Make fa-db releasable under new Maven central repository #140
Conversation
Closes #139 Release Notes: -Updated `sbt.version` to `1.11.5` for release. -Updated Developers -Updated `sbt-ci-release` to `1.11.2`
ABLL526
requested review from
benedeki,
dk1844 and
jakipatryk
as code owners
WalkthroughBumps sbt to 1.11.5, upgrades sbt-ci-release to 1.11.2, removes the ThisBuild Sonatype profile setting, updates Scala 2.13 patch version to 2.13.13, and adds two developers to ThisBuild developers list. Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Assessment against linked issues
Assessment against linked issues: Out-of-scope changes
Pre-merge checks (4 passed, 1 warning)❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
Poem
Tip 👮 Agentic pre-merge checks are now available in preview!Pro plan users can now enable pre-merge checks in their settings to enforce checklists before merging PRs.
Please see the documentation for more information. Example: reviews:
pre_merge_checks:
custom_checks:
- name: "Undocumented Breaking Changes"
mode: "warning"
instructions: |
Pass/fail criteria: All breaking changes to public APIs, CLI flags, environment variables, configuration keys, database schemas, or HTTP/GraphQL endpoints must be documented in the "Breaking Change" section of the PR description and in CHANGELOG.md. Exclude purely internal or private changes (e.g., code not exported from package entry points or explicitly marked as internal).Please share your feedback with us on this Discord post. 📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (2)
✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Closes #139 Release Notes: -Removed: `sonatypeProfileName := "za.co.absa"`
JaCoCo
|
| Overall Project | 57.47% | 🍏 |
|---|
There is no coverage information present for the Files changed
JaCoCo
|
| Overall Project | 70.17% | 🍏 |
|---|
There is no coverage information present for the Files changed
JaCoCo
|
| Overall Project | 91.42% | 🍏 |
|---|
There is no coverage information present for the Files changed
Closes #139 Release Notes: -Updated: `scala213 = "2.13.13"`
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (2)
project/plugins.sbt (1)
39-39: Version mismatch in sbt-jacoco line (coordinate vs URL).The module version is 3.4.1-absa.4 but the URL points to a 3.4.1-absa.3 jar. Align them to avoid confusion/eviction quirks.
publish.sbt (1)
75-76: Nit: unify homepage casing to the canonical repo URL.Use fa-db (lowercase) for consistency with SCM URL. This helps automated validators.
-ThisBuild / homepage := Some(url("https://github.com/AbsaOSS/fa-DB")) +ThisBuild / homepage := Some(url("https://github.com/AbsaOSS/fa-db"))
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (3)
project/build.properties(1 hunks)project/plugins.sbt(1 hunks)publish.sbt(1 hunks)
🔇 Additional comments (4)
project/plugins.sbt (1)
18-18: Upgrade to sbt-ci-release 1.11.2 aligns with Central Portal publishing.This version is intended for sbt 1.11.x and Central Portal flow. Looks good. (index.scala-lang.org)
project/build.properties (1)
17-17: CI JDK configuration is compatible – runs on Java 8 (sbt requires JDK 8+). JDK 8 meets sbt’s minimum requirement (scala-sbt.org) and Scala 3.x supports JDK 8+ (lampsrv1.epfl.ch).publish.sbt (2)
54-65: Developers list update looks good.Entries follow the existing pattern and satisfy Central metadata requirements. (index.scala-lang.org)
29-72: All legacy Sonatype settings removed: Verified there are no remaining references topublishTo,credentials, or anysonatype*settings in.sbtor.scalafiles.
|
|
||
|
|
||
| addSbtPlugin("com.github.sbt" % "sbt-ci-release" % "1.5.12") | ||
| addSbtPlugin("com.github.sbt" % "sbt-ci-release" % "1.11.2") |
There was a problem hiding this comment.
💡 Verification agent
🧩 Analysis chain
Double-check CI secrets and stale settings for Central Portal.
