Published: Nov 21, 2023 by Isaac Johnson
I recently read an article by Bui Dang Binh/Bing on using GIT to drive one’s resume.
Part of his pitch for using GIT was:
- Version Control
- Collaboration with others
- Backup and Safety
- Streamlined workflow
I’ve been using Google Docs for a very long time to hold my Resume.
I add revisions and occasionally try and create blocks for specific applications. That is, a few times I’ve tried for ‘stretch jobs’ where I’m angling for a career advancement to a title I’ve yet to achieve (e.g. C-suite or VP).
Other times, it’s for a company I get really sold on for their mission or IP and I rework it for an Individual Contributor role.
The problem for me (and go ahead, call me an old man gray hair) is I have TOO much experience.
Then the question becomes, what is relevant to the position for which I’m applying? What would be really attention getting and what would be seen as noise.
For people in later stages of our careers, what do we start to leave off? I mean, other than for chuckles, I could hardly imagine a future position that would care to know I worked the VCR rental POS machine at a grocery store when I was 16 in the 1990s.
Let’s first discuss some Resume Patterns one can use:
The Uber Resume
There was a point that I had someone give me the suggestion to create a massive “everything” resume. It wouldn’t matter if it was 40 pages mono-spaced with single lines,
But then I had this big giant document that got unwieldy, and I had to play copy-paste games to create each new draft.
Version control in Doc names
To date, this is what I have done. I have a major and minor (and occasionally bugfix) - $Mjr.$Min.$Bug` .. the idea is that if I made a mistake (typo, small issue in formatting or year), I could revise the last revision with a point release (1.13 to 1.13.1 to denote a minor modification or correction)
A more substantial update, like a large job experience or engagement would create a minor release (1.13 to 1.14). Only wide expansive changes would push me to revise the major.
I also would sometimes create an “ICR” variant for “Individual Contributor Role”. In my station in life, I have the option to go Management, Architecture, or ICR (if it’s a particularily unique company).
Troubles with multiple versions and Google Docs
But then I have these side versions and it gets messy. And none of this really fixes generation of alternative formats.
As anyone who has used “Save as Word Doc” from Google Docs, or frankly any other office editor from any other time in history, you know it won’t look the same in MS Word.
Benefits of a Git-based approach (As I see it)
1. Revision control when using Markdown.
As the original author pointed out, versioning is great. But more importantly, basing things on an immutable SHA in a repo allows hot fixes and merge backs a lot easier than brining up two graphical documents side by side and visually comparing.
A smaller but key component of GIT is that it’s an industry standard. I might have to rebuild some workflows and relaunch agents, but I should be able to sync and migrate between Github, Gitlab and Gitea with relative ease. (I hate abhor lock-in)
2. PRs for WIP
It also allows for Work In Progress, that is, candidate changes. Just as I’m writing this blog entry now, I do it in chunks as inspired. I’ll save aside the file and come back to it on it’s own branch. I could create a Pull Request for other people to review. I could only see that being of benefit if a close connection is trying to bring me in and I want her to review what I wrote. However, in my experience, that is very rare – to seek reviews at the Resume stage.
3. Release Branches for former Applications
There is a particular company, whom I won’t name, for whom I would really love to work. I’ve applied over the years a few times. Sometimes getting pretty far. The thing is, their backend resume system apparently drops things over time, moreover, if I have a resume in there when I come back, it’s often very out of date. I almost want a branch for that employer.
4. Projects in Github
I have this rather strange idea - using Issues and Project boards in Github/Gitea/Gitlab to actually drive some of my “resume-driven development”. Sometimes, one knows they lack certain specific skills or certifications for that next role. Having them as a list - actionable tickets - might be of benefit.
To be honest, I’ve maintained my Azure certification for as long as I have not because my employer desires it (GCP yes, Azure, not so much). I do this because I like Azure, I want to use it more, and I want employers to see that as a “oh, he knows Azure already” note.
I could also see them collecting feedback from recruiters if you are declined on a role. Good requirements that drive future actions and learnings.
5. Extras :: Side-quests
We all have passion projects, hobbies and community engagements of some form or another. That could include missional work with a religious body, volunteer work in a community, or mentoring. In some cases, you may feel that would be of import to a particular employer. In others, it would be noise.
It would be nice to design a system that has these content plugins you could optionally drop in an application.
The How
So far, we talked at length about the what and why. It’s time to dig into the HOW
A challenge that immediately came to mind is “what about cell phone and address?”
I’m not really sure I want that exposed, by default, globally.
I’m thinking that is a lot like a PAT or Secret - something we will pull in at build time, perhaps even setting inside the artifact, but not shared out globally.
I’ll create a new repo. For this, I’ll use Gitea I host internally on my on-prem K3s cluster.
I’ll start with it to be private (we’ll come back later to this and have it be public)
I’ll clone it and init the main
builder@LuiGi17:~/Workspaces$ git clone https://gitea.freshbrewed.science/builder/resume.git
Cloning into 'resume'...
Username for 'https://gitea.freshbrewed.science': builder
Password for 'https://builder@gitea.freshbrewed.science':
warning: You appear to have cloned an empty repository.
builder@LuiGi17:~/Workspaces$ cd resume/
builder@LuiGi17:~/Workspaces/resume$ git checkout -b main
Switched to a new branch 'main'
builder@LuiGi17:~/Workspaces/resume$ vi resume.md
I’ll npm init and add the md-to-pdf
builder@LuiGi17:~/Workspaces/resume$ npm init
This utility will walk you through creating a package.json file.
