pmd/.ci/README.md

## PMD CI Scripts

This folder contains scripts used for CI.

## Secrets

One secret is required for decrypting the GPG Key with which the PMD Releases are signed and
for a ssh key, which is used to copy files to sourceforge.

## Environment variables

* `PMD_CI_SECRET_PASSPHRASE`
* `CI_DEPLOY_PASSWORD`
* `CI_SIGN_PASSPHRASE`
* ...

## Encrypting

    gpg --batch --symmetric --cipher-algo AES256 --passphrase="$PMD_CI_SECRET_PASSPHRASE" file.txt

## Known Issues

Intermittent build failures while downloading dependencies from maven central.
Root issue seems to be SNAT configs in Azure, which closes long running TCP connections
only on one side: https://docs.microsoft.com/en-us/azure/load-balancer/troubleshoot-outbound-connection#idletimeout
The default timeout is 4 minutes.

Workaround as described in https://github.com/actions/virtual-environments/issues/1499 and
https://issues.apache.org/jira/browse/WAGON-545 is applied:

`-Dmaven.wagon.httpconnectionManager.ttlSeconds=180 -Dmaven.wagon.http.retryHandler.count=3`

## Hints

### Remote debugging

Debugging remotely is possible with <https://github.com/mxschmitt/action-tmate>.

Just add the following step into the job:

```
      - name: Setup tmate session
        uses: mxschmitt/action-tmate@v3
```

Note: This is dangerous for push builds, because these have access to the secrets and the SSH session
is not protected.

### Local tests

You can run a local instance with docker:

```
docker run -it --mount type=bind,source=path/to/pmd,target=/workspaces/pmd/pmd ubuntu:latest
```

You'll need to install a few packages before you can start... You can verify with `check-environment.sh`
if everything is prepared.
Initial version of new ci scripts 2020-11-10 22:26:26 +01:00			`## PMD CI Scripts`

			`This folder contains scripts used for CI.`

			`## Secrets`

			`One secret is required for decrypting the GPG Key with which the PMD Releases are signed and`
			`for a ssh key, which is used to copy files to sourceforge.`

			`## Environment variables`

			* `PMD_CI_SECRET_PASSPHRASE`
			* `CI_DEPLOY_PASSWORD`
			* `CI_SIGN_PASSPHRASE`
Integrate setup secrets into build.sh, add env.gpg, add sourceforge upload 2020-11-11 22:56:02 +01:00			`* ...`
Initial version of new ci scripts 2020-11-10 22:26:26 +01:00
Integrate setup secrets into build.sh, add env.gpg, add sourceforge upload 2020-11-11 22:56:02 +01:00			`## Encrypting`

			`gpg --batch --symmetric --cipher-algo AES256 --passphrase="$PMD_CI_SECRET_PASSPHRASE" file.txt`
Initial version of new ci scripts 2020-11-10 22:26:26 +01:00
Add workaround for connection timeouts 2020-11-12 09:44:17 +01:00			`## Known Issues`

			`Intermittent build failures while downloading dependencies from maven central.`
			`Root issue seems to be SNAT configs in Azure, which closes long running TCP connections`
			`only on one side: https://docs.microsoft.com/en-us/azure/load-balancer/troubleshoot-outbound-connection#idletimeout`
			`The default timeout is 4 minutes.`

			`Workaround as described in https://github.com/actions/virtual-environments/issues/1499 and`
			`https://issues.apache.org/jira/browse/WAGON-545 is applied:`

			`-Dmaven.wagon.httpconnectionManager.ttlSeconds=180 -Dmaven.wagon.http.retryHandler.count=3`
Add debugging hints 2020-11-12 11:55:05 +01:00
			`## Hints`

			`### Remote debugging`

			`Debugging remotely is possible with <https://github.com/mxschmitt/action-tmate>.`

			`Just add the following step into the job:`

			```
			`- name: Setup tmate session`
			`uses: mxschmitt/action-tmate@v3`
			```

			`Note: This is dangerous for push builds, because these have access to the secrets and the SSH session`
			`is not protected.`

			`### Local tests`

			`You can run a local instance with docker:`

			```
			`docker run -it --mount type=bind,source=path/to/pmd,target=/workspaces/pmd/pmd ubuntu:latest`
			```

			You'll need to install a few packages before you can start... You can verify with `check-environment.sh`
			`if everything is prepared.`