPGHOME="$(mktemp -d 2>/dev/null || mktemp -d -t 'GNUPGHOME')" + echo "Tagged build, fetching maintainer keys." + gpg -v --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys $MAINTAINER_KEYS || + gpg -v --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys $MAINTAINER_KEYS || + gpg -v --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys $MAINTAINER_KEYS + if git verify-tag -v "${TRAVIS_TAG}"; then + echo "Valid signed tag" + if [ "${TRAVIS_TAG}" != "${pom_version}" ]; then + echo "tag different from the pom file" + exit 1 + else + export PUBLISH="true" + fi + fi +fi + +if [ "$PUBLISH" = "false" ]; then + export PACKAGECLOUD_TOKEN="" + unset PACKAGECLOUD_TOKEN +fi + +set +eo pipefail diff --git a/ci/entrypoint.sh b/ci/entrypoint.sh new file mode 100644 index 00000000..307aef4c --- /dev/null +++ b/ci/entrypoint.sh @@ -0,0 +1,41 @@ +#!/bin/bash +set -e + +# Add local zenbuilder user +# Either use LOCAL_USER_ID:LOCAL_GRP_ID if set via environment +# or fallback to 9001:9001 + +USER_ID=${LOCAL_USER_ID:-2000} +GRP_ID=${LOCAL_GRP_ID:-2000} + +getent group zenbuilder > /dev/null 2>&1 || groupadd -g $GRP_ID zenbuilder +id -u zenbuilder > /dev/null 2>&1 || useradd --shell /bin/bash -u $USER_ID -g $GRP_ID -o -c "" -m zenbuilder + +LOCAL_UID=$(id -u zenbuilder) +LOCAL_GID=$(getent group zenbuilder | cut -d ":" -f 3) + +if [ ! "$USER_ID" == "$LOCAL_UID" ] || [ ! "$GRP_ID" == "$LOCAL_GID" ]; then + echo "Warning: User zenbuilder with differing UID $LOCAL_UID/GID $LOCAL_GID already exists, most likely this container was started before with a different UID/GID. Re-create it to change UID/GID." +fi + +echo "Starting with UID/GID: $LOCAL_UID:$LOCAL_GID" + +export HOME=/home/zenbuilder + +# Fix ownership recursively +chown -RH zenbuilder:zenbuilder /build + +# Get Rust +curl https://sh.rustup.rs -sSf | gosu zenbuilder bash -s -- -y +gosu zenbuilder echo 'source $HOME/.cargo/env' >> $HOME/.bashrc +export PATH="/home/zenbuilder/.cargo/bin:${PATH}" + + +# Set Rust +gosu zenbuilder /home/zenbuilder/.cargo/bin/rustup target add x86_64-pc-windows-gnu + +#Add maven settings +gosu zenbuilder bash -c "mkdir -p $HOME/.m2 && cp /build/.travis.settings.xml $HOME/.m2/settings.xml" + +exec gosu zenbuilder "$@" + diff --git a/ci/start_ci.sh b/ci/start_ci.sh new file mode 100755 index 00000000..1a0aeb5f --- /dev/null +++ b/ci/start_ci.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -eo pipefail + +echo "execute the build script $(date)" + +cd /build && ./ci/build_jar.sh + +echo "done $(date)" diff --git a/jni/pom.xml b/jni/pom.xml index 38cdde35..232ee518 100644 --- a/jni/pom.xml +++ b/jni/pom.xml @@ -1,57 +1,81 @@ 4.0.0 - com.horizen - zendoo-sc-cryptolib - 0.2-SNAPSHOT - 2020 - - UTF-8 - 1.8 - 1.8 - 2.12.8 - + io.horizen + zendoo-sc-cryptolib + 0.2.1-SNAPSHOT + 2020 + + UTF-8 + 1.8 + 1.8 + 2.12.8 + - + - - junit - junit - 4.12 - test - + + junit + junit + 4.12 + test + + + + io.packagecloud.maven.wagon + maven-packagecloud-wagon + 0.0.6 + + - + + + packagecloud-travis + packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib + + + packagecloud-travis + packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib + + - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.0 - - - - - org.apache.maven.plugins - maven-dependency-plugin - 3.1.1 - - - copy-dependencies - package - - copy-dependencies - - - ${project.build.directory}/lib - false - false - true - compile - - - - - - + + + + + io.packagecloud.maven.wagon + maven-packagecloud-wagon + 0.0.6 + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.0 + + + + + org.apache.maven.plugins + maven-dependency-plugin + 3.1.1 + + + copy-dependencies + package + + copy-dependencies + + + ${project.build.directory}/lib + false + false + true + compile + + + + + + diff --git a/sample.pom.xml b/sample.pom.xml new file mode 100644 index 00000000..63e16dd3 --- /dev/null +++ b/sample.pom.xml @@ -0,0 +1,24 @@ + + + + io.packagecloud.maven.wagon + maven-packagecloud-wagon + 0.1.0 + + + + + + + packagecloud-travis + + packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib + + + + packagecloud-travis + + packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib + + + From 43e7eb86a53b8eefa897d7a0d1720771312ef9df Mon Sep 17 00:00:00 2001 From: cronicc Date: Sun, 7 Jun 2020 04:56:32 +0000 Subject: [PATCH 2/3] Add travis pipeline publishing to maven central via oss.sonatype.org * Add docker container with all build and gpg sign prerequisites * Update pom.xml with metadata (groupId, artifactId, name, description, licenses, developers, scm, issueManagement sections) * Add sonatype repository information * Add build-extras profile generating sources.jar and javadoc.jar * Add sign profile signing bundle components with infrastructure@zensystem.io gpg maven subkey * Any tag signed by a release engineer in format $SEMVER-SNAPSHOT will be deployed to https://oss.sonatype.org/content/repositories/snapshots * Any tag signed by a release engineer in format $SEMVER will be deployed to https://oss.sonatype.org/service/local/staging/deploy/maven2 and pushed to https://repo1.maven.org/maven2/io/horizen/zendoo-sc-cryptolib * Git tag and pom.xml project.version have to match for deployment to work --- .travis.settings.xml | 11 -- .travis.yml | 19 ++- ci/.dockerignore | 2 +- ci/Dockerfile | 49 +++++++- ci/build_jar.sh | 16 +-- ci/check_tag.sh | 34 ----- ci/devtools/lint_pom.xml.sh | 7 ++ ci/entrypoint.sh | 43 +++++-- ci/entrypoint_setup_gpg.sh | 12 ++ ci/mvn_settings.xml | 23 ++++ ci/setup_env.sh | 55 ++++++++ jni/pom.xml | 242 ++++++++++++++++++++++++------------ sample.pom.xml | 24 ---- 13 files changed, 358 insertions(+), 179 deletions(-) delete mode 100644 .travis.settings.xml delete mode 100755 ci/check_tag.sh create mode 100755 ci/devtools/lint_pom.xml.sh mode change 100644 => 100755 ci/entrypoint.sh create mode 100755 ci/entrypoint_setup_gpg.sh create mode 100644 ci/mvn_settings.xml create mode 100755 ci/setup_env.sh delete mode 100644 sample.pom.xml diff --git a/.travis.settings.xml b/.travis.settings.xml deleted file mode 100644 index f9ff255e..00000000 --- a/.travis.settings.xml +++ /dev/null @@ -1,11 +0,0 @@ - - - - packagecloud-travis - ${env.PACKAGECLOUD_TOKEN} - - - diff --git a/.travis.yml b/.travis.yml index 1d0c9e64..2e93271a 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,15 +1,22 @@ os: linux -dist: xenial -language: java +dist: bionic +language: generic addons: apt: packages: - - ant - libxml-xpath-perl services: - docker +env: + global: + - CONTAINER_JAVA_VER="openjdk-8-jdk=8u252-b09-1~16.04" + - CONTAINER_RUST_VER="1.41.0" + script: >- - source ci/check_tag.sh && - docker build -t zencash/zendoo-sc-cryptolib-builder ./ci && - docker run --rm -v "$(pwd):/build" -e LOCAL_USER_ID="$(id -u)" -e LOCAL_GRP_ID="$(id -g)" -e PUBLISH -e PACKAGECLOUD_TOKEN zencash/zendoo-sc-cryptolib-builder /build/ci/start_ci.sh + source ci/setup_env.sh && + docker build --pull --no-cache -t zencash/zendoo-sc-cryptolib-builder ./ci && + bash -c "docker run --rm -v $(pwd):/build -v ${HOME}/key.asc:/key.asc --tmpfs /tmp:uid=$(id -u),gid=$(id -g),exec,mode=1777 \ + --tmpfs /run:uid=$(id -u),gid=$(id -g),exec,mode=1777 -e LOCAL_USER_ID=$(id -u) -e LOCAL_GRP_ID=$(id -g) \ + $(env | grep -E '^CONTAINER_' | sed -n '/^[^\t]/s/=.*//p' | sed '/^$/d' | sed 's/^/-e /g' | tr '\n' ' ') \ + zencash/zendoo-sc-cryptolib-builder /build/ci/start_ci.sh" diff --git a/ci/.dockerignore b/ci/.dockerignore index 864179fd..3f558562 100644 --- a/ci/.dockerignore +++ b/ci/.dockerignore @@ -1,2 +1,2 @@ * -!entrypoint.sh +!entrypoint* diff --git a/ci/Dockerfile b/ci/Dockerfile index b0911698..6d257b64 100644 --- a/ci/Dockerfile +++ b/ci/Dockerfile @@ -2,14 +2,53 @@ FROM ubuntu:16.04 MAINTAINER infrastructure@zensystem.io -COPY entrypoint.sh /usr/local/bin/entrypoint.sh +SHELL ["/bin/bash", "-c"] + +COPY entrypoint.sh entrypoint_setup_gpg.sh /usr/local/bin/ # Get Ubuntu packages -RUN export DEBIAN_FRONTEND=noninteractive \ +RUN set -eux && export GOSU_VERSION=1.12 && export DEBIAN_FRONTEND=noninteractive \ && apt-get update \ - && apt-get install -y --no-install-recommends build-essential curl \ - gcc-mingw-w64-x86-64 gosu maven openjdk-8-jdk=8u252-b09-1~16.04 \ - && chmod +x /usr/local/bin/entrypoint.sh \ + && apt-get install -y --no-install-recommends build-essential ca-certificates curl dirmngr \ + gcc-mingw-w64-x86-64 gnupg2 gnupg-curl wget; \ +# save list of currently installed packages for later so we can clean up + savedAptMark="$(apt-mark showmanual)"; \ + apt-get update; \ + apt-get install -y --no-install-recommends ca-certificates wget; \ + if ! command -v gpg; then \ + apt-get install -y --no-install-recommends gnupg2 dirmngr; \ + elif gpg --version | grep -q '^gpg (GnuPG) 1\.'; then \ +# "This package provides support for HKPS keyservers." (GnuPG 1.x only) + apt-get install -y --no-install-recommends gnupg-curl; \ + fi; \ + rm -rf /var/lib/apt/lists/*; \ + \ + dpkgArch="$(dpkg --print-architecture | awk -F- '{ print $NF }')"; \ + wget -O /usr/local/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch"; \ + wget -O /usr/local/bin/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc"; \ + \ +# verify the signature + export GNUPGHOME="$(mktemp -d)"; \ + gpg2 --batch --keyserver hkps://keys.openpgp.org --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \ + gpg2 --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \ + gpg2 --batch --keyserver hkp://ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \ + gpg2 --batch --keyserver pgp.mit.edu --recv-key B42F6819007F00F88E364FD4036A9C25BF357DD4 || \ + gpg2 --batch --keyserver keyserver.pgp.com --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \ + gpg2 --batch --keyserver pgp.key-server.io --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4; \ + gpg2 --batch --verify /usr/local/bin/gosu.asc /usr/local/bin/gosu; \ + command -v gpgconf && gpgconf --kill all || :; \ + rm -rf "$GNUPGHOME" /usr/local/bin/gosu.asc; \ + \ +# clean up fetch dependencies + apt-mark auto '.*' > /dev/null; \ + [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ + apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ + \ + chmod +x /usr/local/bin/gosu; \ +# verify that the binary works + gosu --version; \ + gosu nobody true \ + && chmod +x /usr/local/bin/{entrypoint.sh,entrypoint_setup_gpg.sh} \ && apt-get -y clean \ && apt-get -y autoclean \ && rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb diff --git a/ci/build_jar.sh b/ci/build_jar.sh index 6d54885d..af708528 100755 --- a/ci/build_jar.sh +++ b/ci/build_jar.sh @@ -1,13 +1,12 @@ #!/bin/bash -set -eo pipefail +set -euo pipefail cargo clean cargo build -j$(($(nproc)+1)) --release --target=x86_64-pc-windows-gnu cargo build -j$(($(nproc)+1)) --release --target=x86_64-unknown-linux-gnu - mkdir -p jni/src/main/resources/native/linux64 cp target/x86_64-unknown-linux-gnu/release/libzendoo_sc.so jni/src/main/resources/native/linux64/libzendoo_sc.so @@ -15,9 +14,12 @@ mkdir -p jni/src/main/resources/native/windows64 cp target/x86_64-pc-windows-gnu/release/zendoo_sc.dll jni/src/main/resources/native/windows64/zendoo_sc.dll cd jni -mvn clean package - -if [ "$PUBLISH" = "true" ]; then - echo "Deploying package to maven repository." - mvn deploy +echo "Building jar" +mvn clean package -P !build-extras -DskipTests=true -Dmaven.javadoc.skip=true -B +echo "Testing jar" +mvn test -P !build-extras -B + +if [ "$CONTAINER_PUBLISH" = "true" ]; then + echo "Deploying bundle to maven repository" + mvn deploy -P sign,build-extras --settings ../ci/mvn_settings.xml -B fi diff --git a/ci/check_tag.sh b/ci/check_tag.sh deleted file mode 100755 index cafde9b9..00000000 --- a/ci/check_tag.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -pom_version="$(xpath -q -e '/project/version/text()' jni/pom.xml)" - -echo "TRAVIS_TAG: $TRAVIS_TAG" -echo "jni/pom.xml version: $pom_version" - -export PUBLISH="false" - -if [ ! -z "${TRAVIS_TAG}" ]; then - export GNUPGHOME="$(mktemp -d 2>/dev/null || mktemp -d -t 'GNUPGHOME')" - echo "Tagged build, fetching maintainer keys." - gpg -v --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys $MAINTAINER_KEYS || - gpg -v --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys $MAINTAINER_KEYS || - gpg -v --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys $MAINTAINER_KEYS - if git verify-tag -v "${TRAVIS_TAG}"; then - echo "Valid signed tag" - if [ "${TRAVIS_TAG}" != "${pom_version}" ]; then - echo "tag different from the pom file" - exit 1 - else - export PUBLISH="true" - fi - fi -fi - -if [ "$PUBLISH" = "false" ]; then - export PACKAGECLOUD_TOKEN="" - unset PACKAGECLOUD_TOKEN -fi - -set +eo pipefail diff --git a/ci/devtools/lint_pom.xml.sh b/ci/devtools/lint_pom.xml.sh new file mode 100755 index 00000000..f46f51b9 --- /dev/null +++ b/ci/devtools/lint_pom.xml.sh @@ -0,0 +1,7 @@ +#!