It only covers the most common items, and tries to guess sensible defaults.
See `npm help init` for definitive documentation on these fields
and exactly what they do.
Use `npm install <pkg>` afterwards to install a package and
save it as a dependency in the package.json file.
Press ^C at any time to quit.
package name: (resume)
version: (1.0.0)
description:
entry point: (index.js)
test command:
git repository:
keywords:
author:
license: (ISC)
About to write to /home/builder/Workspaces/resume/package.json:
{
"name": "resume",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "",
"license": "ISC"
}
Is this OK? (yes) yes
npm notice
npm notice New minor version of npm available! 10.1.0 -> 10.2.3
npm notice Changelog: https://github.com/npm/cli/releases/tag/v10.2.3
npm notice Run npm install -g npm@10.2.3 to update!
npm notice
builder@LuiGi17:~/Workspaces/resume$ nvm list
v14.21.3
v16.20.2
v18.18.1
-> v20.8.0
default -> node (-> v20.8.0)
iojs -> N/A (default)
unstable -> N/A (default)
node -> stable (-> v20.8.0) (default)
stable -> 20.8 (-> v20.8.0) (default)
lts/* -> lts/iron (-> N/A)
lts/argon -> v4.9.1 (-> N/A)
lts/boron -> v6.17.1 (-> N/A)
lts/carbon -> v8.17.0 (-> N/A)
lts/dubnium -> v10.24.1 (-> N/A)
lts/erbium -> v12.22.12 (-> N/A)
lts/fermium -> v14.21.3
lts/gallium -> v16.20.2
lts/hydrogen -> v18.18.2 (-> N/A)
lts/iron -> v20.9.0 (-> N/A)
builder@LuiGi17:~/Workspaces/resume$ npm install --save md-to-pdf
added 225 packages, and audited 226 packages in 29s
14 packages are looking for funding
run `npm fund` for details
found 0 vulnerabilities
I needed to add some packages to sort out headless chrome
sudo apt install libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev
I also added a run target in package.json
builder@LuiGi17:~/Workspaces/resume$ cat package.json
{
"name": "resume",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"makepdf": "md-to-pdf resume.md"
},
"author": "",
"license": "ISC",
"dependencies": {
"md-to-pdf": "^5.2.4"
}
}
I’ll make a quick sample resume (mostly to test Div tag alignment)
builder@LuiGi17:~/Workspaces/resume$ cat resume.md
# Isaac Johnson
### Cloud Architect / SRE
<div style="text-align: right"> 555-555-5555<br/>isaac@freshbrewed.science </div>
# Experience
afsadf
Now can I run it
builder@LuiGi17:~/Workspaces/resume$ npm run makepdf
> resume@1.0.0 makepdf
> md-to-pdf resume.md
Puppeteer old Headless deprecation warning:
In the near future `headless: true` will default to the new Headless mode
for Chrome instead of the old Headless implementation. For more
information, please see https://developer.chrome.com/articles/new-headless/.
Consider opting in early by passing `headless: "new"` to `puppeteer.launch()`
If you encounter any bugs, please report them to https://github.com/puppeteer/puppeteer/issues/new/choose.
✔ generating PDF from resume.md
I think it looks plain but still pretty good:
I’m thinking I could substitute in real values, like phone number, using env vars and a step.
e.g.
$ sed -i s/555-555-5555/555-666-7777/g resume.md && npm run makepdf && git checkout -- resume.md
Which created
I’m going to want to enable Gitea Actions next. I often forget to enable Actions on new repos.
Because the Gitea runner I have runs as root, I had some challenges running Chromium
> resume@1.0.0 makepdf
> md-to-pdf resume.md
[12:33:33] generating PDF from resume.md [started]
Puppeteer old Headless deprecation warning:
In the near future `headless: true` will default to the new Headless mode
for Chrome instead of the old Headless implementation. For more
information, please see https://developer.chrome.com/articles/new-headless/.
Consider opting in early by passing `headless: "new"` to `puppeteer.launch()`
If you encounter any bugs, please report them to https://github.com/puppeteer/puppeteer/issues/new/choose.
[12:33:33] generating PDF from resume.md [failed]
[12:33:33] → Failed to launch the browser process!
[1107/123333.562164:ERROR:zygote_host_impl_linux.cc(100)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
TROUBLESHOOTING: https://pptr.dev/troubleshooting
ListrError: Something went wrong
at /workspace/builder/resume/node_modules/listr/index.js:102:18
at processTicksAndRejections (node:internal/process/task_queues:96:5)
at async main (/workspace/builder/resume/node_modules/md-to-pdf/dist/cli.js:120:5) {
errors: [
Error: Failed to launch the browser process!
[1107/123333.562164:ERROR:zygote_host_impl_linux.cc(100)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
TROUBLESHOOTING: https://pptr.dev/troubleshooting
at Interface.onClose (/workspace/builder/resume/node_modules/@puppeteer/browsers/lib/cjs/launch.js:271:24)
at Interface.emit (node:events:525:35)
at Interface.close (node:readline:590:8)
at Socket.onend (node:readline:280:10)
at Socket.emit (node:events:525:35)
at endReadableNT (node:internal/streams/readable:1358:12)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
],
context: [Object: null prototype] {}
}
The key to fixing that was to add a --no-sandbox option to the invokation (makepdfr)
$ cat package.json
{
"name": "resume",
"version": "1.0.0",
"description": "",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1",
"makepdf": "md-to-pdf resume.md",
"makepdfr": "md-to-pdf --launch-options '{ \"args\": [\"--no-sandbox\"] }' resume.md"
},
"author": "",
"license": "ISC",
"dependencies": {
"md-to-pdf": "^5.2.4"
}
}
My build.yaml file then looked as such
name: Gitea Actions Demo
run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
on: [push]
jobs:
Explore-Gitea-Actions:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: apt
run: |
# if running as non-root, add sudo
apt update
apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2
- name: Npm
run: |
npm install
- name: NpmMakePDF
run: |
# need no sandbox for root user
npm run makepdfr
- run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
- run: echo "🖥️ The workflow is now ready to test your code on the runner."
