Skip to content

Instantly share code, notes, and snippets.

@christophercurrie
Created April 13, 2013 19:24
Show Gist options
  • Save christophercurrie/5379710 to your computer and use it in GitHub Desktop.
Save christophercurrie/5379710 to your computer and use it in GitHub Desktop.
Configuring CloudBees Jenkins for SBT publishing
Error in user YAML: (<unknown>): mapping values are not allowed in this context at line 21 column 14
---

I want to use the CloudBees Jenkins service to build nightly snapshots of an SBT-based
scala project and publish them to the Sonatype OSS Maven Repository. SBT has
[two ways][credentials] of providing publishing credentials to the build; one has the
credentials inline in an .sbt file (unencrypted, natch), and the other does allow for
a hard-coded path to an external properties file (still, sadly, unencrypted).

CloudBees has a [mechanism][buildfiles] for providing configuration files to build agents,
but I don't want to hard code the path to this location in my `build.sbt`, nor can I
find any way of telling SBT to read an `.sbt` file from the command line. The closest I
could come was to set the `sbt.global.base` [system property][props], but unfortunately this
fails, because the configuration file location is mounted read-only, and SBT uses this
location for its compiled class files.

Damien Lecan [came up with a clever way][dlecan] around this issue by running a pre-build
script that copies a set of `.sbt` files to the build executor's `$HOME/.sbt` directory.
I find this solution acceptable but distasteful, as it makes the build dependent on
ephemeral state and adds another potential point of failure.

How can I publish an SBT project with build-time access to read-only private credentials?

[credentials]: http://www.scala-sbt.org/release/docs/Detailed-Topics/Publishing.html#credentials
[buildfiles]: http://wiki.cloudbees.com/bin/view/DEV/Sharing+Files+with+Build+Executors
[props]: http://www.scala-sbt.org/release/docs/Detailed-Topics/Command-Line-Reference.html#command-line-options
[dlecan]: http://blog.dlecan.com/configure-sbt-credentials-on-cloudbees-to-publish-artifacts/

---

SBT does not appear to have any way to add an arbitrary .sbt file to a build. However, the set command allows the user to modify settings at build time, and this command can be used on the command line, like any other command.

This can be combined with the fact that the Credentials object can accept a File reference, to provide an external file for loading the security credentials from the private mount.

In the CloudBees private WebDAV repository, add a credentials properties file to your preferred location (I keep mine at /private/sbt/sonatype.credentials). In your Jenkins job configuration, set the 'Actions' field in the 'Build using sbt' section to something that looks like:

'set credentials += Credentials(file("/private/myproject/sbt/sonatype.credentials"))' publish

In my build, I actually do clean update "+ test" "+ publish", to ensure a clean environment and make sure all of the cross-compiled builds pass their tests before any of them are transfered to the repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment