Continuous releasing of Maven artifacts

Marcus Martina

Conceptually Maven distinguishes between snapshot versions and release versions. For top-level Maven projects that are continuously integrated it is unnatural to make this distinction. Especially when having some kind of continuous deployment implemented, it doesn't make much sense to create and deploy artifacts with a snapshot version at all. Snapshot versions cannot be linked to a unique revision in a version control system and can have ambiguous snapshot dependencies. That is why such artifacts shouldn't get deployed to a live environment.

Although it is possible to embed version control revision information as metadata into artifacts, for instance via the Manifest file, it is recommended to avoid snapshot versions at all. Only unique release versions should be continuously created and deployed instead. In fact, every single revision can be considered to be a release as will be shown below.

In order to implement this concept of continuous releasing the revision number needs to be made part of the artifact version. However, the revision number should not be made a static, hard-coded part of the Maven project version. Even if such an inclusion could be automated, for instance by applying some kind of keyword expansion, it would be inconvenient to have a POM file being changed at every single commit.

A more appropriate strategy is to make the revision number a dynamic part of the Maven project version by using an expression that is substituted at build time. However, this approach conflicts with Maven's philosophy regarding project versions, as Maven actually discourages the usage of non-fixed project versions. Furthermore, non-fixed parent versions are not even supported, which makes it impossible to get rid of the snapshot version entirely in case of a multi-module Maven project.

Nevertheless, lets suppose we have a continuous build of a top-level multi-module Maven project and we want to have the revision number dynamically included in the project version. We will use an expression for this inclusion, despite the fact that this feature might no longer be supported by future Maven versions.

Also, lets split the project version in a functional part and a technical part. The functional part is a static major release number that needs to be maintained manually. The technical part is the dynamic revision number, that needs to be provided to the build process.

So in the child POM the project version and parent version will be defined as

<version>${release}-${revision}</version>
<parent><version>1.0-SNAPSHOT</version></parent>

The parent POM is a convenient place to define appropriate default values for the release and revision properties:

<version>1.0-SNAPSHOT</version>
<properties><release>1.0</release><revision>SNAPSHOT</revision></properties
>

Now, in order to have the actual revision number correctly included into the project version of each module, it needs to be passed as system property -Drevision=$N to the Maven build process. Note that the Build Number Maven Plugin cannot be used to take care of that as it can set the revision number only after the project versions have already been resolved by Maven.

Supposing that Jenkins is used as build server and Subversion is used as version control system, N can simply be replaced by the Jenkins built-in variable SVN_REVISION. In case of downstream builds within a true pipeline N must be replaced by the special pipeline variable PL_SVN_REVISION.

The project can still be built without passing a revision number as system property, in which case the modules will simply have the same snapshot version as the parent project. This is sufficient for local developer builds.

Having the top-level Maven project configured with dynamic project versions, it is no longer possible to make use of the Maven Release Plugin as this plugin would simply replace all expressions by static versions. Obviously, the same applies to the Jenkins M2Release Plugin. But there is no longer a need to perform a Maven release anyway as we are implementing the concept of continuous releasing.

This means in particular that there are no longer revisions automatically tagged within the version control system. This makes sense as every revision already identifies an unique version and is a candidate for deployment to a production environment.

Furthermore, there are no longer artifact versions deployed to a Maven repository manager like Nexus. However, Jenkins itself can be used as a Maven repository server. The Jenkins Maven Repository Server Plugin exposes all archived artifacts in one single repository as long as they have been created for different revision numbers:

${JENKINS_URL}plugin/repository/everything/

Another key benefit of creating release versions only is that continuous integration and continuous deployment have become an even closer match. With the Deployit Plugin it is very easy to generate, import and deploy deployment packages. Such deployment packages will have the same unique application version as the generated deployables that are contained within these packages. Apart from the parent POM version there are no snapshot versions involved, so there is no need to use other identifiers such as timestamps in order to identify deployed applications.