/bin/bash + +CONTENT="$(xmllint --format --encode UTF-8 jni/pom.xml)" +echo "${CONTENT}" > jni/pom.xml + +SETTINGS_CONTENT="$(xmllint --format --encode UTF-8 ci/mvn_settings.xml)" +echo "${SETTINGS_CONTENT}" > ci/mvn_settings.xml diff --git a/ci/entrypoint.sh b/ci/entrypoint.sh old mode 100644 new mode 100755 index 307aef4c..ecddd683 --- a/ci/entrypoint.sh +++ b/ci/entrypoint.sh @@ -1,5 +1,11 @@ #!/bin/bash -set -e +set -euo pipefail + +# check required vars are set +if [ -z "${CONTAINER_JAVA_VER+x}" ] && [ -z "${CONTAINER_RUST_VER+x}" ]; then + echo "CONTAINER_JAVA_VER and CONTAINER_RUST_VER environment variables need to be set!" + exit 1 +fi # Add local zenbuilder user # Either use LOCAL_USER_ID:LOCAL_GRP_ID if set via environment @@ -22,20 +28,33 @@ echo "Starting with UID/GID: $LOCAL_UID:$LOCAL_GID" export HOME=/home/zenbuilder -# Fix ownership recursively -chown -RH zenbuilder:zenbuilder /build +# Get Java $CONTAINER_JAVA_VER +apt-get update +DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y "$CONTAINER_JAVA_VER" maven +apt-get -y clean +apt-get -y autoclean +rm -rf /var/lib/apt/lists/* /var/cache/apt/archives/*.deb -# Get Rust -curl https://sh.rustup.rs -sSf | gosu zenbuilder bash -s -- -y +# Get Rust $CONTAINER_RUST_VER +curl https://sh.rustup.rs -sSf | gosu zenbuilder bash -s -- --default-toolchain none -y gosu zenbuilder echo 'source $HOME/.cargo/env' >> $HOME/.bashrc export PATH="/home/zenbuilder/.cargo/bin:${PATH}" +gosu zenbuilder rustup toolchain install "$CONTAINER_RUST_VER" +gosu zenbuilder rustup target add --toolchain "$CONTAINER_RUST_VER" x86_64-pc-windows-gnu +# fix "error: could not compile `api`." "/usr/bin/ld: unrecognized option '--nxcompat'" +# https://github.com/rust-lang/rust/issues/32859#issuecomment-284308455 +# appears to be fixed in rust 1.42.0 +gosu zenbuilder cat << EOF > $HOME/.cargo/config +[target.x86_64-pc-windows-gnu] +linker = "$(which x86_64-w64-mingw32-gcc)" +EOF + +# Print version information +gosu zenbuilder java -version +gosu zenbuilder rustc --version +# Fix ownership recursively +chown -RH zenbuilder:zenbuilder /build -# Set Rust -gosu zenbuilder /home/zenbuilder/.cargo/bin/rustup target add x86_64-pc-windows-gnu - -#Add maven settings -gosu zenbuilder bash -c "mkdir -p $HOME/.m2 && cp /build/.travis.settings.xml $HOME/.m2/settings.xml" - -exec gosu zenbuilder "$@" +exec gosu zenbuilder /usr/local/bin//entrypoint_setup_gpg.sh "$@" diff --git a/ci/entrypoint_setup_gpg.sh b/ci/entrypoint_setup_gpg.sh new file mode 100755 index 00000000..605b16d2 --- /dev/null +++ b/ci/entrypoint_setup_gpg.