This is an automated email from the ASF dual-hosted git repository. pkarwasz pushed a commit to branch main in repository https://gitbox.apache.org/repos/asf/logging-log4j-transform.git
commit 123f8c48fa98e8f7beefe44bc9c3cfe2ce6af9a8 Author: Piotr P. Karwasz <[email protected]> AuthorDate: Tue May 2 19:06:31 2023 +0200 Use Maven Assembly for source release --- .github/workflows/build.yml | 7 ++--- .gitignore | 1 + pom.xml | 57 +++++++++++++++++++++++++++++++++++++++++ src/assembly/source-release.xml | 45 ++++++++++++++++++++++++++++++++ 4 files changed, 105 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 379fd93..7d317fa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -184,13 +184,10 @@ jobs: # `SIGN_KEY` is used by `sign-maven-plugin` SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }} - - name: Create artifacts (RELEASE) + - name: Sign artifacts (RELEASE) if: startsWith(github.ref, 'refs/heads/release/') run: | - export ZIP_FILEPATH="target/apache-log4j-transform-${PROJECT_VERSION}-src.zip" - git ls-files -z | xargs -0 zip -9 "$ZIP_FILEPATH" -- - gpg --armor --detach-sign --yes --pinentry-mode error "$ZIP_FILEPATH" - sha512sum "$ZIP_FILEPATH" > "$ZIP_FILEPATH.sha512" + gpg --armor --detach-sign --yes --pinentry-mode error "target/apache-log4j-transform-${PROJECT_VERSION}-src.zip" - name: Upload artifacts (RELEASE) if: startsWith(github.ref, 'refs/heads/release/') diff --git a/.gitignore b/.gitignore index c1a33c5..7a0958c 100644 --- a/.gitignore +++ b/.gitignore @@ -13,6 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. +## Keep in sync with src/assembly/source-assembly.xml target/ # IntelliJ IDEA .idea diff --git a/pom.xml b/pom.xml index 4cdc39a..505c2de 100644 --- a/pom.xml +++ b/pom.xml @@ -98,6 +98,7 @@ <!-- `project.build.outputTimestamp` is required for reproducible builds: https://maven.apache.org/guides/mini/guide-reproducible-builds.html --> <project.build.outputTimestamp>1682714736</project.build.outputTimestamp> <!-- plugin versions --> + <checksum-maven-plugin.version>1.11</checksum-maven-plugin.version> <flatten-maven-plugin.version>1.4.1</flatten-maven-plugin.version> <log4j-changelog-maven-plugin.version>0.3.0</log4j-changelog-maven-plugin.version> <sign-maven-plugin.version>1.0.1</sign-maven-plugin.version> @@ -200,12 +201,68 @@ <defaultGoal>deploy</defaultGoal> <plugins> + <!-- Create a source-release artifact that contains the fully buildable + project directory source structure. This is the artifact which is + the official subject of any release vote. --> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-assembly-plugin</artifactId> + <executions> + <execution> + <id>source-release-assembly</id> + <goals> + <goal>single</goal> + </goals> + <phase>package</phase> + <configuration> + <runOnlyAtExecutionRoot>true</runOnlyAtExecutionRoot> + <finalName>apache-log4j-transform-${project.version}</finalName> + <runOnlyAtExecutionRoot>true</runOnlyAtExecutionRoot> + <descriptors> + <descriptor>src/assembly/source-release.xml</descriptor> + </descriptors> + </configuration> + </execution> + </executions> + </plugin> + + <plugin> + <groupId>net.nicoulaj.maven.plugins</groupId> + <artifactId>checksum-maven-plugin</artifactId> + <version>1.11</version> + <executions> + <execution> + <id>source-release-checksum</id> + <goals> + <goal>files</goal> + </goals> + <!-- execute prior to maven-gpg-plugin:sign due to https://github.com/nicoulaj/checksum-maven-plugin/issues/112 --> + <phase>post-integration-test</phase> + <configuration> + <algorithms> + <algorithm>SHA-512</algorithm> + </algorithms> + <csvSummary>false</csvSummary> + <fileSets> + <fileSet> + <directory>${project.build.directory}</directory> + <includes> + <include>apache-log4j-transform*</include> + </includes> + </fileSet> + </fileSets> + </configuration> + </execution> + </executions> + </plugin> + <plugin> <groupId>org.simplify4u.plugins</groupId> <artifactId>sign-maven-plugin</artifactId> <version>${sign-maven-plugin.version}</version> <executions> <execution> + <id>default-sign</id> <goals> <goal>sign</goal> </goals> diff --git a/src/assembly/source-release.xml b/src/assembly/source-release.xml new file mode 100644 index 0000000..01a3bda --- /dev/null +++ b/src/assembly/source-release.xml @@ -0,0 +1,45 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- + ~ Licensed to the Apache Software Foundation (ASF) under one or more + ~ contributor license agreements. See the NOTICE file distributed with + ~ this work for additional information regarding copyright ownership. + ~ The ASF licenses this file to you under the Apache License, Version 2.0 + ~ (the "License"); you may not use this file except in compliance with + ~ the License. You may obtain a copy of the License at + ~ + ~ http://www.apache.org/licenses/LICENSE-2.0 + ~ + ~ Unless required by applicable law or agreed to in writing, software + ~ distributed under the License is distributed on an "AS IS" BASIS, + ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + ~ See the License for the specific language governing permissions and + ~ limitations under the License. + --> +<assembly> + <id>src</id> + <formats> + <format>zip</format> + </formats> + <fileSets> + <fileSet> + <useDefaultExcludes>true</useDefaultExcludes> + <directory>${project.basedir}</directory> + <excludes> + <!-- Keep in sync with .gitignore --> + <exclude>**/target/**</exclude> + <exclude>.idea/**</exclude> + <exclude>**/*.iml</exclude> + <exclude>**/*.iws</exclude> + <exclude>**/.classpath</exclude> + <exclude>**/.project</exclude> + <exclude>**/.settings/**</exclude> + <exclude>.mvn/wrapper/maven-wrapper.jar</exclude> + <!-- Remove Git and Github specific stuff --> + <exclude>.git/**</exclude> + <exclude>.github/**</exclude> + <exclude>.gitattributes</exclude> + <exclude>.gitignore</exclude> + </excludes> + </fileSet> + </fileSets> +</assembly>
