Eclipse GlassFish Command Security Maven Plugin is a Maven plugin for checking that
AdminCommand implementers address command authorization.
<plugin>
<groupId>org.glassfish.build</groupId>
<artifactId>command-security-maven-plugin</artifactId>
<version>${glassfish.command.security.version}</version>
<configuration>
<isFailureFatal>${command.security.maven.plugin.isFailureFatal}</isFailureFatal>
</configuration>
</plugin>
Remember that this is just an example and it is your responsibility to choose the right values.
- Create a release branch and push it to the GitHub repository.
git checkout -b RELEASE_123 eclipse/master
git push eclipse RELEASE_123
-
Open CI Release Job
-
Click Build with parameters in menu.
PROJECTiscommand-security-maven-pluginRELEASE_VERSION=1.2.3NEXT_VERSION=2.0.0-SNAPSHOTBRANCH=RELEASE_123DRY_RUNcan be used to try the build without any push or publish event.- click [Build] button.
-
Wait for it to finish successfully
-
Verify that everything was done:
- Verify that the deployment is present in Maven Central Deployments
- It is possible that you will not have permissions to visit the namespace. Ask project leads or check if expected artifacts made it to Maven Central, then this was obviously successful.
- Verify that a new 1.2.3 tag was created.
- Verify that the release branch changed the number to the
NEXT_VERSIONvalue.
- Verify that the deployment is present in Maven Central Deployments
-
Create a Draft PR based on this branch.
-
Create the release on GitHub: click "Draft a new release"
-
Open Maven Central Deployments and click the Publish button. Maven Central then distributes artifacts so they will become reachable to anyone referring Maven Central Repository.
-
Verify that it's present in Maven Central (usually takes few minutes now)
-
Now you can refer this dependency in other projects. Not that it may take a while until websites notice the new version - until then it will not be available in search indexes.