It contains keycloak meta model.
It acts as an eclipse plugin with features and sites, can be used standalone and in standarsd OSGi (without eclipse).
-
targetdefinition - Eclipse target definition defines the P2 repsoitories for all of required MANFIEST feature. The Judo update sites based on versions, so all versions have own update site. That causes that versions are coded in the URL. The target definition in tycho loaded as extension, which cause there is no way to replace versions before tycho is activated. For that reason a profile is created which can replace the versions with the dependency versions defined in parent. To run version update run
mvn clean install -P update-target-versions -f targetdefinition/pom.xml -
model - eclipse plugin. It contains the model and ecore generated java classes. Builder and Helpers added with MWE2 workflow.
-
osgi - OSGi bundle. It repackages model and add extra information / services to able to use for transformation pipeline in other platforms.
-
feature - Eclipse feature repository - to be able to use for eclipse installation
-
site - Eclipse Update Site - all built version compiled as an update site. The site definitions contains the required referenced repositoies which contains required plugins. The Judo update sites based on versions, so all versions have own update site. That causes that versions are coded in the URL. The category definition in tycho loaded as extension, which cause there is no way to replace versions before tycho is activated. For that reason a profile is created which can replace the versions with the dependency versions defined in parent. To run version update run
mvn clean install -P update-category-versions -f site/pom.xml
Two worlds collides in this project. The Maven and the Eclipse have different view about versions. While maven using SNAPSHOT versions eclipse using .quialifier in the qualifier part of semantic version.
Which means: 1.0.0.qualifier is eqivalent of maven 1.0.0-SNAPSHOT To address this tycho versions plugin used to replace qualifier and maven versions for a technical version in every build.
All built artifact are tagged in git:
You can download the ZIP release of site and add to eclipse, or you can add to your eclipse as Install new software and add URL from P2 Update site of the required version.
All commit is build by wercker, you can access it:
When a commit arrives the base part of version is used and the current branch name and commut number. It helps to determinate what is the branch which was used to built.
For example:
When the version in the pom.xml is 1.0.1-SNAPSHOT and the branch name is develop and it is the 40th commit on the branch the version number will be 1.0.1.develop_40
The CI set the pom versions and eclipse versions also before the build.
On eclipse P2 site can be installed. Intall new software and add the URL of site listed on github or the uncompressed ZIP folder. It contains metamodel and UI provided for default editor.
The following plugins have to be installed to work: - m2e - epsilon - modeling tools
Or you can use prebuilt Judo eclipse.
To compile the project in Maven the minimum version of required maven is 3.5.4.
mvn clean install
If no maven is installed mven wrapper can be used.
./mvnw clean install
The maven using tycho to make eclipse build.
There are references non public artifacts, so blackbelt nexus repository have to be defined. To achive that the recommended way is:
<servers>
<server>
<id>blackbelt-nexus-mirror</id>
<username>${env.BLACKBELT_NEXUS_USERNAME}</username>
<password>${env.BLACKBELT_NEXUS_PASSWORD}</password>
</server>
</servers>
<mirrors>
<mirror>
<id>blackbelt-nexus-mirror</id>
<name>blackbelt-nexus-mirror</name>
<url>https://nexus.blackbelt.cloud/repository/maven</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
For CI and release functions there are profiles predefined. It is activated the the paheses of a build. The following profiles can be activated:
-
modules - It is activated by default. It contains all the submodules which are part of this project. When this profile is disabled can be run maven only in parent. (For example release-p2-blackbelt and release-github profiles) It is activated by default.
-
sign-artifacts - When activated GPG sign all the artifacts. To work the following server have to be set on maven’s settings.xml:
<server> <id>[GPG_KEYNAME]</id> <passphrase>[GPG_PASSPHRASE]</passphrase> </server> -
release-dummy - It is for tests deploy, it deploys artifacts in the /tmp directory.
-
release-blackbelt - It releases maven artifacts to blackbelt-nexus-distribution (https://nexus.blackbelt.cloud/repository/maven-judo-release/) The credentials have to be defined in settings.xml
<server> <id>blackbelt-nexus-distribution</id> <username>${BLACKBELT_NEXUS_USERNAME}</username> <password>${BLACKBELT_NEXUS_PASSWORD}</password> </server> -
release_central - Release to central repository. To work sign-artifact have to run and keys for central release set.
