Continuous Releasing of Maven Artifacts

Conceptually, Maven distinguishes between snapshot versions and release versions. For top-level Maven projects that are continuously integrated, it is unnatural to make this distinction. Especially when having some kind of continuous deployment implemented, it doesn’t make much sense to create and deploy artifacts with a snapshot version at all. Snapshot versions cannot be linked to a unique revision in a version control system and can have ambiguous snapshot dependencies. That is why such artifacts shouldn’t get deployed to a live environment.

Although it is possible to embed version control revision information like metadata into artifacts, for instance via the Manifest file, it is recommended to avoid snapshot versions at all. Only unique release versions should be continuously created and deployed. In fact, every single revision can be considered to be a release — as will be shown below.

In order to implement this concept of continuous releasing, the revision number needs to be made part of the artifact version. However, the revision number should not be made a static, hard-coded part of the Maven project version. Even if such an inclusion could be automated, for instance by applying some kind of keyword expansion, it would be inconvenient to have a POM file being changed at every single commit.

A more appropriate strategy is to make the revision number a dynamic part of the Maven project version by using an expression that is substituted at build time. However, this approach conflicts with Maven’s philosophy regarding project versions, as Maven actually discourages the usage of non-fixed project versions. Furthermore, non-fixed parent versions are not even supported, which makes it impossible to get rid of the snapshot version entirely in the case of a multi-module Maven project.

Nevertheless, let's suppose we have a continuous build of a top-level multi-module Maven project and we want to have the revision number dynamically included in the project version. We will use an expression for this inclusion, despite the fact that this feature might no longer be supported by future Maven versions.

Also, let's split the project version into a functional part and a technical part. The functional part is a static major release number that needs to be maintained manually. The technical part is the dynamic revision number that needs to be provided to the build process.

So in the child POM, the project version and parent version will be defined as

<version>${release}-${revision}</version>
<parent>
    <version>1.0-SNAPSHOT</version>
</parent>

The parent POM is a convenient place to define the appropriate default values for the release and revision properties:

<version>1.0-SNAPSHOT</version>
<properties>
    <release>1.0</release>
    <revision>SNAPSHOT</revision>
</properties>

Now, in order to have the actual revision number correctly included in the project version of each module, it needs to be passed as system property -Drevision=$N to the Maven build process. Note that the Build Number Maven Plugin cannot be used to take care of that, as it can set the revision number only after the project versions have already been resolved by Maven.

Supposing that Jenkins is used as the build server and Subversion is used as the version control system, N can simply be replaced by the Jenkins built-in variable SVN_REVISION. In case of downstream builds within a true pipeline, N must be replaced by the special pipeline variable PL_SVN_REVISION.

The project can still be built without passing a revision number as a system property, in which case the modules will simply have the same snapshot version as the parent project. This is sufficient for local developer builds.

Having the top-level Maven project configured with dynamic project versions, it is no longer possible to make use of the Maven Release Plugin, as this plugin would simply replace all expressions with static versions. Obviously, the same applies to the Jenkins M2Release Plugin. But there is no longer a need to perform a Maven release anyway, as we are implementing continuous releasing.

This means in particular that there are no longer revisions automatically tagged within the version control system. This makes sense, as every revision already identifies a unique version and is a candidate for deployment to a production environment.

Furthermore, there are no longer artifact versions deployed to a Maven repository manager like Nexus. However, Jenkins itself can be used as a Maven repository server. The Jenkins Maven Repository Server Plugin exposes all archived artifacts in one single repository as long as they have been created for different revision numbers:

${JENKINS_URL}plugin/repository/everything/

Another key benefit of creating only release versions is that continuous integration and continuous deployment have become an even closer match. With the Deployit Plugin, it is very easy to generate, import and deploy deployment packages. Such deployment packages will have the same unique application version as the generated deployables that are contained within these packages. Apart from the parent POM version, there are no snapshot versions involved, so there is no need to use other identifiers such as timestamps in order to identify deployed applications.

Although a Maven release is no longer performed, there will still be a need to update the static major release number from time to time in order to reflect certain application changes. This can be accomplished with one single manual commit. The parent POM and child POMs can be updated to a new release number with ease by using the Versions Maven Plugin:

mvn versions:set -DgenerateBackupPoms=false

The release property in the parent POM also needs to be updated accordingly.

When a Maven release is prepared, it is automatically verified that the revision to be released does not have any snapshot dependencies. Now that every revision is considered to be a release, this rule actually applies to every revision. In order to have this automatically checked, the Maven Enforcer Plugin can be used to enforce the applicable rule Require Release Dependencies. As the parent POM will have a snapshot version at all times, the property failWhenParentIsSnapshot needs to be set to false. This check is typically only performed on the build server, naturally through Maven profile activation.