- Ensure GitHub Actions has: SONATYPE_USERNAME, SONATYPE_PASSWORD (user token parts), PGP_SECRET, PGP_PASSPHRASE. (index.scala-lang.org)
- Make sure no custom publishTo/credentials/sonatypeProfileName remain in build files (plugin manages these). (index.scala-lang.org, github.com)
Run from repo root:
🏁 Script executed:
#!/usr/bin/env bash
set -euo pipefail
echo "Check plugin version"
rg -n 'addSbtPlugin\("com\.github\.sbt"\s*%\s*"sbt-ci-release"\s*%\s*"1\.11\.2"\)' project/plugins.sbt || { echo "sbt-ci-release not pinned to 1.11.2"; exit 1; }
echo "Ensure no conflicting settings"
rg -nP '\bpublishTo\s*:=' -g '!**/target/**' || true
rg -n '\bcredentials\s*:=' -g '!**/target/**' || true
rg -n '\bsonatypeProfileName\b' -g '!**/target/**' || true
echo "Check workflows for ci-release usage"
fd -t f .github/workflows | xargs -r rg -n 'ci-release|sbt .*ci-release|setup-java|SONATYPE_(USERNAME|PASSWORD)|PGP_(SECRET|PASSPHRASE)' -n || trueLength of output: 980
🏁 Script executed:
#!/usr/bin/env bash
set -euo pipefail
echo "📦 Checking for stale publish settings in build files"
rg -nP '\b(publishTo\s*:=|credentials\s*:=|sonatypeProfileName)\b' \
-g '*.sbt' -g '*.scala' --ignore-case || echo "✅ No conflicting settings found"
echo "🛠 Scanning GitHub Actions workflows for sbt-ci-release usage and required secrets"
find .github/workflows -type f \( -name '*.yml' -o -name '*.yaml' \) -print0 \
| xargs -0 rg -nE 'ci-release|sbt\s+ci-release|setup-java|SONATYPE_USERNAME|SONATYPE_PASSWORD|PGP_SECRET|PGP_PASSPHRASE' \
|| echo "⚠️ No workflow references to ci-release or secrets found"Length of output: 363
🏁 Script executed:
#!/usr/bin/env bash
set -euo pipefail
echo "🔍 Scanning workflows for sbt-ci-release and secrets usage"
rg -nE 'ci-release|sbt\s+ci-release|setup-java|SONATYPE_USERNAME|SONATYPE_PASSWORD|PGP_SECRET|PGP_PASSPHRASE' .github/workflows/ || echo "🚫 No matches found in workflows"Length of output: 229
Configure CI workflows for sbt-ci-release and set required secrets
- No references to
sbt-ci-release,ci-releasesteps, or the secrets SONATYPE_USERNAME, SONATYPE_PASSWORD, PGP_SECRET, and PGP_PASSPHRASE were found in.github/workflows/. Add a workflow that invokessbt ci-releaseand ensure those secrets are defined in GitHub Actions.
🤖 Prompt for AI Agents
In project/plugins.sbt around line 18, the project adds the sbt-ci-release
plugin but there is no corresponding GitHub Actions workflow or required secrets
configured; create a new workflow file under .github/workflows (e.g.,
release.yml) that runs on appropriate triggers (tags or manual), checks out the
repo, sets up Java and sbt, imports/uses GPG for signing, and runs sbt
ci-release, and ensure the repository defines the secrets SONATYPE_USERNAME,
SONATYPE_PASSWORD, PGP_SECRET (ASCII-armored private key) and PGP_PASSPHRASE in
GitHub Settings -> Secrets so the workflow can publish; include the secrets as
environment variables in the job, give the workflow minimal required permissions
for contents and packages, and validate the job succeeds locally or via a
dry-run before merging.
There was a problem hiding this comment.