Although a Maven release is no longer performed, there will still be a need to update the static major release number from time to time in order to reflect certain application changes. This can simply be accomplished by one single manual commit. The parent POM and child POMs can be updated to a new release number with ease by using the Versions Maven Plugin:

mvn versions:set -DgenerateBackupPoms=false

The release property in the parent POM also needs to be updated accordingly.

When a Maven release is prepared it is automatically verified that the revision to be released does not have any snapshot dependencies. Now that every revision is considered to be a release, this rule actually applies to every revision. In order to have this automatically checked the Maven Enforcer Plugin can be used to enforce the applicable rule Require Release Dependencies. As the parent POM will have a snapshot version at all times the property failWhenParentIsSnapshot needs to be set to false though.
This check is typically only performed on the build server, naturally through Maven profile activation.

Comments (7)

  1. Simon - Reply

    October 1, 2012 at 12:21 am

    An excellent article! The concept of a "snapshot" really does not fit in with the continuous delivery model and is a blocker to using maven in some enterprises. Well done on such a clear explanation of how to set things up on maven for a more "straight through" release approach.

  2. Pieter Herroelen - Reply

    November 14, 2012 at 11:05 am

    "Furthermore, there are no longer artifact versions deployed to a Maven repository manager like Nexus. "

    Is this a requirement for this approach to work? Why? If not, why do you prefer using Jenkins Maven Repository Server over Nexus/Artifactory?

    • Marcus Martina - Reply

      November 28, 2012 at 9:21 pm

      No, it is still possible to deploy artifact versions to another Maven repository manager. However, as this is all about a top-level Maven project, meaning that there are no other Maven projects depending on, it does not make much sense to have this extra step. The artifact versions are highly volatile and are actually only built because they are needed within the consecutive build steps of the continuous delivery pipeline. So it is much more efficient to reuse the artifact versions that are already exposed by the Jenkins Maven Repository Server, instead of having the trouble of synchronizing with another Maven repository manager.

  3. Eldad AK - Reply

    January 29, 2013 at 3:23 pm

    What about a maven project with more than two levels?
    I also implemented continuous release for our project, but having an unknown number of levels...
    I have such a case that has more than two levels, so I have to also specify the parent dynamically. I tried bu it failed.
    Eventually, I use the Versions Maven Plugin as you suggested and update all poms to the same, new release version. If build and tests are good, I commit the changed poms, tag the build and push back (we use mercurial).

    Do you have a dynamic solution for such a case?

  4. Rein Krul - Reply

    April 19, 2013 at 12:25 pm

    When you're deploying your POM's to an artifact repository you generally want static version numbers. Parameterized version numbers also create issues in multi-module projects, as you already observed. At Avisi we use a Maven pre-build step which updates the version number using the maven-versions-plugin:

    mvn versions:set -DnewVersion=1.2.${BUILD_NUMBER}

    The downside is though, that you need to define your major version (1.2) in Jenkins (in our case).

  5. Tom Kalmijn - Reply

    August 23, 2013 at 5:07 pm

    Very clear and practicle article. Thanks!

    Small comment: where you speak of "static major release number" I feel it should read "static functional release number". This release number can consist of the usual three digits to identify major, minor and bugfix version information (or some other arbitrary version string that has no bearing on the continuous release mechanism).

  6. Chris - Reply

    August 24, 2013 at 9:26 am

    I arrived at your post after fighting with the artifact naming problem for half a day. I almost got it right, but I was trying to use the same name for my modules and the parent in a maven multi-module build, which doesn't work. Your suggestion to just keep it fixed to 1.0-SNAPSHOT and not bother with it helped me a lot!

    But in TeamCity, I seem to only have access to the version of the parent. I know all modules have the same version and it's the one that is truly interesting so I'd like to display that instead of 1.0-SNAPSHOT. Is that doable with Jenkins?

    keep up the good work!

    Chris

Add a Comment