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ gitea.status }}."
We can see it built the PDF
I mean, that is great and all. But the PDF sitting in ephemeral build output won’t do me much good.
I’ll want to upload an artifact and create a release.
To do the release, I’ll need a token which we can generate under our user settings
I can then add it as a repo secret to the Resume repo
and see that it’s saved
Now I’ll try and use it
name: Gitea Actions Demo
run-name: ${{ gitea.actor }} is testing out Gitea Actions 🚀
on: [push]
jobs:
Explore-Gitea-Actions:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: apt
run: |
# if running as non-root, add sudo
apt update
apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2
- name: Npm
run: |
npm install
- name: NpmMakePDF
run: |
# need no sandbox for root user
npm run makepdfr
- name: Upload the Resume Artifact
uses: actions/upload-artifact@v3
with:
name: Resume-${{ matrix.node-version }}
path: /*.pdf
- name: setup go
uses: https://github.com/actions/setup-go@v4
with:
go-version: '>=1.20.1'
- name: Create Release
id: use-go-action
uses: https://gitea.com/actions/release-action@main
with:
files: /*.pdf
api_key: '${{secrets.RELEASE_TOKEN}}'
- run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
- run: echo "🖥️ The workflow is now ready to test your code on the runner."
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ gitea.status }}."
I found I had a lot of issues in the artifact name, but upon closer look, I realized the errors were “404” responses. This lead me to find that Artifact Uploads weren’t added until 1.20.x and I’m running Gitea 1.19.3 presently
Let’s update to the latest 1.20.5. (Spoiler alert, there be dragons ahead - save thy repos locally!)
builder@DESKTOP-QADGF36:~/Workspaces/resume$ helm get values gitea -o yaml > gitea.values.yaml
builder@DESKTOP-QADGF36:~/Workspaces/resume$ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Unable to get an update from the "myharbor" chart repository (https://harbor.freshbrewed.science/chartrepo/library):
failed to fetch https://harbor.freshbrewed.science/chartrepo/library/index.yaml : 404 Not Found
...Unable to get an update from the "freshbrewed" chart repository (https://harbor.freshbrewed.science/chartrepo/library):
failed to fetch https://harbor.freshbrewed.science/chartrepo/library/index.yaml : 404 Not Found
...Successfully got an update from the "nfs" chart repository
...Successfully got an update from the "portainer" chart repository
...Successfully got an update from the "btungut" chart repository
...Successfully got an update from the "zabbix-community" chart repository
...Successfully got an update from the "azure-samples" chart repository
...Successfully got an update from the "hashicorp" chart repository
...Successfully got an update from the "actions-runner-controller" chart repository
...Successfully got an update from the "dapr" chart repository
...Successfully got an update from the "gitea-charts" chart repository
...Successfully got an update from the "kiwigrid" chart repository
...Successfully got an update from the "akomljen-charts" chart repository
...Unable to get an update from the "epsagon" chart repository (https://helm.epsagon.com):
Get "https://helm.epsagon.com/index.yaml": dial tcp: lookup helm.epsagon.com on 172.22.64.1:53: no such host
...Successfully got an update from the "castai-helm" chart repository
...Successfully got an update from the "kubecost" chart repository
...Successfully got an update from the "longhorn" chart repository
...Successfully got an update from the "lifen-charts" chart repository
...Successfully got an update from the "datadog" chart repository
...Successfully got an update from the "signoz" chart repository
...Successfully got an update from the "harbor" chart repository
...Successfully got an update from the "openzipkin" chart repository
...Successfully got an update from the "argo-cd" chart repository
...Successfully got an update from the "incubator" chart repository
...Successfully got an update from the "grafana" chart repository
...Successfully got an update from the "gitlab" chart repository
...Successfully got an update from the "newrelic" chart repository
...Successfully got an update from the "kube-state-metrics" chart repository
...Successfully got an update from the "ngrok" chart repository
...Successfully got an update from the "prometheus-community" chart repository
...Successfully got an update from the "opencost" chart repository
...Successfully got an update from the "jfelten" chart repository
...Successfully got an update from the "confluentinc" chart repository
...Successfully got an update from the "adwerx" chart repository
...Successfully got an update from the "sonarqube" chart repository
...Successfully got an update from the "kuma" chart repository
...Successfully got an update from the "novum-rgi-helm" chart repository
...Successfully got an update from the "rhcharts" chart repository
...Successfully got an update from the "nginx-stable" chart repository
...Successfully got an update from the "sumologic" chart repository
...Successfully got an update from the "open-telemetry" chart repository
...Successfully got an update from the "elastic" chart repository
...Successfully got an update from the "rook-release" chart repository
...Successfully got an update from the "crossplane-stable" chart repository
...Successfully got an update from the "rancher-latest" chart repository
...Successfully got an update from the "uptime-kuma" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈
I like to do a dry run just to ensure we see that it’s fetching the right version (you can grep on image tags as well)
builder@DESKTOP-QADGF36:~/Workspaces/resume$ helm upgrade --dry-run -f gitea.values.yaml gitea gitea-charts/gitea | grep version: | head -n6
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
app.kubernetes.io/version: "1.20.5"
version: "1.20.5"
No time like the present. I went ahead and upgraded
builder@DESKTOP-QADGF36:~/Workspaces/resume$ helm upgrade -f gitea.values.yaml gitea gitea-charts/gitea
Release "gitea" has been upgraded. Happy Helming!