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +set -euo pipefail + +if [ "${CONTAINER_PUBLISH}" = "true" ]; then + export GNUPGHOME="$(mktemp -d 2>/dev/null || mktemp -d -t 'GNUPGHOME')" + # gpg: setting pinentry mode 'loopback' failed: Not supported https://www.fluidkeys.com/tweak-gpg-2.1.11/ + echo "allow-loopback-pinentry" > "${GNUPGHOME}"/gpg-agent.conf + gpg2 --batch --fast-import /key.asc +fi + +exec "$@" diff --git a/ci/mvn_settings.xml b/ci/mvn_settings.xml new file mode 100644 index 00000000..cb6433d4 --- /dev/null +++ b/ci/mvn_settings.xml @@ -0,0 +1,23 @@ + + + + + ossrh + ${env.CONTAINER_OSSRH_JIRA_USERNAME} + ${env.CONTAINER_OSSRH_JIRA_PASSWORD} + + + + + ossrh + + true + + + gpg2 + ${env.CONTAINER_GPG_KEY_NAME} + ${env.CONTAINER_GPG_PASSPHRASE} + + + + diff --git a/ci/setup_env.sh b/ci/setup_env.sh new file mode 100755 index 00000000..1657041d --- /dev/null +++ b/ci/setup_env.sh @@ -0,0 +1,55 @@ +#!/bin/bash + +set -eo pipefail + +pom_version="$(xpath -q -e '/project/version/text()' jni/pom.xml)" + +echo "TRAVIS_TAG: $TRAVIS_TAG" +echo "jni/pom.xml version: $pom_version" + +export CONTAINER_PUBLISH="false" +# empty key.asc file in case we're not signing +touch "${HOME}/key.asc" + +if [ ! -z "${TRAVIS_TAG}" ]; then + export GNUPGHOME="$(mktemp -d 2>/dev/null || mktemp -d -t 'GNUPGHOME')" + echo "Tagged build, fetching maintainer keys." + gpg -v --batch --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys $MAINTAINER_KEYS || + gpg -v --batch --keyserver hkp://ipv4.pool.sks-keyservers.net --recv-keys $MAINTAINER_KEYS || + gpg -v --batch --keyserver hkp://pgp.mit.edu:80 --recv-keys $MAINTAINER_KEYS + if git verify-tag -v "${TRAVIS_TAG}"; then + echo "Valid signed tag" + if [ "${TRAVIS_TAG}" != "${pom_version}" ]; then + echo "Aborting, tag differs from the pom file." + exit 1 + else + export CONTAINER_PUBLISH="true" + echo "Fetching gpg signing keys." + curl -sLH "Authorization: token $GITHUB_TOKEN" -H "Accept: application/vnd.github.v3.raw" "$MAVEN_KEY_ARCHIVE_URL" | + openssl enc -d -aes-256-cbc -md sha256 -pass pass:$MAVEN_KEY_ARCHIVE_PASSWORD | + tar -xzf- -C "${HOME}" + fi + fi +fi + +# unset credentials if not publishing +if [ "${CONTAINER_PUBLISH}" = "false" ]; then + export CONTAINER_OSSRH_JIRA_USERNAME="" + export CONTAINER_OSSRH_JIRA_PASSWORD="" + export CONTAINER_GPG_KEY_NAME="" + export CONTAINER_GPG_PASSPHRASE="" + unset CONTAINER_OSSRH_JIRA_USERNAME + unset CONTAINER_OSSRH_JIRA_PASSWORD + unset CONTAINER_GPG_KEY_NAME + unset CONTAINER_GPG_PASSPHRASE +fi + +# unset credentials after use +export GITHUB_TOKEN="" +export MAVEN_KEY_ARCHIVE_URL="" +export MAVEN_KEY_ARCHIVE_PASSWORD="" +unset GITHUB_TOKEN +unset MAVEN_KEY_ARCHIVE_URL +unset MAVEN_KEY_ARCHIVE_PASSWORD + +set +eo pipefail diff --git a/jni/pom.xml b/jni/pom.xml index 232ee518..5fce6275 100644 --- a/jni/pom.xml +++ b/jni/pom.xml @@ -1,81 +1,165 @@ + - 4.0.0 - io.horizen - zendoo-sc-cryptolib - 0.2.1-SNAPSHOT - 2020 - - UTF-8 - 1.8 - 1.8 - 2.12.8 - - - - - - junit - junit - 4.12 - test - - - - io.packagecloud.maven.wagon - maven-packagecloud-wagon - 0.0.6 - - - - - - packagecloud-travis - packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib - - - packagecloud-travis - packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib - - - - - - - - io.packagecloud.maven.wagon - maven-packagecloud-wagon - 0.0.6 - - - - - org.apache.maven.plugins - maven-compiler-plugin - 3.8.0 - - - - - org.apache.maven.plugins - maven-dependency-plugin - 3.1.1 - - - copy-dependencies - package - - copy-dependencies - - - ${project.build.directory}/lib - false - false - true - compile - - - - - - + 4.0.0 + io.horizen + zendoo-sc-cryptolib + 0.2-SNAPSHOT + 2020 + jar + ${project.groupId}:${project.artifactId} + ${project.artifactId} is a Rust crate that exposes to Java, through JNI, the ginger-lib components needed by the Zendoo sidechain SDK. + https://github.com/${project.github.organization}/${project.artifactId} + + + MIT License + https://opensource.org/licenses/MIT + + + + + Zen Blockchain Foundation + info@zensystem.io + ${project.github.organization} + https://github.com/${project.github.organization} + + + + scm:git:git://github.com/${project.github.organization}/${project.artifactId}.git + scm:git:git@github.com:${project.github.organization}/${project.artifactId}.git + https://github.com/${project.github.organization}/${project.artifactId}.git + ${project.version} + + + GitHub + https://github.com/${project.github.organization}/${project.artifactId}/issues + + + + ossrh + https://oss.sonatype.org/content/repositories/snapshots + + + + UTF-8 + ZencashOfficial + 1.8 + 1.8 + 2.12.8 + + + + junit + junit + 4.12 + test + + + + + sign + + + + org.apache.maven.plugins + maven-gpg-plugin + 1.6 + + + sign-artifacts + verify + + sign + + + + --pinentry-mode + loopback + --no-tty + + + + + + + + + + build-extras + + true + + + + + org.apache.maven.plugins + maven-source-plugin + 3.2.1 + + + attach-sources + + jar-no-fork + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.2.0 + + + attach-javadocs + + jar + + + + + + + + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.8.0 + + + + org.apache.maven.plugins + maven-dependency-plugin + 3.1.1 + + + copy-dependencies + package + + copy-dependencies + + + ${project.build.directory}/lib + false + false + true + compile + + + + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.8 + true + + ossrh + https://oss.sonatype.org/ + true + + + + diff --git a/sample.pom.xml b/sample.pom.xml deleted file mode 100644 index 63e16dd3..00000000 --- a/sample.pom.xml +++ /dev/null @@ -1,24 +0,0 @@ - - - - io.packagecloud.maven.wagon - maven-packagecloud-wagon - 0.1.0 - - - - - - - packagecloud-travis - - packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib - - - - packagecloud-travis - - packagecloud+https://packagecloud.io/zensystem/zendoo-sc-cryptolib - - - From 5c485066fd439b70bf36d729656cd52f03ef95c0 Mon Sep 17 00:00:00 2001 From: cronicc Date: Tue, 9 Jun 2020 11:46:14 +0000 Subject: [PATCH 3/3] Set version 0.3.0 --- jni/pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/jni/pom.xml b/jni/pom.xml index 5fce6275..0482cbd6 100644 --- a/jni/pom.xml +++ b/jni/pom.xml @@ -3,7 +3,7 @@ 4.0.0 io.horizen zendoo-sc-cryptolib - 0.2-SNAPSHOT + 0.3.0 2020 jar ${project.groupId}:${project.artifactId}