Merge pull request #35 from andy1138/autopublish

tag-driven publishing on Travis

Author: andy1138

.travis.yml

@@ -1,13 +1,21 @@
 language: scala
+
+env:
+  global:
+    - PUBLISH_JDK=openjdk7 # admin/build.sh only publishes when running on this jdk
+# Don't commit sensitive files, instead commit a version encrypted with $SECRET,
+# this environment variable is encrypted with this repo's private key and stored below:
+# (See http://docs.travis-ci.com/user/environment-variables/#Secure-Variables.)
+    - secure: "g/d6gjq6g+t5ieI6DwOiL5k8XJ/ethlZ1ZZDA/uvOsCfkIu0MBL2cYGmwQ0gcBNBQ/02wZjXnTIgMhFhYLcgHtnicAjy+53fhjCYcTM6A61DCPhJ6txOjEEPrpnlqbvKauw0WuVGT8Kd52bhaMXPCE2GOWgPe+bJfDUTHSm86dw="
+
 script:
-  - sbt ++$TRAVIS_SCALA_VERSION clean update compile test examples/compile
+  - admin/build.sh
 scala:
   - 2.11.1
-
 jdk:
   - openjdk7
   - oraclejdk7
-
+  
 notifications:
   email:
     - [email protected]

admin/build.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# prep environment for publish to sonatype staging if the HEAD commit is tagged
+
+# git on travis does not fetch tags, but we have TRAVIS_TAG
+# headTag=$(git describe --exact-match ||:)
+
+if [ "$TRAVIS_JDK_VERSION" == "$PUBLISH_JDK" ] && [[ "$TRAVIS_TAG" =~ ^v[0-9]+\.[0-9]+\.[0-9]+(-[A-Za-z0-9-]+)? ]]; then
+  echo "Going to release from tag $TRAVIS_TAG!"
+  myVer=$(echo $TRAVIS_TAG | sed -e s/^v//)
+  publishVersion='set every version := "'$myVer'"'
+  extraTarget="publish-signed"
+
+  cat admin/gpg.sbt >> project/plugins.sbt
+  admin/decrypt.sh sensitive.sbt
+  (cd admin/ && ./decrypt.sh secring.asc)
+fi
+
+sbt ++$TRAVIS_SCALA_VERSION "$publishVersion" clean update compile test $extraTarget

admin/decrypt.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+openssl aes-256-cbc -pass "pass:$SECRET" -in $1.enc -out $1 -d -a

admin/encrypt.sh

@@ -0,0 +1,2 @@
+#!/bin/bash
+openssl aes-256-cbc -pass "pass:$SECRET" -in $1 -out $1.enc -a

admin/encryptAll.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+# Based on https://gist.github.com/kzap/5819745:
+
+echo "This will encrypt the cleartext sensitive.sbt and admin/secring.asc, while making the encrypted versions available for decryption on Travis."
+echo "Update your .travis.yml as directed, and delete the cleartext versions."
+echo "Press enter to continue."
+read
+
+# 1. create a secret, put it in an environment variable while encrypting files -- UNSET IT AFTER
+export SECRET=$(cat /dev/urandom | head -c 10000 | openssl sha1)
+
+# 2. add the "secure: ..." line under the env section -- generate it with ``  (install the travis gem first)
+travis encrypt SECRET=$SECRET
+
+admin/encrypt.sh admin/secring.asc
+admin/encrypt.sh sensitive.sbt
+
+echo "Remember to rm sensitive.sbt admin/secring.asc -- once you do, they cannot be recovered (except on Travis)!"

admin/gpg.sbt

@@ -0,0 +1,26 @@
+
+addSbtPlugin("com.typesafe.sbt" % "sbt-pgp" % "0.8.3") // only added when publishing:
+
+// There's a companion sensitive.sbt, which was created like this:
+//
+// 1. in an sbt shell that has the sbt-pgp plugin, create pgp key in admin/:
+//
+// sbt
+//  set pgpReadOnly := false
+//  set pgpPublicRing := file("admin/pubring.asc")
+//  set pgpSecretRing := file("admin/secring.asc")
+//  pgp-cmd gen-key // use $passPhrase
+// 	 Please enter the name associated with the key: $repoName
+// 	 Please enter the email associated with the key: [email protected]
+// 	 Please enter the passphrase for the key: $passphrase
+//
+// 2. create sensitive.sbt with contents:
+//
+// pgpPassphrase := Some($passPhrase.toArray)
+//
+// pgpPublicRing := file("admin/pubring.asc")
+//
+// pgpSecretRing := file("admin/secring.asc")
+//
+// credentials   += Credentials("Sonatype Nexus Repository Manager", "oss.sonatype.org", $sonaUser, $sonaPass)
+