NAME: gitea
LAST DEPLOYED: Tue Nov 7 07:48:01 2023
NAMESPACE: default
STATUS: deployed
REVISION: 10
NOTES:
1. Get the application URL by running these commands:
https://gitea.freshbrewed.science/
I see the app in a crash loop
$ kubectl get pods --all-namespaces | grep gitea
default gitea-postgresql-ha-postgresql-2 0/1 Running 0 82s
default gitea-redis-cluster-3 1/1 Running 0 81s
default gitea-redis-cluster-5 1/1 Running 0 80s
default gitea-redis-cluster-4 1/1 Running 0 80s
default gitea-redis-cluster-0 1/1 Running 0 83s
default gitea-redis-cluster-1 1/1 Running 0 83s
default gitea-redis-cluster-2 1/1 Running 0 82s
default gitea-postgresql-ha-postgresql-0 1/1 Running 0 84s
default gitea-postgresql-ha-pgpool-85dd977744-lpkjs 1/1 Running 0 84s
default gitea-postgresql-ha-postgresql-1 1/1 Running 0 83s
default gitea-bccc66889-kqlhz 0/1 Init:CrashLoopBackOff 3 (13s ago) 83
I think the root of the issue is the DB migrate is falling down
Well I found the issue. They removed MySQL/MariaDB by default. There was also something about new versions of GIT breaking things.
The end results was I got it to come back, using the same MariaDB database as before with
$ helm upgrade -f gitea.values.yaml --set mariadb.enabled=true --set postgresql-ha.enabled=false --set postgresql.enabled=false gitea gitea-charts/gitea
Release "gitea" has been upgraded. Happy Helming!
NAME: gitea
LAST DEPLOYED: Tue Nov 7 08:10:24 2023
NAMESPACE: default
STATUS: deployed
REVISION: 11
NOTES:
1. Get the application URL by running these commands:
https://gitea.freshbrewed.science/
but it lost all my repo data (perhaps it created new PVCs?)
$ kubectl get pvc | grep gitea
data-gitea-postgresql-0 Bound pvc-baf09625-a70c-4628-b18b-e69ec9626edd 10Gi RWO managed-nfs-storage 112d
data-gitea-0 Bound pvc-dbb24e9f-d7e5-4229-99b9-173a05d2dd45 10Gi RWO managed-nfs-storage 112d
data-gitea-postgresql-ha-postgresql-0 Bound pvc-a42b86e8-7d0b-40ac-85e8-25a9ea1be647 8Gi RWO managed-nfs-storage 6h9m
redis-data-gitea-redis-cluster-0 Bound pvc-068e7a7a-0cae-413f-85d3-7b98cc15c14c 8Gi RWO managed-nfs-storage 6h9m
data-gitea-postgresql-ha-postgresql-2 Bound pvc-fcbcfa4e-9505-4e7e-8e1f-82d4d1c1294f 8Gi RWO managed-nfs-storage 6h9m
redis-data-gitea-redis-cluster-1 Bound pvc-ca977aa4-decd-44ef-9919-14aa73b7b53b 8Gi RWO managed-nfs-storage 6h9m
redis-data-gitea-redis-cluster-2 Bound pvc-4859c13f-b647-4faa-a3de-be1609f7b278 8Gi RWO managed-nfs-storage 6h9m
data-gitea-postgresql-ha-postgresql-1 Bound pvc-33b7ed7a-bc83-48cb-bb14-24026fcd230f 8Gi RWO managed-nfs-storage 6h9m
redis-data-gitea-redis-cluster-4 Bound pvc-8a148d27-3264-41c0-9c21-d995fb6184af 8Gi RWO managed-nfs-storage 6h9m
redis-data-gitea-redis-cluster-3 Bound pvc-d3926a7e-f2a9-41eb-aadd-b4d9aca6060c 8Gi RWO managed-nfs-storage 6h9m
redis-data-gitea-redis-cluster-5 Bound pvc-da65f09e-7fab-4a59-8d08-4406f51b192e 8Gi RWO managed-nfs-storage 6h9m
gitea-shared-storage Bound pvc-3c7f678b-dadf-4965-9f8c-290368964735 10Gi RWO local-path 6h9m
As a result, my repo (content) was wiped out
However, GIT is great in that the history and code is local.
I just made a new repo and pushed all the data back for my two blown-up repos
builder@DESKTOP-QADGF36:~/Workspaces/AzureDevOpsAgent$ git remote add origin2 https://gitea.freshbrewed.science/builder/AzureDevOpsAgent-NEW.git
builder@DESKTOP-QADGF36:~/Workspaces/AzureDevOpsAgent$ git push origin2 main
Enumerating objects: 86, done.
Counting objects: 100% (86/86), done.
Delta compression using up to 16 threads
Compressing objects: 100% (69/69), done.
