add a property for attaching assemblies and disable it for public deployment

Currently, we attach the zip assembly for all plugins but Shield when deploying. This is problematic because
we want to track the downloads of the zips through our downloads service. This commit changes the
behavior to not attach the zip assembly when deploying publicly.

The source files were also being attached even for public deployments and this commit adds a property to
stop that for public deployments and a check to ensure that no sources or zip file is attached when deploying
publicly.

Additionally, the default profile overrides the distribution management of the parent pom(s) so that a deploy
without a profile specified will not work. Without this change issuing a deploy command on a machine that
has credentials for sonatype's repositories could have deployed the artifacts to the sonatype OSS repository.

Closes elastic/elasticsearch#321

Original commit: elastic/x-pack-elasticsearch@37a0a6c312
This commit is contained in:
jaymode 2015-07-23 10:35:40 -04:00
parent 14b30fd80c
commit e8364d6b50
2 changed files with 67 additions and 22 deletions

69
pom.xml
View File

@ -20,6 +20,8 @@
<properties> <properties>
<elasticsearch.license.header>${elasticsearch.tools.directory}/commercial-license-check/elasticsearch_license_header.txt</elasticsearch.license.header> <elasticsearch.license.header>${elasticsearch.tools.directory}/commercial-license-check/elasticsearch_license_header.txt</elasticsearch.license.header>
<elasticsearch.license.headerDefinition>${elasticsearch.tools.directory}/commercial-license-check/license_header_definition.xml</elasticsearch.license.headerDefinition> <elasticsearch.license.headerDefinition>${elasticsearch.tools.directory}/commercial-license-check/license_header_definition.xml</elasticsearch.license.headerDefinition>
<assembly.attach>true</assembly.attach>
<sources.attach>true</sources.attach>
</properties> </properties>
<scm> <scm>
@ -87,6 +89,28 @@
</resourceBundles> </resourceBundles>
</configuration> </configuration>
</plugin> </plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<configuration>
<attach>${assembly.attach}</attach>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar</goal>
</goals>
<configuration>
<attach>${sources.attach}</attach>
</configuration>
</execution>
</executions>
</plugin>
</plugins> </plugins>
</pluginManagement> </pluginManagement>
</build> </build>
@ -109,6 +133,10 @@
</profile> </profile>
<profile> <profile>
<id>deploy-public</id> <id>deploy-public</id>
<properties>
<assembly.attach>false</assembly.attach>
<sources.attach>false</sources.attach>
</properties>
<distributionManagement> <distributionManagement>
<repository> <repository>
<id>elasticsearch-public-releases</id> <id>elasticsearch-public-releases</id>
@ -116,15 +144,50 @@
<url>http://maven.elasticsearch.org/artifactory/public-releases</url> <url>http://maven.elasticsearch.org/artifactory/public-releases</url>
</repository> </repository>
</distributionManagement> </distributionManagement>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<dependencies>
<dependency>
<groupId>org.elasticsearch</groupId>
<artifactId>attached-artifact-enforcer</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
</dependencies>
<executions>
<execution>
<id>check-attached-artifacts</id>
<phase>verify</phase>
<goals>
<goal>enforce</goal>
</goals>
<configuration>
<rules>
<bannedAttachedArtifacts implementation="org.elasticsearch.enforcer.rules.BannedAttachedArtifacts">
<excludes>
<exclude>.*\.zip</exclude>
<exclude>.*-sources\.jar</exclude>
</excludes>
</bannedAttachedArtifacts>
</rules>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile> </profile>
<profile> <profile>
<id>default</id> <id>default</id>
<activation> <activation>
<activeByDefault>true</activeByDefault> <activeByDefault>true</activeByDefault>
</activation> </activation>
<properties> <distributionManagement>
<enforcer.skip>true</enforcer.skip> <!-- by doing this, we must always specify a profile when deploying and we will not inherit the
</properties> the repositories from a parent, which could be a public repo that we do not want to deploy to. -->
</distributionManagement>
</profile> </profile>
</profiles> </profiles>

View File

@ -75,10 +75,8 @@
<plugins> <plugins>
<plugin> <plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId> <artifactId>maven-assembly-plugin</artifactId>
<configuration>
<attach>false</attach>
</configuration>
</plugin> </plugin>
<plugin> <plugin>
@ -151,20 +149,4 @@
</pluginManagement> </pluginManagement>
</build> </build>
<profiles>
<profile>
<id>deploy-internal</id>
<build>
<plugins>
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<configuration>
<attach>true</attach>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project> </project>