Signing detatched artifacts
Project: http://git-wip-us.apache.org/repos/asf/commons-release-plugin/repo Commit: http://git-wip-us.apache.org/repos/asf/commons-release-plugin/commit/a0b4bc2c Tree: http://git-wip-us.apache.org/repos/asf/commons-release-plugin/tree/a0b4bc2c Diff: http://git-wip-us.apache.org/repos/asf/commons-release-plugin/diff/a0b4bc2c Branch: refs/heads/master Commit: a0b4bc2ce5c9ef25ac59fe177ffdc1a9ef216b29 Parents: 3189050 Author: Rob Tompkins <[email protected]> Authored: Sat Dec 30 10:18:22 2017 -0500 Committer: Rob Tompkins <[email protected]> Committed: Sat Dec 30 10:18:22 2017 -0500 ---------------------------------------------------------------------- pom.xml | 17 +- .../mojos/CommonsAssemblyStagingMojo.java | 91 ---------- .../CommonsDistributionDetatchmentMojo.java | 180 +++++++++++++++++++ .../mojos/CommonsDistributionStagingMojo.java | 14 ++ .../scm/AssemblyPublicationScmProvider.java | 45 +++++ .../release/plugin/scm/package-info.java | 17 ++ 6 files changed, 270 insertions(+), 94 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/commons-release-plugin/blob/a0b4bc2c/pom.xml ---------------------------------------------------------------------- diff --git a/pom.xml b/pom.xml index 86d22a3..664c9f8 100644 --- a/pom.xml +++ b/pom.xml @@ -99,12 +99,23 @@ <dependency> <groupId>org.apache.maven.wagon</groupId> <artifactId>wagon-provider-api</artifactId> - <version>2.12</version> + <version>3.0.0</version> </dependency> <dependency> <groupId>org.apache.maven.wagon</groupId> - <artifactId>wagon-providers</artifactId> - <version>2.10</version> + <artifactId>wagon-scm</artifactId> + <version>3.0.0</version> + </dependency> + <dependency> + <groupId>commons-codec</groupId> + <artifactId>commons-codec</artifactId> + <version>1.10</version> + </dependency> + <dependency> + <groupId>junit</groupId> + <artifactId>junit</artifactId> + <version>4.12</version> + <scope>test</scope> </dependency> </dependencies> http://git-wip-us.apache.org/repos/asf/commons-release-plugin/blob/a0b4bc2c/src/main/java/org/apache/commons/release/plugin/mojos/CommonsAssemblyStagingMojo.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/release/plugin/mojos/CommonsAssemblyStagingMojo.java b/src/main/java/org/apache/commons/release/plugin/mojos/CommonsAssemblyStagingMojo.java deleted file mode 100644 index 4b9e3d6..0000000 --- a/src/main/java/org/apache/commons/release/plugin/mojos/CommonsAssemblyStagingMojo.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one or more - * contributor license agreements. See the NOTICE file distributed with - * this work for additional information regarding copyright ownership. - * The ASF licenses this file to You under the Apache License, Version 2.0 - * (the "License"); you may not use this file except in compliance with - * the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.apache.commons.release.plugin.mojos; - -import edu.emory.mathcs.backport.java.util.Collections; -import org.apache.maven.plugin.AbstractMojo; -import org.apache.maven.plugins.annotations.LifecyclePhase; -import org.apache.maven.plugins.annotations.Mojo; -import org.apache.maven.plugins.annotations.Parameter; -import org.apache.maven.project.MavenProject; -import org.apache.maven.project.artifact.AttachedArtifact; - -import java.io.File; -import java.util.ArrayList; -import java.util.HashSet; -import java.util.List; -import java.util.Set; - -/** - * The purpose of this maven mojo is to detach the artifacts generated by the maven-assembly-plugin, - * which for the Apache Commons Project do not get uploaded to Nexus, and putting those artifacts - * in the dev distribution location for apache projects. - * - * @author chtompki - * @since 1.0 - */ -@Mojo( name = "test", defaultPhase = LifecyclePhase.VERIFY, threadSafe = true) -public class CommonsAssemblyStagingMojo extends AbstractMojo { - - /** - * A list of "artifact types" in the maven vernacular, to - * be detatched from the deployment. For the time being we want - * all artifacts generated by the maven-assembly-plugin to be detatched - * from the deployment, namely *-src.zip, *-src.tar.gz, *-bin.zip, - * *-bin.tar.gz, and the corresponding .asc pgp signatures. - */ - private static final Set<String> ARTIFACT_TYPES_TO_DETATCH; - static { - Set<String> hashSet = new HashSet<>(); - hashSet.add("zip"); - hashSet.add("tar.gz"); - hashSet.add("zip.asc"); - hashSet.add("tar.gz.asc"); - ARTIFACT_TYPES_TO_DETATCH = Collections.unmodifiableSet(hashSet); - } - - /** - * This list is supposed to hold the maven references to the aformentioned artifacts so that we - * can upload them to svn after they've been detatched from the maven deployment. - */ - private List<AttachedArtifact> detatchedArtifacts = new ArrayList<>(); - - /** - * The maven project context injection so that we can get a hold of the variables at hand. - */ - @Parameter( defaultValue = "${project}", required = true ) - private MavenProject project; - - @Parameter( defaultValue = "${project.build.directory}/commons-release-plugin", alias = "outputDirectory" ) - private File workingDirectory; - - @Parameter ( required = true ) - private String pubScmStagingUrl; - - public void execute() { - getLog().info("Detatching Assemblies"); - for (Object attachedArtifact : project.getAttachedArtifacts()) { - if (ARTIFACT_TYPES_TO_DETATCH.contains(((AttachedArtifact) attachedArtifact).getType())) { - detatchedArtifacts.add((AttachedArtifact) attachedArtifact); - } - } - for(AttachedArtifact artifactToRemove : detatchedArtifacts) { - project.getAttachedArtifacts().remove(artifactToRemove); - } - - } -} http://git-wip-us.apache.org/repos/asf/commons-release-plugin/blob/a0b4bc2c/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionDetatchmentMojo.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionDetatchmentMojo.java b/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionDetatchmentMojo.java new file mode 100644 index 0000000..7cfdb1d --- /dev/null +++ b/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionDetatchmentMojo.java @@ -0,0 +1,180 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.commons.release.plugin.mojos; + +import edu.emory.mathcs.backport.java.util.Collections; +import org.apache.commons.codec.digest.DigestUtils; +import org.apache.maven.plugin.AbstractMojo; +import org.apache.maven.plugin.MojoExecutionException; +import org.apache.maven.plugins.annotations.LifecyclePhase; +import org.apache.maven.plugins.annotations.Mojo; +import org.apache.maven.plugins.annotations.Parameter; +import org.apache.maven.project.MavenProject; +import org.apache.maven.project.artifact.AttachedArtifact; +import org.codehaus.plexus.util.FileUtils; + +import java.io.File; +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.PrintWriter; +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +/** + * The purpose of this maven mojo is to detach the artifacts generated by the maven-assembly-plugin, + * which for the Apache Commons Project do not get uploaded to Nexus, and putting those artifacts + * in the dev distribution location for apache projects. + * + * @author chtompki + * @since 1.0 + */ +@Mojo( name = "detatch-assemblies", defaultPhase = LifecyclePhase.VERIFY, threadSafe = true) +public class CommonsDistributionDetatchmentMojo extends AbstractMojo { + + /** + * A list of "artifact types" in the maven vernacular, to + * be detatched from the deployment. For the time being we want + * all artifacts generated by the maven-assembly-plugin to be detatched + * from the deployment, namely *-src.zip, *-src.tar.gz, *-bin.zip, + * *-bin.tar.gz, and the corresponding .asc pgp signatures. + */ + private static final Set<String> ARTIFACT_TYPES_TO_DETATCH; + static { + Set<String> hashSet = new HashSet<>(); + hashSet.add("zip"); + hashSet.add("tar.gz"); + hashSet.add("zip.asc"); + hashSet.add("tar.gz.asc"); + ARTIFACT_TYPES_TO_DETATCH = Collections.unmodifiableSet(hashSet); + } + + /** + * This list is supposed to hold the maven references to the aformentioned artifacts so that we + * can upload them to svn after they've been detatched from the maven deployment. + */ + private List<AttachedArtifact> detatchedArtifacts = new ArrayList<>(); + + /** + * The maven project context injection so that we can get a hold of the variables at hand. + */ + @Parameter( defaultValue = "${project}", required = true ) + private MavenProject project; + + @Parameter( defaultValue = "${project.build.directory}/commons-release-plugin", alias = "outputDirectory" ) + private File workingDirectory; + + public void execute() throws MojoExecutionException { + getLog().info("Detatching Assemblies"); + for (Object attachedArtifact : project.getAttachedArtifacts()) { + if (ARTIFACT_TYPES_TO_DETATCH.contains(((AttachedArtifact) attachedArtifact).getType())) { + detatchedArtifacts.add((AttachedArtifact) attachedArtifact); + } + } + for(AttachedArtifact artifactToRemove : detatchedArtifacts) { + project.getAttachedArtifacts().remove(artifactToRemove); + } + initWorkingDirectory(); + copyRemovedArtifactsToWorkingDirectory(); + getLog().info(""); + sha1AndMd5SignArtifacts(); + } + + private void initWorkingDirectory() throws MojoExecutionException { + if (workingDirectory.exists()) { + try { + FileUtils.deleteDirectory(workingDirectory); + } catch (IOException e) { + getLog().error(e.getMessage()); + throw new MojoExecutionException("Unable to remove working directory: " + e.getMessage(), e); + } + } + if (!workingDirectory.exists()) { + workingDirectory.mkdirs(); + } + } + + private void copyRemovedArtifactsToWorkingDirectory() throws MojoExecutionException { + StringBuffer copiedArtifactAbsolutePath; + getLog().info("Copying detatched artifacts to working directory."); + for (AttachedArtifact artifact: detatchedArtifacts) { + File artifactFile = artifact.getFile(); + copiedArtifactAbsolutePath = new StringBuffer(workingDirectory.getAbsolutePath()); + copiedArtifactAbsolutePath.append("/"); + copiedArtifactAbsolutePath.append(artifactFile.getName()); + File copiedArtifact = new File(copiedArtifactAbsolutePath.toString()); + getLog().info("Copying: " + artifactFile.getName()); + FileInputStream in; + FileOutputStream out; + try { + in = new FileInputStream(artifactFile); + out = new FileOutputStream(copiedArtifact); + byte[] buf = new byte[1024]; + int len; + while ((len = in.read(buf)) > 0) { + out.write(buf, 0, len); + } + in.close(); + out.close(); + } catch (IOException e) { + getLog().error(e.getMessage()); + throw new MojoExecutionException("Unable to copy file: " + e.getMessage(), e); + } + } + } + + private void sha1AndMd5SignArtifacts() throws MojoExecutionException { + for (AttachedArtifact artifact : detatchedArtifacts) { + if (!artifact.getFile().getName().contains("asc")) { + try { + FileInputStream artifactFileInputStream = new FileInputStream(artifact.getFile()); + String md5 = DigestUtils.md5Hex(artifactFileInputStream); + getLog().info(artifact.getFile().getName() + " md5: " + md5); + PrintWriter md5Writer = new PrintWriter(getMd5FilePath(workingDirectory, artifact.getFile())); + md5Writer.println(md5); + String sha1 = DigestUtils.sha1Hex(artifactFileInputStream); + getLog().info(artifact.getFile().getName() + " sha1: " + sha1); + PrintWriter sha1Writer = new PrintWriter(getSha1FilePath(workingDirectory, artifact.getFile())); + sha1Writer.println(sha1); + md5Writer.close(); + sha1Writer.close(); + } catch (IOException e) { + throw new MojoExecutionException("Could not sign file: " + artifact.getFile().getName(), e); + } + } + } + } + + private String getMd5FilePath(File workingDirectory, File file) { + StringBuffer buffer = new StringBuffer(workingDirectory.getAbsolutePath()); + buffer.append("/"); + buffer.append(file.getName()); + buffer.append(".md5"); + return buffer.toString(); + } + + private String getSha1FilePath(File workingDirectory, File file) { + StringBuffer buffer = new StringBuffer(workingDirectory.getAbsolutePath()); + buffer.append("/"); + buffer.append(file.getName()); + buffer.append(".sha1"); + return buffer.toString(); + } +} http://git-wip-us.apache.org/repos/asf/commons-release-plugin/blob/a0b4bc2c/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionStagingMojo.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionStagingMojo.java b/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionStagingMojo.java new file mode 100644 index 0000000..7f9ec67 --- /dev/null +++ b/src/main/java/org/apache/commons/release/plugin/mojos/CommonsDistributionStagingMojo.java @@ -0,0 +1,14 @@ +package org.apache.commons.release.plugin.mojos; + +import org.apache.maven.plugins.annotations.Parameter; + +import java.io.File; + +public class CommonsDistributionStagingMojo { + + @Parameter( defaultValue = "${project.build.directory}/commons-release-plugin", alias = "outputDirectory" ) + private File workingDirectory; + + @Parameter ( required = true ) + private String distScmStagingUrl; +} http://git-wip-us.apache.org/repos/asf/commons-release-plugin/blob/a0b4bc2c/src/main/java/org/apache/commons/release/plugin/scm/AssemblyPublicationScmProvider.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/release/plugin/scm/AssemblyPublicationScmProvider.java b/src/main/java/org/apache/commons/release/plugin/scm/AssemblyPublicationScmProvider.java new file mode 100644 index 0000000..3f942cb --- /dev/null +++ b/src/main/java/org/apache/commons/release/plugin/scm/AssemblyPublicationScmProvider.java @@ -0,0 +1,45 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.commons.release.plugin.scm; + +import org.apache.maven.scm.ScmFileSet; + +import java.io.File; + +/** + * @author chtompki + * @since 1.0 + */ +public class AssemblyPublicationScmProvider { + + private static final String SCM_CHECKOUT_SUBDIRECTORY = "pub-scm"; + + public static void prepareScmCheckoutDirectory(File pluginWorkingDirectory) { + StringBuilder pubScmPath = new StringBuilder(pluginWorkingDirectory.getAbsolutePath()); + pubScmPath.append("/"); + pubScmPath.append(SCM_CHECKOUT_SUBDIRECTORY); + File pubScmDirectory = new File(pubScmPath.toString()); + if (!pubScmDirectory.exists()) { + pubScmDirectory.mkdirs(); + } + } + + public void checkoutPubScmStagingUrl(String pubScmStagingUrl, File pluginWorkingDirectory) { + + } + +} http://git-wip-us.apache.org/repos/asf/commons-release-plugin/blob/a0b4bc2c/src/main/java/org/apache/commons/release/plugin/scm/package-info.java ---------------------------------------------------------------------- diff --git a/src/main/java/org/apache/commons/release/plugin/scm/package-info.java b/src/main/java/org/apache/commons/release/plugin/scm/package-info.java new file mode 100644 index 0000000..8767dfc --- /dev/null +++ b/src/main/java/org/apache/commons/release/plugin/scm/package-info.java @@ -0,0 +1,17 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.commons.release.plugin.scm; \ No newline at end of file