Writing objects: 100% (86/86), 15.95 KiB | 2.28 MiB/s, done.
Total 86 (delta 30), reused 0 (delta 0)
remote: . Processing 1 references
remote: Processed 1 references in total
To https://gitea.freshbrewed.science/builder/AzureDevOpsAgent-NEW.git
* [new branch] main -> main
Yes, I had to create the secret again (it was moved in the UI), but I’m now unblocked
More importantly, the packaging task works now that I’m at 1.20.x
I want to test the Release Action next.
I’ll create a tag
Once created
I can see it queue a build
But the release action still fails
I did get the release to work
name: release
run-name: ${{ gitea.actor }} Releasing Resume
on:
push:
tags:
- '*'
jobs:
Release-Resume:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: apt
run: |
# if running as non-root, add sudo
apt update
apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2
- name: Npm
run: |
npm install
- name: NpmMakePDF
run: |
# need no sandbox for root user
npm run makepdfr
- name: debug
run: |
set -x
pwd
ls -ltra
export
- name: Upload the Resume Artifact
uses: actions/upload-artifact@v3
with:
name: Resume-${{ github.run_number }}.pdf
path: ${{ gitea.workspace }}/resume.pdf
- name: setup go
uses: https://github.com/actions/setup-go@v4
with:
go-version: '>=1.20.1'
- name: Create Release
id: use-go-action
uses: https://gitea.com/actions/release-action@main
with:
files: ${{ gitea.workspace }}/resume.pdf
api_key: '${{secrets.RELEASE_TOKEN}}'
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ gitea.status }}."
but it wasn’t what I desired - just a zip of source
Nexus
Knowing I might need a proper artifact storage service, I added the (now deprecated as of Oct 2023) Sonatype OS Helm repo
$ helm repo add sonatype https://sonatype.github.io/helm3-charts/
"sonatype" has been added to your repositories
$ helm repo update
Hang tight while we grab the latest from your chart repositories...
...Successfully got an update from the "backstage" chart repository
...Successfully got an update from the "sonatype" chart repository
...Successfully got an update from the "ananace-charts" chart repository
...Successfully got an update from the "frappe" chart repository
...Successfully got an update from the "deliveryhero" chart repository
...Successfully got an update from the "bitnami" chart repository
Update Complete. ⎈Happy Helming!⎈
and installed Nexus
$ helm install -f nexus.values.yaml my-nexus-repository-manager sonatype/nexus-repository-manager --version 61.0.2
NAME: my-nexus-repository-manager
LAST DEPLOYED: Tue Nov 7 20:24:51 2023
NAMESPACE: default
STATUS: deployed
REVISION: 1
NOTES:
1. Your ingresses are available here:
https://nexus.freshbrewed.science/
We can get the admin password with a kubectl
$ kubectl exec `kubectl get pods -l app.kubernetes.io/instance=my-nexus-repository-manager --output=jsonpath={.items..metadata.name}` cat /nexus-data/admin.password
kubectl exec [POD] [COMMAND] is DEPRECATED and will be removed in a future version. Use kubectl exec [POD] -- [COMMAND] instead.
xxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I can now create a deploy user:
I’ll need to add Maven
$ sudo apt install maven
[sudo] password for builder:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages were automatically installed and are no longer required:
libcanberra0 libjson-glib-1.0-0 libjson-glib-1.0-common libntfs-3g89 libpipewire-0.3-0 libpipewire-0.3-common libpipewire-0.3-modules libspa-0.2-modules libtdb1
libvorbisfile3 libwebrtc-audio-processing1 pipewire pipewire-bin pipewire-media-session rtkit sound-theme-freedesktop
Use 'sudo apt autoremove' to remove them.
The following additional packages will be installed:
ca-certificates-java default-jre-headless java-common libaopalliance-java libapache-pom-java libatinject-jsr330-api-java libcdi-api-java libcommons-cli-java
libcommons-io-java libcommons-lang3-java libcommons-parent-java libgeronimo-annotation-1.3-spec-java libgeronimo-interceptor-3.0-spec-java libguava-java
libguice-java libhawtjni-runtime-java libjansi-java libjansi-native-java libjsr305-java libmaven-parent-java libmaven-resolver-java libmaven-shared-utils-java
libmaven3-core-java libpcsclite1 libplexus-cipher-java libplexus-classworlds-java libplexus-component-annotations-java libplexus-interpolation-java
libplexus-sec-dispatcher-java libplexus-utils2-java libsisu-inject-java libsisu-plexus-java libslf4j-java libwagon-file-java libwagon-http-shaded-java
libwagon-provider-api-java openjdk-11-jre-headless
Suggested packages:
default-jre libaopalliance-java-doc libatinject-jsr330-api-java-doc libel-api-java libcommons-io-java-doc libcommons-lang3-java-doc libasm-java libcglib-java
libjsr305-java-doc libmaven-shared-utils-java-doc liblogback-java pcscd libplexus-classworlds-java-doc libplexus-sec-dispatcher-java-doc libplexus-utils2-java-doc
junit4 testng libcommons-logging-java liblog4j1.2-java libnss-mdns fonts-dejavu-extra fonts-ipafont-gothic fonts-ipafont-mincho fonts-wqy-microhei
| fonts-wqy-zenhei fonts-indic
The following NEW packages will be installed:
ca-certificates-java default-jre-headless java-common libaopalliance-java libapache-pom-java libatinject-jsr330-api-java libcdi-api-java libcommons-cli-java
libcommons-io-java libcommons-lang3-java libcommons-parent-java libgeronimo-annotation-1.3-spec-java libgeronimo-interceptor-3.0-spec-java libguava-java
libguice-java libhawtjni-runtime-java libjansi-java libjansi-native-java libjsr305-java libmaven-parent-java libmaven-resolver-java libmaven-shared-utils-java
libmaven3-core-java libpcsclite1 libplexus-cipher-java libplexus-classworlds-java libplexus-component-annotations-java libplexus-interpolation-java
libplexus-sec-dispatcher-java libplexus-utils2-java libsisu-inject-java libsisu-plexus-java libslf4j-java libwagon-file-java libwagon-http-shaded-java
libwagon-provider-api-java maven openjdk-11-jre-headless
0 upgraded, 38 newly installed, 0 to remove and 21 not upgraded.
