Maven release in gitlab

user7486728 picture user7486728 · Jun 20, 2018 · Viewed 7.3k times · Source

We are trying to perform a maven release using maven. We are using gitlab as our CI tool. Issue is when we tried to perform maven release, maven isn not able to update pom.xml to next iteration.

Google is out of answer for my issue. What I have tried is:

  • tried to check permissions for the user who is trying to push(Has master access on the repo and the branch is protected)
  • Masters have access to push protected branches in my repo.

Below is my .gitlab-ci.yml file-

    Maven_Release:
    stage: Maven_Release
    image: maven_Build:Latest
    script:
    - git config --global user.name "username"
    - git config --global user.email "Email"
    - git checkout -f master
    - git remote set-url origin https://gitlab.com/test1/project/${CI_PROJECT_NAME}.git
    - mkdir -p ~/.ssh
    - echo "$SSH_PRIVATE_KEY" > /root/.ssh/id_rsa
    - ssh-keyscan -p 10022 gitlab.com >> ~/.ssh/known_hosts
    - mvn -B -s settings.xml -DdeployAtEnd=false -Dmaven.site.deploy.skip=true -Dresume=false -DautoVersionSubmodules=true -DdryRun=false -Djsse.enableSNIExtension=false -Dmaven.test.skip=true -DreleaseVersion=1.0.0 -DdevelopmentVersion=1.0.1 -DskipITs -DscmCommentPrefix="[ci skip]" release:prepare release:perform
    when: manual
    only:
    - master

I tried to run this job, it is able to deploy, tag version but it is not able to change pom.xml version to next iteration due to below error,

    [INFO] Checking in modified POMs...
    [INFO] commit done: [ci skip]prepare release REL_xxxxx
    [INFO] push changes to remote... refs/heads/master:refs/heads/master
    [INFO] fetch url: https:/usrname:[email protected]/test/project/projectname.git
    [INFO] push url: https:/usrname:[email protected]/test/project/projectname.git
    [INFO] REJECTED_OTHER_REASON - RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_OTHER_REASON, (null)...xx3xxx9c7cdc6dxx, fastForward, srcRef=refs/heads/master, message="pre-receive hook declined"]
    [INFO] Tagging release with the label REL_xxxxx...
    [INFO] push tag [REL_xxxxxx] to remote...
    [INFO] fetch url: https:/usrname:[email protected]/test/project/projectname.git
    [INFO] push url: https:/usrname:[email protected]/test/project/projectname.git
    [INFO] OK - RemoteRefUpdate[remoteName=refs/tags/REL_xxxxx, OK, (null)...c5ce4d1fdf5f0a9415d9f02a48aab4f536eab52c, fastForward, srcRef=refs/tags/REL_xxxxx, message=null]
    [INFO] Transforming 'project name'...
    [INFO] Transforming 'Rproject'...
    [INFO] Transforming 'project'...
    [INFO]   Updating project name to xxx-SNAPSHOT
    [INFO] Not removing release POMs
    [INFO] Checking in modified POMs...
    [INFO] commit done: [ci skip]prepare for next development iteration
    [INFO] push changes to remote... refs/heads/master:refs/heads/master
    [INFO] fetch url: https:/usrname:[email protected]/test/project/projectname.git
    [INFO] push url: https:/usrname:[email protected]/test/project/projectname.git
    [INFO] REJECTED_OTHER_REASON - RemoteRefUpdate[remoteName=refs/heads/master, REJECTED_OTHER_REASON, (null)...1xxxxx541baf208dxxxd, fastForward, srcRef=refs/heads/master, message="pre-receive hook declined"]
    [INFO] Release preparation complete.
    [INFO] 
    [INFO] --- maven-release-plugin:2.5.1:perform (default-cli) @ mobile-interface-parent ---

Answer

VonC picture VonC · Jun 22, 2018

You start with:

mkdir -p ~/.ssh
echo "$SSH_PRIVATE_KEY" > /root/.ssh/id_rsa
ssh-keyscan -p 10022 gitlab.com >> ~/.ssh/known_hosts

That is excellent for providing the right SSH key with developer rights to push back to a GitLab repo (or a deployment key with the same right)

But... you don't use it!

git remote set-url origin https://gitlab.com/test1/project/${CI_PROJECT_NAME}.git

That is an https URL, not an SSH one (ssh://[email protected]/test/project/projectname.git or [email protected]:test/project/projectname.git).

(I assume gitlabt.com is a typo, and that you actually see gitlab.com)

Any https URL would use the git config credential.helper which has the credentials memorized for that URL. And those credentials might not be the correct one for allowing mvn release:prepare to push back to the GitLab repo.

Check your pom.xml: it can give the URL to mvn release with the scm section:

<scm>
  <developerConnection>scm:git:ssh://[email protected]:/test1/project/${CI_PROJECT_NAME}.git</developerConnection>
</scm> 

Make sure developerConnection has an SSH URL in it, if you want your ~/.ssh/id_rsa to actually be of use.


The OP pandey confirms in the comments:

I have given different email Id. But maven is not able to find out the exact Issue and gave out put as "REJECTED_OTHER_REASON - RemoteRefUpdate".
So, I tried giving other email Id and it worked well.

Also, in GitLab I tried modifying push rules :::: project settings>Repository>push Rules.
I removed committer restriction also if we need to use different email address.