Release Agent SDK

Since inspectIT version 1.7.11, we provide an agent SDK which allows user to use the OpenTracing API in order to create spans inside their application.

The SDK is available on the Maven Central Repository and will be automatically pushed and released with a new release of inspectIT.

Pushing a New Version to the Central Repository

Releasing a new version

In order to push the SDK artifacts to the central repository, the following steps are necessary:

  • Building the artifacts including a javadoc and sources JAR.
  • Signing the artifacts
  • Uploading the artifacts to the staging repository
  • Releasing the artifacts contained in the staging repository

When these steps have been done, the new artifacts will be synchronized to the central repository after some time.

All the necessary steps can be executed using the following Gradle tasks:

  • :inspectit.agent.java.sdk:uploadArchives
  • :inspectit.agent.java.sdk:closeRepository
  • :inspectit.agent.java.sdk:releaseRepository

When using an automated build process, e.g. Jenkins, it is highly recommended using the following tasks instead:

  • :inspectit.agent.java.sdk:uploadArchives
  • :inspectit.agent.java.sdk:closeAndReleaseRepository


The Gradle tasks have been configured that the release version, provided by the RELEASE_VERSION system property (-DRELEASE_VERSION=X.XX), is used for releasing the artifacts.

Prerequisites

It is recommended that the gradle.properties file where the following settings are inserted is not located in a directory which provides public access (e.g. Jenkins workspace).

KeyRing for Signing the artifacts

In order to release an artifacts it is required that it has to be signed. Thereto, the followings properties has to be added in the gradle.properties files:

signing.keyId=DD114B18
signing.password=[KEY-RING-PASSWORD]
signing.secretKeyRingFile=[PATH-TO-KEYRING]

More information:

  • The key ring password is provided and shared via LastPass
  • The public key is shared via the public sks-keyservers.net server
  • The private key is shared via the NovaTec ownCloud

SonaType Credentials

In order to push the artifacts to the Nexus repositories, the credentials of the inspectIT account needs also to be specified. To do this, add the following lines to the gradle.properties file.

sonatype.username=[USERNAME]
sonatype.password=[PASSWORD]

The username and password is shared via LastPass.

Jenkins Setup

When using Jenkins as a build tool, the process described in the previous section can be easily used.

Distributed Build Environment and inspectIT Setup

The inspectIT agend SDK will be automatically released when the Jenkins release job is executed.

When having a distributed build environment like we have in the context of inspectIT where the actual build is executed by different Jenkins nodes, it has to be kept in mind, that the set properties and key ring need to be distributed to all nodes.

In our case, we do not use a gradle.properties file but injecting the required passwords via Gradle command line properties into the release job only. By adding them only to the release job this ensures that the secrets cannot be sniffed by malicious Gradle scripts which are executed automatically by pull requests. In order to ensure that the secrets are not printed in the build log, we are using the Mask Passwords Plugin to hide them.

The key ring to sign the artifacts have been manually pushed to each build node and verified that it is located in the same directory on each node.

Manually Releasing the Agent SDK

The agent SDK can also be manually released. In order to do this, the Jenkins job "Release Agent SDK and publish to Maven Central" can be used.