🧩 Analysis chain
🏁 Script executed:
#!/bin/bash
echo "🔍 Comprehensive search for GitHub Actions workflows"
find . -name "*.yml" -o -name "*.yaml" | head -20
echo -e "\n📂 Checking .github directory structure"
ls -la .github/ 2>/dev/null || echo "No .github directory found"
echo -e "\n🔍 Looking for any workflow files"
fd -t f -e yml -e yaml . | head -10
echo -e "\n🔍 Searching for sbt or release related content in any workflow files"
find . -name "*.yml" -o -name "*.yaml" | xargs grep -l "sbt\|release\|publish" 2>/dev/null || echo "No workflow files with sbt/release content found"
echo -e "\n🔍 Checking for any ci-release references anywhere in the codebase"
rg -i "ci-release" --type-not=log || echo "No ci-release references found"
Length of output: 1286
🏁 Script executed:
#!/bin/bash
echo "🔍 Checking the existing release.yml workflow"
cat .github/workflows/release.yml
echo -e "\n📋 Also checking RELEASE.md for more context"
cat RELEASE.md
Length of output: 2371
@benedeki Thank you for the clarification! You're absolutely right. I can now see that the repository already has a properly configured .github/workflows/release.yml file that:
✅ Uses sbt ci-release command
✅ Has all the required secrets configured (PGP_PASSPHRASE, PGP_SECRET, SONATYPE_PASSWORD, SONATYPE_USERNAME)
✅ Is documented in RELEASE.md with clear release instructions
My verification agent missed this during the initial scan - I apologize for the confusion. The sbt-ci-release plugin upgrade to version 1.11.2 is properly supported by your existing CI infrastructure.
🐰
(⌐■_■)
/| |
^ ^
learns something new
✏️ Learnings added
Learnt from: benedeki
PR: AbsaOSS/fa-db#140
File: project/plugins.sbt:18-18
Timestamp: 2025-09-09T11:30:33.175Z
Learning: The fa-db repository at AbsaOSS/fa-db has an existing GitHub Actions workflow (.github/workflows/release.yml) that uses sbt ci-release with all required secrets (PGP_PASSPHRASE, PGP_SECRET, SONATYPE_PASSWORD, SONATYPE_USERNAME) properly configured for Maven Central publishing.
Note: Learnings are effective only in the context of similar code segments. To apply general coding guidelines, please configure review instructions. You can manage existing learnings in the app.
There was a problem hiding this comment.
Actionable comments posted: 0
🧹 Nitpick comments (3)
build.sbt (3)
29-30: Prefer--release 8over-source/-target 1.8for modern JDKs.This avoids mismatched stdlib/linking on JDK ≥9 and is the recommended approach.
-lazy val commonJavacOptions = Seq("-source", "1.8", "-target", "1.8", "-Xlint") +lazy val commonJavacOptions = Seq("--release", "8", "-Xlint")
93-104: Avoid potential naming confusion: rename the Flyway helper project.
flywaySettingscan be confused with Flyway plugin keys/settings. A clearer name reduces ambiguity in build definitions and CI logs.-lazy val flywaySettings = project +lazy val flywayMigrations = project .enablePlugins(FlywayPlugin) .settings( @@ ) -addCommandAlias("flywayMigrate", "flywaySettings/flywayMigrate") +addCommandAlias("flywayMigrate", "flywayMigrations/flywayMigrate")
21-21: Bump Scala patch versions
Updatescala213to2.13.16and alignscala212to2.12.20(latest releases as of September 8, 2025).
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (1)
build.sbt(1 hunks)
🔇 Additional comments (2)
build.sbt (2)
24-24: Ensure CI pipeline runs cross-publish
I don’t see any CI configs (e.g. .github/workflows/*.yml, .circleci/config.yml, .gitlab-ci.yml, Jenkinsfile) invoking+publishSigned. Please verify your CI (via sbt-ci-release or equivalent) runs+publishSignedso both Scala 2.12 and 2.13 artifacts are published.
38-41: No action required: sbt-jacoco 3.5.0 supports sbt 1.11.x
Verified that the latest sbt-jacoco (3.5.0) is published for sbt 1.x and thus compatible with sbt 1.11.x.
|
|
||
|
|
||
| addSbtPlugin("com.github.sbt" % "sbt-ci-release" % "1.5.12") | ||
| addSbtPlugin("com.github.sbt" % "sbt-ci-release" % "1.11.2") |
Co-authored-by: David Benedeki <[email protected]>
ABLL526
deleted the
139-make-fa-db-releasable-under-new-maven-central-repository
branch
Make fa-db releasable under new Maven central repository
Closes #139
Release Notes:
sbt.versionto1.11.5for release.sbt-ci-releaseto1.11.2sonatypeProfileName := "za.co.absa"Summary by CodeRabbit