Continuous Releasing of Maven Artifacts
Continuous Releasing of Maven Artifacts
Join the DZone community and get the full member experience.Join For Free
Discover how quick and easy it is to secure secrets, so you can get back to doing what you love. Try Conjur, a free open source security service for developers.
Conceptually Maven distinguishes between snapshot versions and release versions. For top-level Maven projects that are continuously integrated it is unnatural to make this distinction. Especially when having some kind of continuous deployment implemented, it doesn’t make much sense to create and deploy artifacts with a snapshot version at all. Snapshot versions cannot be linked to a unique revision in a version control system and can have ambiguous snapshot dependencies. That is why such artifacts shouldn’t get deployed to a live environment.
Although it is possible to embed version control revision information as metadata into artifacts, for instance via the Manifest file, it is recommended to avoid snapshot versions at all. Only unique release versions should be continuously created and deployed instead. In fact, every single revision can be considered to be a release as will be shown below.
In order to implement this concept of continuous releasing the revision number needs to be made part of the artifact version. However, the revision number should not be made a static, hard-coded part of the Maven project version. Even if such an inclusion could be automated, for instance by applying some kind of keyword expansion, it would be inconvenient to have a POM file being changed at every single commit.
A more appropriate strategy is to make the revision number a dynamic part of the Maven project version by using an expression that is substituted at build time. However, this approach conflicts with Maven’s philosophy regarding project versions, as Maven actually discourages the usage of non-fixed project versions. Furthermore, non-fixed parent versions are not even supported, which makes it impossible to get rid of the snapshot version entirely in case of a multi-module Maven project.
Nevertheless, lets suppose we have a continuous build of a top-level multi-module Maven project and we want to have the revision number dynamically included in the project version. We will use an expression for this inclusion, despite the fact that this feature might no longer be supported by future Maven versions.
Also, lets split the project version in a functional part and a technical part. The functional part is a static major release number that needs to be maintained manually. The technical part is the dynamic revision number, that needs to be provided to the build process.
So in the child POM the project version and parent version will be defined as
The parent POM is a convenient place to define appropriate default values for the release and revision properties:
Now, in order to have the actual revision number correctly included into the project version of each module, it needs to be passed as system property -Drevision=$N to the Maven build process. Note that the Build Number Maven Plugin cannot be used to take care of that as it can set the revision number only after the project versions have already been resolved by Maven.
Supposing that Jenkins is used as build server and Subversion is used as version control system, N can simply be replaced by the Jenkins built-in variable SVN_REVISION. In case of downstream builds within a true pipeline N must be replaced by the special pipeline variable PL_SVN_REVISION.
The project can still be built without passing a revision number as system property, in which case the modules will simply have the same snapshot version as the parent project. This is sufficient for local developer builds.
Having the top-level Maven project configured with dynamic project versions, it is no longer possible to make use of the Maven Release Plugin as this plugin would simply replace all expressions by static versions. Obviously, the same applies to the Jenkins M2Release Plugin. But there is no longer a need to perform a Maven release anyway as we are implementing the concept of continuous releasing.
This means in particular that there are no longer revisions automatically tagged within the version control system. This makes sense as every revision already identifies an unique version and is a candidate for deployment to a production environment.
Furthermore, there are no longer artifact versions deployed to a Maven repository manager like Nexus. However, Jenkins itself can be used as a Maven repository server. The Jenkins Maven Repository Server Plugin exposes all archived artifacts in one single repository as long as they have been created for different revision numbers:
Another key benefit of creating release versions only is that continuous integration and continuous deployment have become an even closer match. With the Deployit Plugin it is very easy to generate, import and deploy deployment packages. Such deployment packages will have the same unique application version as the generated deployables that are contained within these packages. Apart from the parent POM version there are no snapshot versions involved, so there is no need to use other identifiers such as timestamps in order to identify deployed applications.
Although a Maven release is no longer performed, there will still be a need to update the static major release number from time to time in order to reflect certain application changes. This can simply be accomplished by one single manual commit. The parent POM and child POMs can be updated to a new release number with ease by using the Versions Maven Plugin:
mvn versions:set -DgenerateBackupPoms=false
The release property in the parent POM also needs to be updated accordingly.
When a Maven release is prepared it is automatically verified that the revision to be released does not have any snapshot dependencies. Now that every revision is considered to be a release, this rule actually applies to every revision. In order to have this automatically checked the Maven Enforcer Plugin can be used to enforce the applicable rule Require Release Dependencies. As the parent POM will have a snapshot version at all times the property failWhenParentIsSnapshot needs to be set to false though.
This check is typically only performed on the build server, naturally through Maven profile activation.
Published at DZone with permission of Marcus Martina , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.