admin/pubring.asc

@@ -0,0 +1,18 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: BCPG v1.49
+
+mQENBFSA12QBCACmD7LIMlzS+Qf/dyyQQn2wjgrk9kCazfVP6pb++wizYq4AkN6Q
+cFti0YCSB+EzS+dqFO4wSIprenB/jfuLEnjfDSupjFLgTmjo8Komkk/9ynHSowJl
+ofkDPS/qgcr1mAmuc72CrIqKfc3Dojscug3ChmY3tbezAgPmGV/tu8V/uAAsnVOE
+AsmCOimTcWjA6bgvEkPyyzHp5uinU29tuFAxIAm2pJ+EmNebRnVF3lG+GotP2Ojy
+wsfS8iMmV2g4KQd4WmFes9F2R/lkApGgnDTimk9Rj/QswhPuVeiHPS1OBjWPqoEw
+N9lL1lyiOYoX+MHryTlJE7lZqDHwhUAiQxatABEBAAG0LnNjYWxhLXN3aW5nIDxz
+Y2FsYS1pbnRlcm5hbHNAZ29vZ2xlZ3JvdXBzLmNvbT6JARwEEwECAAYFAlSA12QA
+CgkQwdZV2OHM6Ia6aAf+P0WUtZ+0SXbUzVqF05PT/mfNzsEx9vfKap4hRacVZqWR
+aQk6Y5FlX5p+oSRVcXEei+KcbRFdVB6KYueuwYOFZd+6fO8xbNTImgzz0DJ/Uh6A
+10Es3PeT/GLvlrbSxO/Cf1WSO8f6+CPPmtNKAAl1m6dvTTbAikcbiWzeO4QQuVsS
+nM1H6rTGUKeLmhxSwyI+jvI62bJF9Kiusa0+beIwok0CW+gOwhg45WG1FP9tv+Dl
+H/61TUg3ev5vW4CFuErx5hUjIJgjoDW42xE12R9MhvCkxCUT5D/05RhfQ/G+kJYa
+iBEK413XaGDgDgMoXlaQxzZQ0u9v/PNg+0jqDQUzGA==
+=3ZlV
+-----END PGP PUBLIC KEY BLOCK-----