Need to get 52.8 MB of archives.
After this operation, 189 MB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 http://archive.ubuntu.com/ubuntu jammy/main amd64 java-common all 0.72build2 [6782 B]
Get:2 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 libpcsclite1 amd64 1.9.5-3ubuntu1 [19.8 kB]
Get:3 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 openjdk-11-jre-headless amd64 11.0.20.1+1-0ubuntu1~22.04 [42.5 MB]
Get:4 http://archive.ubuntu.com/ubuntu jammy/main amd64 default-jre-headless amd64 2:1.11-72build2 [3042 B]
Get:5 http://archive.ubuntu.com/ubuntu jammy-updates/main amd64 ca-certificates-java all 20190909ubuntu1.2 [12.1 kB]
Get:6 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libapache-pom-java all 18-1 [4720 B]
Get:7 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libatinject-jsr330-api-java all 1.0+ds1-5 [5348 B]
Get:8 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libgeronimo-interceptor-3.0-spec-java all 1.0.1-4fakesync [8616 B]
Get:9 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libcdi-api-java all 1.2-3 [54.3 kB]
Get:10 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libcommons-cli-java all 1.4-2 [55.8 kB]
Get:11 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libcommons-parent-java all 43-1 [10.8 kB]
Get:12 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libcommons-io-java all 2.11.0-2 [297 kB]
Get:13 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libcommons-lang3-java all 3.11-1 [526 kB]
Get:14 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libgeronimo-annotation-1.3-spec-java all 1.3-1 [11.2 kB]
Get:15 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libjsr305-java all 0.1~+svn49-11 [27.0 kB]
Get:16 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libguava-java all 29.0-6 [2418 kB]
Get:17 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libaopalliance-java all 20070526-6 [9084 B]
Get:18 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libguice-java all 4.2.3-2 [1434 kB]
Get:19 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libhawtjni-runtime-java all 1.17-1 [28.8 kB]
Get:20 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libjansi-native-java all 1.8-1 [23.8 kB]
Get:21 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libjansi-java all 1.18-1 [56.8 kB]
Get:22 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libmaven-parent-java all 31-2 [5140 B]
Get:23 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libplexus-utils2-java all 3.3.0-1 [250 kB]
Get:24 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libwagon-provider-api-java all 3.3.4-1 [48.5 kB]
Get:25 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libmaven-resolver-java all 1.4.2-3build1 [555 kB]
Get:26 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libmaven-shared-utils-java all 3.3.0-1 [149 kB]
Get:27 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libplexus-cipher-java all 1.8-2 [15.1 kB]
Get:28 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libplexus-classworlds-java all 2.6.0-1 [49.4 kB]
Get:29 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libplexus-component-annotations-java all 2.1.0-1 [6564 B]
Get:30 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libplexus-interpolation-java all 1.26-1 [76.8 kB]
Get:31 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libplexus-sec-dispatcher-java all 1.4-4 [28.1 kB]
Get:32 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libslf4j-java all 1.7.32-1 [141 kB]
Get:33 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libsisu-inject-java all 0.3.4-2 [347 kB]
Get:34 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libsisu-plexus-java all 0.3.4-3 [181 kB]
Get:35 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libmaven3-core-java all 3.6.3-5 [1535 kB]
Get:36 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libwagon-file-java all 3.3.4-1 [7928 B]
Get:37 http://archive.ubuntu.com/ubuntu jammy/universe amd64 libwagon-http-shaded-java all 3.3.4-1 [1855 kB]
Get:38 http://archive.ubuntu.com/ubuntu jammy/universe amd64 maven all 3.6.3-5 [17.8 kB]
Fetched 52.8 MB in 11s (4642 kB/s)
Extracting templates from packages: 100%
Selecting previously unselected package java-common.
(Reading database ... 157465 files and directories currently installed.)
Preparing to unpack .../00-java-common_0.72build2_all.deb ...
Unpacking java-common (0.72build2) ...
Selecting previously unselected package libpcsclite1:amd64.
Preparing to unpack .../01-libpcsclite1_1.9.5-3ubuntu1_amd64.deb ...
Unpacking libpcsclite1:amd64 (1.9.5-3ubuntu1) ...
Selecting previously unselected package openjdk-11-jre-headless:amd64.
Preparing to unpack .../02-openjdk-11-jre-headless_11.0.20.1+1-0ubuntu1~22.04_amd64.deb ...
Unpacking openjdk-11-jre-headless:amd64 (11.0.20.1+1-0ubuntu1~22.04) ...
Selecting previously unselected package default-jre-headless.
Preparing to unpack .../03-default-jre-headless_2%3a1.11-72build2_amd64.deb ...
