[ci] Update doc about pmd build

This commit is contained in:
Andreas Dangel
2021-04-15 18:47:44 +02:00
parent b896aacabf
commit c1f307eb0b
3 changed files with 23 additions and 43 deletions

@ -1,31 +1,28 @@
## PMD CI Scripts # PMD CI Scripts
This folder contains scripts used for CI. This folder contains scripts used for CI, that are PMD specific.
It uses the common scripts from [build-tools](https://github.com/pmd/build-tools).
## Secrets ## .ci/files/public-env.gpg
One secret is required for decrypting the GPG Key with which the PMD Releases are signed and This files contains the following environment variables:
for a ssh key, which is used to copy files to sourceforge.
## Environment variables * DANGER_GITHUB_API_TOKEN: Token for danger to add comments to PRs as <https://github.com/pmd-test>
* PMD_CI_CHUNK_TOKEN: Token for uploading reports to chunk.io
* PMD_CI_SECRET_PASSPHRASE The file is encrypted, so that the tokens are not automatically disabled when github detects them
* CI_DEPLOY_USER in clear text.
* CI_DEPLOY_PASSWORD
* CI_SIGN_KEY
* CI_SIGN_PASSPHRASE
* PMD_SF_USER
* PMD_SF_APIKEY
* GITHUB_OAUTH_TOKEN
* GITHUB_BASE_URL
* COVERALLS_REPO_TOKEN
* SONAR_TOKEN
* DANGER_GITHUB_API_TOKEN
* PMD_CI_CHUNK_TOKEN
## Encrypting **Decrypting**:
gpg --batch --symmetric --cipher-algo AES256 --passphrase="$PMD_CI_SECRET_PASSPHRASE" file.txt gpg --batch --yes --decrypt --passphrase="GnxdjywUEPveyCD1RLiTd7t8CImnefYr" \
--output .ci/files/public-env .ci/files/public-env.gpg
**Encrypting**:
gpg --batch --symmetric --cipher-algo AES256 \
--armor --passphrase="GnxdjywUEPveyCD1RLiTd7t8CImnefYr" \
--output .ci/files/public-env.gpg .ci/files/public-env
## Known Issues ## Known Issues
@ -40,7 +37,7 @@ and [WAGON-486](https://issues.apache.org/jira/browse/WAGON-486):
The setting `-Dmaven.wagon.httpconnectionManager.ttlSeconds=180 -Dmaven.wagon.http.retryHandler.count=3` The setting `-Dmaven.wagon.httpconnectionManager.ttlSeconds=180 -Dmaven.wagon.http.retryHandler.count=3`
makes sure, that Maven doesn't try to use pooled connections that have been unused for more than 180 seconds. makes sure, that Maven doesn't try to use pooled connections that have been unused for more than 180 seconds.
These settings are placed as environment variable `MAVEN_OPTS` in all workflows, so that they are active for These settings are placed as environment variable `MAVEN_OPTS` in the workflow, so that they are active for
all Maven executions (including builds done by regression tester). all Maven executions (including builds done by regression tester).
Alternatively, pooling could be disabled completely via `-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false`. Alternatively, pooling could be disabled completely via `-Dhttp.keepAlive=false -Dmaven.wagon.http.pool=false`.
@ -49,9 +46,7 @@ established.
More information about configuring this can be found at [wagon-http](https://maven.apache.org/wagon/wagon-providers/wagon-http/). More information about configuring this can be found at [wagon-http](https://maven.apache.org/wagon/wagon-providers/wagon-http/).
## Hints ## Remote debugging
### Remote debugging
Debugging remotely is possible with <https://github.com/mxschmitt/action-tmate>. Debugging remotely is possible with <https://github.com/mxschmitt/action-tmate>.
@ -67,27 +62,13 @@ The workflow `troubleshooting` can be started manually, which already contains t
**Note**: This is dangerous for push/pull builds on pmd/pmd, because these have access to the secrets and the SSH session **Note**: This is dangerous for push/pull builds on pmd/pmd, because these have access to the secrets and the SSH session
is not protected. Builds triggered by pull requests from forked repositories don't have access to the secrets. is not protected. Builds triggered by pull requests from forked repositories don't have access to the secrets.
### Local tests with docker ## Local tests with docker
Create a local docker container: Using the same docker container as described in [build-env @ build-tools](https://github.com/pmd/build-tools).
``` ### Testing a push build (snapshot)
cd .ci/docker_ubuntu18.04
docker build -t pmd-ci .
```
This container is based on Ubuntu 18.04, which is used for `ubuntu-latest` github actions runner,
see [Virtual Environment](https://github.com/actions/virtual-environments).
You can run a local instance with docker:
```
docker run -it pmd-ci
```
You'll be dropped into a bash.
#### Testing a push build (snapshot)
Start docker without binding to local directory, so that we can do a fresh checkout: `docker run -it pmd-ci`. Start docker without binding to local directory, so that we can do a fresh checkout: `docker run -it pmd-ci`.
You'll be dropped into a bash. Use the following script, to setup and start the build: You'll be dropped into a bash. Use the following script, to setup and start the build:

Binary file not shown.

@ -7,7 +7,6 @@ source "$(dirname "$0")/inc/fetch_ci_scripts.bash" && fetch_ci_scripts
# #
# The functions here require the following environment variables: # The functions here require the following environment variables:
# PMD_SF_USER
# PMD_CI_BRANCH # PMD_CI_BRANCH
# #
# DANGER_GITHUB_API_TOKEN # DANGER_GITHUB_API_TOKEN