admin/secring.asc.enc

@@ -0,0 +1,40 @@
+U2FsdGVkX1+O9u2xp4J6vefMlYeBkHwqMcGvhZirV2fyxfIqmy/uEc1RDysgx5Uf
+UDNZFktgofTBNYn8WaXg60DHqupSD+HOO2wCyYF3SuntvYQ1/sUFZDrw+RthU+B+
+kMj6/mcYq7aISn5Y/zQu+6pvxF7P1srxSkZRBY/qmJsclTy5pZ2BoDMAaOPAHPlf
++aGfJalkx3aOIB46znJeKfKKcyjeq1AGp93jWA39xjemsEflrnhrBAUs4/DzTVhc
+GH/dMw9V2HsM04v1huABwN0Qi3BVy6eLD0Ys+yba6bI3Y52k44EsTyCfY3D1U5cN
+G+bLlagapSR1sWybAQPuIY9E3Tw1g6UyX2hqmZltOu4yDgo+yCkvez0voSs1TISs
+OkPk7VttDkHRb/UBSoTPhJ5xF1vCC9qFvbYJogap46WOBEh4C4A8CCME5mLAf6vG
+UiJ3nZVwpmOM+49yH0TOpZXJshSnZ+PeEKkXEHYWcUKMAV2Iqsmm+kmHLHGYdYtb
+EAmvw+8I5zLzyNnXOCOM3Kj5k2kQK9HpT4pio16LGEpHlrlm/rFgRMgZdkGLdoNz
+iCwHWtPGAhCb4UMcvy8Rp6YVvhWd9nmXL5lqanYR+qF2PS3oDaxwwmW4OvzjJW3T
+cgjsCkIhm1v8Y2wfyiSCgNQZ+PuvRTUomEJsp4LtsDHjBiL9uGGb2dLa6dAdge5X
+GoT76RAtDpu3eZ5W2a51SDHH+9UqSFk2jhJdcLY5viIJP/wPF6jMgmnzvZppR+hO
+MKaFW1P7ZzZa9iMNgyJBOT0HZ3zfhxhVFXhgUFXGSa9I1HNdMr6w5oReh8SYpEGF
+Q6Py27YeWwr2aNpwk/sax4xX05sOWgaK2hm2/WHuCD4Zftv6B9Y7YEv/Fu+4cylF
+hu5J/V69ICvU1o1oKq24iQ2P9Fnl+JMuQSgSRTeti4OfPCh70PII4V70FhEtLdfQ
+YL5XKug0FE7U6zjQzZafJLsCZB38bS6l2sXQI0sqOzcW7hLUC29ixDjsmGGXY5RY
+zuUOUhQ3I5Vd0SqcPCHwlq5acHJVdvYjQtMwCkYiv84uDq8MllxCsW5Dzs2e6yov
+Xgd8VwX78uixIZf4CyrbVM7hlLbapdIZM3mE4Vc1Ble3oOnYeHGNDG6Q7N/YKZ1J
+enJ+8XYpxgtsWxG4sfYv84wagrxNylaIEsoNrpxoLVeSB0XDAqtvXnx6at8T+otf
+ELZD+Syjf/79R61mq52JVASHyAUIoKtw2fjn0QyKdSfRhm0GCoLxo46DxYS5qZxS
+HKXTKgmht6tD5EX1Hjmzd/YEePsbdiWGoP9jVm+/Ko/8k5zX7/hIAqWRMTDpywDd
+ftjrFuBzXQBI+7w0/aycQ26gAJ7glp2mGGbi0lLdYBsHvpjPogGRfLm3bo81YOUe
+wHjI+wyzO5rS1sb0DA7P0Lsqu5BTlJVZlBHGljsKD7pPKTlf+ExsrUbhIzSsITH6
+i/VTa+uuFOTRXUmUsVGTETsMH0XEBaql2fNujrKu/nXX3zQ3WJseAWF8WP0CWSxC
+C+W603v9L8u9jQ9edSCL85oQ9R57VJirDy4FDZTU60Udx1m2BP8w9BfJwvSJ2uZ4
+rAvQtTSbWd9Kwo+Rm3vlkysIv3p9zqzOOhESYyzQA3jJCIDOx0khRt6yeQsojkn7
+yKXlsydtI85KqMYY3Qdu9qlLvoqJQlxRXwDKsPal1do+wJlnb8IRwJyJxls7qtRZ
+oy2rW78L+ZF2mIgY6od2rCObGUQu589CWqRT2OWVstToGMWZYlMJf+t8MgInebKy
+BDYdqLVwY00mZfKA7HzwQDb/GbbYki/0eJ03e0S6kpXGyF4TC4jiVdYWzbK4aJq4
+wa2hrhNe+6erD9TP0O3gCcCwVJGHTDymAxh0EvZWEMvuHA+fWB/Vr0VCG0UXGz/e
+/90IcSTvR6pb6L4oXp3KHOR4HGn2hGfsx3VVVVJquMVx9ET6JoTWf2debrhKWUvX
+pJnuHzEBGRCKVXJpM91Ruc3KuoWImPyMNisW0ANAY6E01Bui9E4ieDENteiL184b
+w8X95jrJynMDbhDNmL3WohrUPR8lFcp65Wz60WZQxXCGs519u4MBsqtA57BK4uFJ
+XLDMWUUH84be575HzE1nvW6qEP+/aNn68bs6mk2AZo9167KhW0bGYQNt84n8eQVu
+Su5G0C36qj/WLZovKO9RIFOOIe7UQPN+zaOKIOvH9U0qj5UehbFO9hKntPndt22h
+Gt3tzZKKI8CPc6plQgINx5uQ56VdnYxx9SJkZX22CE59zOtRe7Xh1gWCClU1pfi3
+M4JaTUP0U5FhsQQfkgGo2xZuRHg+jI7fX706Z9Z0LT/kxrW8A7JZU2BJPt12ceZu
+IQhO8sGaM7+y8MEZDO35EQq9Rikz4LuSq4rbTkqZPvfP+BXl4gR6QBxwGRCkfBlx
+8QQQfb6td17noNiY3+LHRxamiNVbC5UQkChrysYG0ZG6v4aVDPLV4+KDHj6Kq89J
+AhiifxrEE3x455AiETaLcQ==

sensitive.sbt.enc

@@ -0,0 +1,7 @@
+U2FsdGVkX1+DOObIhXyopFDucfOJpqONi2L0QPFbK21VMfImp5HjvaQJPu/dQAg7
+oKQE17ac5CdUEqd2Tvh7kwGxoAb2huyZYEVeHR/kgkCoQnSzi2C1yYcVKf8xVKgc
+0UrsRCSayX7mTII72mE0qM3XjB7TJxPhCnEdb+Cdg7TwuGd9U4uIiKHV+BLy7+Y4
+JwHmgYiRdZCaZ124iQNhAIzzpVp3dKrl2qqVKF3WUqjA3L/EjyebF4O/FNGdaops
+yff7sSc+ELw0BiKrHHFug802Ii/36CtKhcTGseWSlmqhEu86QBhxHTblUKySaZj/
+cq/oRW3Lz5/pBuLJs6kNAyQmM5bs5UADvv935cTokW0DCCu7RMbesUs/CJqTE2uU
+NkfppKMwKjFl9PjintVUOw==