<server> <id>ossrh</id> <username>${SONATYPE_USERNAME}</username> <password>${SONATYPE_PASSWORD}</password> </server><profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.keyname>${GPG_KEYNAME}</gpg.keyname> <gpg.executable>${GPG_EXECUTABLE}</gpg.executable> <gpg.passphrase>${GPG_PASSPHRASE}</gpg.passphrase> </properties> </profile>
In this example we will use docker to keep our system clean. Official sonatype documentation is here: https://central.sonatype.org/pages/working-with-pgp-signatures.html
docker run -it maven:3.5.4-jdk-8 /bin/bashGenerating keys. Its an interactive command, our details have to be defined. Later <NAME> and <EMAIL> will be used as it given.
root@432f6837323b:/# gpg --gen-key
gpg (GnuPG) 2.1.18; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/root/.gnupg' created
gpg: keybox '/root/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: <NAME>
Email address: <SECRET PASSWORD>
You selected this USER-ID:
"<NAME> <EMAIL>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key <FINGERPRINT> marked as ultimately trusted
gpg: directory '/root/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/root/.gnupg/openpgp-revocs.d/<PUBLIC KEY>.rev'
public and secret key created and signed.
pub rsa2048 2018-07-26 [SC] [expires: 2020-07-25]
<PUBLIC KEY>
<PUBLIC KEY>
uid <NAME> <EMAIL>
sub rsa2048 2018-07-26 [E] [expires: 2020-07-25]Tp check keys, run the following comand
root@432f6837323b:/# gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2020-07-25
/root/.gnupg/pubring.kbx
------------------------
pub rsa2048 2018-07-26 [SC] [expires: 2020-07-25]
<PUBLIC KEY>
uid [ultimate] <NAME> <EMAIL>
sub rsa2048 2018-07-26 [E] [expires: 2020-07-25]Add keys to a PGP keyserver. In our example ubuntu’s keyserver is used, but you can use any of following: https://sks-keyservers.net/status/
root@432f6837323b:/# gpg --keyserver hkp://keyserver.ubuntu.com --send-keys <FINGEPRINT>
gpg: sending key <FINGEPRINT> to hkp://keyserver.ubuntu.comExport Secret Key - The returned string will be used as $GPG_KEYS_SECRETKEYS in our build.
root@432f6837323b:/# gpg -a --export-secret-keys <EMAIL> | base64 -w 0
<SECRETKEY>Export Owner Trust Key - The returned string will be used as $KEYS_OWNERTRUST in our build.
root@432f6837323b:/# gpg --export-ownertrust | base64 -w 0
<OWNRTRUST>GnuPG version >= 2.1 utils have to be installed. Sometimes the curses based Pinentry does not work. The far most common reason for
this is that the environment variable GPG_TTY has not been set correctly. Make sure that it has been set to a real
tty device and not just to ‘/dev/tty’; i.e. ‘GPG_TTY=tty’ is plainly wrong; what you want is ‘GPG_TTY=tty’ — note the
back ticks. Also make sure that this environment variable gets exported, that is you should follow up the setting with
an ‘export GPG_TTY’ (assuming a Bourne style shell). Even for GUI based Pinentries; you should have set GPG_TTY. See
the section on installing the gpg-agent on how to do it on Gnu PGP documentation.
export GPG_TTY=$(tty) echo "$GPG_KEYS_SECRETKEYS" | base64 --decode | gpg --import --batch echo "$KEYS_OWNERTRUST" | base64 --decode | gpg --import-ownertrust
The release made by CI. Normally every commit make a version based on the name of the branch. If a version is OK to release there is a wercker stop to RELEASE. It will make the version without SNAPSHOT and build it. After increase the minor number. While a release is running all commits have to be forbidden.
There is a problem on eclipse and tycho. The classpath does not contain JUnit.
<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/5"/>
Now Required-Bundle added to Manifest which is not the tycho recommended way.
Tycho does not support lombok generation directly as mentioned in projectlombok/lombok#285 . This will be fixed in later version. No lombok is not used in eclipse projects, all codes are generated.
Tycho 1.4.0 or below version does not handle repository references inside site definition, so all the referenced plugin sites have to be added manually. https://bugs.eclipse.org/bugs/show_bug.cgi?id=453708