Unpacking default-jre-headless (2:1.11-72build2) ...
Selecting previously unselected package ca-certificates-java.
Preparing to unpack .../04-ca-certificates-java_20190909ubuntu1.2_all.deb ...
Unpacking ca-certificates-java (20190909ubuntu1.2) ...
Selecting previously unselected package libapache-pom-java.
Preparing to unpack .../05-libapache-pom-java_18-1_all.deb ...
Unpacking libapache-pom-java (18-1) ...
Selecting previously unselected package libatinject-jsr330-api-java.
Preparing to unpack .../06-libatinject-jsr330-api-java_1.0+ds1-5_all.deb ...
Unpacking libatinject-jsr330-api-java (1.0+ds1-5) ...
Selecting previously unselected package libgeronimo-interceptor-3.0-spec-java.
Preparing to unpack .../07-libgeronimo-interceptor-3.0-spec-java_1.0.1-4fakesync_all.deb ...
Unpacking libgeronimo-interceptor-3.0-spec-java (1.0.1-4fakesync) ...
Selecting previously unselected package libcdi-api-java.
Preparing to unpack .../08-libcdi-api-java_1.2-3_all.deb ...
Unpacking libcdi-api-java (1.2-3) ...
Selecting previously unselected package libcommons-cli-java.
Preparing to unpack .../09-libcommons-cli-java_1.4-2_all.deb ...
Unpacking libcommons-cli-java (1.4-2) ...
Selecting previously unselected package libcommons-parent-java.
Preparing to unpack .../10-libcommons-parent-java_43-1_all.deb ...
Unpacking libcommons-parent-java (43-1) ...
Selecting previously unselected package libcommons-io-java.
Preparing to unpack .../11-libcommons-io-java_2.11.0-2_all.deb ...
Unpacking libcommons-io-java (2.11.0-2) ...
Selecting previously unselected package libcommons-lang3-java.
Preparing to unpack .../12-libcommons-lang3-java_3.11-1_all.deb ...
Unpacking libcommons-lang3-java (3.11-1) ...
Selecting previously unselected package libgeronimo-annotation-1.3-spec-java.
Preparing to unpack .../13-libgeronimo-annotation-1.3-spec-java_1.3-1_all.deb ...
Unpacking libgeronimo-annotation-1.3-spec-java (1.3-1) ...
Selecting previously unselected package libjsr305-java.
Preparing to unpack .../14-libjsr305-java_0.1~+svn49-11_all.deb ...
Unpacking libjsr305-java (0.1~+svn49-11) ...
Selecting previously unselected package libguava-java.
Preparing to unpack .../15-libguava-java_29.0-6_all.deb ...
Unpacking libguava-java (29.0-6) ...
Selecting previously unselected package libaopalliance-java.
Preparing to unpack .../16-libaopalliance-java_20070526-6_all.deb ...
Unpacking libaopalliance-java (20070526-6) ...
Selecting previously unselected package libguice-java.
Preparing to unpack .../17-libguice-java_4.2.3-2_all.deb ...
Unpacking libguice-java (4.2.3-2) ...
Selecting previously unselected package libhawtjni-runtime-java.
Preparing to unpack .../18-libhawtjni-runtime-java_1.17-1_all.deb ...
Unpacking libhawtjni-runtime-java (1.17-1) ...
Selecting previously unselected package libjansi-native-java.
Preparing to unpack .../19-libjansi-native-java_1.8-1_all.deb ...
Unpacking libjansi-native-java (1.8-1) ...
Selecting previously unselected package libjansi-java.
Preparing to unpack .../20-libjansi-java_1.18-1_all.deb ...
Unpacking libjansi-java (1.18-1) ...
Selecting previously unselected package libmaven-parent-java.
Preparing to unpack .../21-libmaven-parent-java_31-2_all.deb ...
Unpacking libmaven-parent-java (31-2) ...
Selecting previously unselected package libplexus-utils2-java.
Preparing to unpack .../22-libplexus-utils2-java_3.3.0-1_all.deb ...
Unpacking libplexus-utils2-java (3.3.0-1) ...
Selecting previously unselected package libwagon-provider-api-java.
Preparing to unpack .../23-libwagon-provider-api-java_3.3.4-1_all.deb ...
Unpacking libwagon-provider-api-java (3.3.4-1) ...
Selecting previously unselected package libmaven-resolver-java.
Preparing to unpack .../24-libmaven-resolver-java_1.4.2-3build1_all.deb ...
Unpacking libmaven-resolver-java (1.4.2-3build1) ...
Selecting previously unselected package libmaven-shared-utils-java.
Preparing to unpack .../25-libmaven-shared-utils-java_3.3.0-1_all.deb ...
Unpacking libmaven-shared-utils-java (3.3.0-1) ...
Selecting previously unselected package libplexus-cipher-java.
Preparing to unpack .../26-libplexus-cipher-java_1.8-2_all.deb ...
Unpacking libplexus-cipher-java (1.8-2) ...
Selecting previously unselected package libplexus-classworlds-java.
Preparing to unpack .../27-libplexus-classworlds-java_2.6.0-1_all.deb ...
Unpacking libplexus-classworlds-java (2.6.0-1) ...
Selecting previously unselected package libplexus-component-annotations-java.
Preparing to unpack .../28-libplexus-component-annotations-java_2.1.0-1_all.deb ...
Unpacking libplexus-component-annotations-java (2.1.0-1) ...
