New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add deploy by travis #157

Merged
merged 5 commits into from Dec 21, 2017
Jump to file or symbol
Failed to load files and symbols.
+159 −8
Diff settings

Always

Just for now

View
@@ -3,7 +3,10 @@ sudo: false
dist: trusty
jdk:
- oraclejdk8
install: true
install:
# decrypt settings.xml, pubring.gpg and secring.gpg
- if [ -n "$encrypted_b6710039761a_key" ]; then openssl aes-256-cbc -K $encrypted_b6710039761a_key -iv $encrypted_b6710039761a_iv -in .travis/secrets.tar.enc -out .travis/secrets.tar -d; fi
- if [ -f ".travis/secrets.tar" ]; then tar -xvf .travis/secrets.tar -C .travis; fi
script:
- mvn org.jacoco:jacoco-maven-plugin:prepare-agent verify sonar:sonar -B -e -V
notifications:
@@ -15,3 +18,16 @@ addons:
secure: "TO179WgRUyyT2Yg92FpC1r746GaHDMZ7+rMiBqnXztoj5VWTn8U0+M9edyxQ+cKZtCznC4JoimdjBhne52vauWFuQsoczrxtnN7l4w+yemC799Mm5jEuPKoId1CQZkVc5g4hmmeV4Qg6H5K1or1gnl+MGGZ9tbUYOu2v+G2SyAA="
github_token:
secure: "F37JqWPpdlOl4oHvTAap9uw+MEqmIz60HiVKYmSpQHDZRb13VJ/pVO11GVhoUfiswOERIEe6Ot/diH/ZK7qhaJQtPJVdSHLyN5t9KSdLtP9wYHWINVR79q8nM7I0rOZ94XDbBsHEsFgC/IWAYizVavQpMw5AGt31qjTzac19BVQ="
deploy:
# deploy SNAPSHOT artifact onto Sonatype Nexus
- provider: script
skip_cleanup: true
script: mvn deploy -B -P deploy -s .travis/settings.xml
on:
branch: master
# deploy STABLE artifact onto Sonatype Nexus
- provider: script
skip_cleanup: true
script: mvn deploy -B -P deploy -s .travis/settings.xml
on:
tags: true
View
@@ -0,0 +1,6 @@
pubring.gpg
secring.gpg
settings.xml
# create this file by `tar cvf secrets.tar pubring.gpg secring.gpg settings.xml`
secrets.tar
View
Binary file not shown.
@@ -0,0 +1,31 @@
<!--
This file is a template for .travis/settings.xml.
This XML contains passphrase and password, so it should be encrypted by `travis encrypt-file` command.
https://docs.travis-ci.com/user/encrypting-files/
-->
<settings>
<servers>
<server>
<!--
User name and password to deploy onto Sonatype repository.
Necessary to deploy both signed artifact (stable version) and unsigned artifact (snapshot version).
-->
<id>ossrh</id>
<username>...</username>
<password>...</password>
</server>
</servers>
<profiles>
<profile>
<!--
GPG passphrase to sign artifacts.
-->
<id>deploy</id>
<properties>
<gpg.passphrase>...</gpg.passphrase>
<gpg.publicKeyring>.travis/pubring.gpg</gpg.publicKeyring>
<gpg.secretKeyring>.travis/secring.gpg</gpg.secretKeyring>
</properties>
</profile>
</profiles>
</settings>
View
@@ -0,0 +1,20 @@
# Release procedure
When you release fixed version of SonarQube SpotBugs Plugin, please follow these procedures.
* create topic branch from `master` branch
* change version number in `pom.xml` to stable version (e.g. `1.2.3`), then commit changes
* change version number in `pom.xml` to next development SNAPSHOT version (e.g. `1.2.4-SNAPSHOT`), then commit changes
* push your topic branch and propose a pull request
* after merging your pull request, tag the commit which has stable version in `pom.xml`, and push this tag
## Release to Maven Central
When we push tag, the build result on Travis CI will be deployed to [Sonatype Nexus](https://oss.sonatype.org/).
Check [Sonatype official page](http://central.sonatype.org/pages/apache-maven.html) for detail.
## Release to SonarQube Marketplace
Follow the procedures listed in [SonarQube official guide](https://docs.sonarqube.org/display/DEV/Deploying+to+the+Marketplace#DeployingtotheMarketplace-Announcingnewreleases).
Here is [the SonarCloud dashboard for this project](https://sonarcloud.io/dashboard?id=com.github.spotbugs:sonar-findbugs-plugin).
View
84 pom.xml
@@ -7,7 +7,7 @@
<version>3.7.0-SNAPSHOT</version>
<packaging>sonar-plugin</packaging>
<name>SonarQube Findbugs Plugin</name>
<name>SonarQube SpotBugs Plugin</name>

This comment has been minimized.

@KengoTODA

KengoTODA Dec 20, 2017

Member

Renamed artifact name proposed in #156

@KengoTODA

KengoTODA Dec 20, 2017

Member

Renamed artifact name proposed in #156

<description>SpotBugs is a program that uses static analysis to look for bugs in Java code. It can detect a variety of common coding mistakes, including thread synchronization problems, misuse of API methods.</description>
<url>https://github.com/spotbugs/sonar-findbugs/</url>
<issueManagement>
@@ -80,7 +80,7 @@
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.sonarsource.sslr-squid-bridge</groupId>
@@ -316,5 +316,83 @@
</plugin>
</plugins>
</build>
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
</distributionManagement>
<profiles>
<profile>
<id>travis</id>
<activation>
<property>
<name>env.CI</name>
<value>true</value>
</property>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.0.0</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
<profile>
<id>deploy</id>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.0.1</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.6</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.8</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
@@ -84,9 +84,9 @@ public InputFile findSourceFile(String sourceFile, FileSystem fs) {
/**
* JSP files are compile to class with pseudo packages and class name that vary based on the compiler used.
* Multiples patterns are test against the available sources files.<br/>
* (ie : <code>test.index_jsp</code> -> <code>src/main/webapp/test/index.jsp</code>)
* <br/>
* Multiples patterns are test against the available sources files.<br>
* (ie : <code>test.index_jsp</code> -&gt; <code>src/main/webapp/test/index.jsp</code>)
* <br>
* Their is a certain level of guessing since their could always be a class following the same pattern of colliding
* precompiled jsp. (same pseudo package, same class format, etc.)
*
@@ -154,7 +154,7 @@ private InputFile buildInputFile(String fileName,FileSystem fs) {
* The smap can be either embedded in the class file or alternatively place in separate file.
*
* @param className Class name
* @param originalLine Line of code of the auto-generated Java line (.jsp -> .java -> .class)
* @param originalLine Line of code of the auto-generated Java line (.jsp -&gt; .java -&gt; .class)
* @param classFile (Optional)
* @return JSP line number
*/
ProTip! Use n and p to navigate between commits in a pull request.