Selecting previously unselected package libplexus-interpolation-java.
Preparing to unpack .../29-libplexus-interpolation-java_1.26-1_all.deb ...
Unpacking libplexus-interpolation-java (1.26-1) ...
Selecting previously unselected package libplexus-sec-dispatcher-java.
Preparing to unpack .../30-libplexus-sec-dispatcher-java_1.4-4_all.deb ...
Unpacking libplexus-sec-dispatcher-java (1.4-4) ...
Selecting previously unselected package libslf4j-java.
Preparing to unpack .../31-libslf4j-java_1.7.32-1_all.deb ...
Unpacking libslf4j-java (1.7.32-1) ...
Selecting previously unselected package libsisu-inject-java.
Preparing to unpack .../32-libsisu-inject-java_0.3.4-2_all.deb ...
Unpacking libsisu-inject-java (0.3.4-2) ...
Selecting previously unselected package libsisu-plexus-java.
Preparing to unpack .../33-libsisu-plexus-java_0.3.4-3_all.deb ...
Unpacking libsisu-plexus-java (0.3.4-3) ...
Selecting previously unselected package libmaven3-core-java.
Preparing to unpack .../34-libmaven3-core-java_3.6.3-5_all.deb ...
Unpacking libmaven3-core-java (3.6.3-5) ...
Selecting previously unselected package libwagon-file-java.
Preparing to unpack .../35-libwagon-file-java_3.3.4-1_all.deb ...
Unpacking libwagon-file-java (3.3.4-1) ...
Selecting previously unselected package libwagon-http-shaded-java.
Preparing to unpack .../36-libwagon-http-shaded-java_3.3.4-1_all.deb ...
Unpacking libwagon-http-shaded-java (3.3.4-1) ...
Selecting previously unselected package maven.
Preparing to unpack .../37-maven_3.6.3-5_all.deb ...
Unpacking maven (3.6.3-5) ...
Setting up libslf4j-java (1.7.32-1) ...
Setting up libplexus-utils2-java (3.3.0-1) ...
Setting up libplexus-classworlds-java (2.6.0-1) ...
Setting up libjsr305-java (0.1~+svn49-11) ...
Setting up java-common (0.72build2) ...
Setting up libaopalliance-java (20070526-6) ...
Setting up libcommons-cli-java (1.4-2) ...
Setting up libplexus-component-annotations-java (2.1.0-1) ...
Setting up libplexus-cipher-java (1.8-2) ...
Setting up libgeronimo-annotation-1.3-spec-java (1.3-1) ...
Setting up libgeronimo-interceptor-3.0-spec-java (1.0.1-4fakesync) ...
Setting up libapache-pom-java (18-1) ...
Setting up libatinject-jsr330-api-java (1.0+ds1-5) ...
Setting up libplexus-interpolation-java (1.26-1) ...
Setting up libpcsclite1:amd64 (1.9.5-3ubuntu1) ...
Setting up libplexus-sec-dispatcher-java (1.4-4) ...
Setting up libwagon-http-shaded-java (3.3.4-1) ...
Setting up libcdi-api-java (1.2-3) ...
Setting up libhawtjni-runtime-java (1.17-1) ...
Setting up libwagon-provider-api-java (3.3.4-1) ...
Setting up libmaven-parent-java (31-2) ...
Setting up libcommons-parent-java (43-1) ...
Setting up libsisu-inject-java (0.3.4-2) ...
Setting up libsisu-plexus-java (0.3.4-3) ...
Setting up libmaven-resolver-java (1.4.2-3build1) ...
Setting up libguava-java (29.0-6) ...
Setting up libcommons-lang3-java (3.11-1) ...
Setting up libjansi-native-java (1.8-1) ...
Setting up libwagon-file-java (3.3.4-1) ...
Setting up libcommons-io-java (2.11.0-2) ...
Setting up libguice-java (4.2.3-2) ...
Setting up libjansi-java (1.18-1) ...
Setting up libmaven-shared-utils-java (3.3.0-1) ...
Setting up libmaven3-core-java (3.6.3-5) ...
Setting up default-jre-headless (2:1.11-72build2) ...
Setting up openjdk-11-jre-headless:amd64 (11.0.20.1+1-0ubuntu1~22.04) ...
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/java to provide /usr/bin/java (java) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/jjs to provide /usr/bin/jjs (jjs) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/keytool to provide /usr/bin/keytool (keytool) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/rmid to provide /usr/bin/rmid (rmid) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/rmiregistry to provide /usr/bin/rmiregistry (rmiregistry) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/pack200 to provide /usr/bin/pack200 (pack200) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/bin/unpack200 to provide /usr/bin/unpack200 (unpack200) in auto mode
update-alternatives: using /usr/lib/jvm/java-11-openjdk-amd64/lib/jexec to provide /usr/bin/jexec (jexec) in auto mode
Setting up maven (3.6.3-5) ...
update-alternatives: using /usr/share/maven/bin/mvn to provide /usr/bin/mvn (mvn) in auto mode
Setting up ca-certificates-java (20190909ubuntu1.2) ...
head: cannot open '/etc/ssl/certs/java/cacerts' for reading: No such file or directory
Adding debian:HARICA_TLS_RSA_Root_CA_2021.pem
Adding debian:Buypass_Class_2_Root_CA.pem
Adding debian:Certainly_Root_E1.pem
Adding debian:vTrus_ECC_Root_CA.pem
Adding debian:D-TRUST_BR_Root_CA_1_2020.pem
Adding debian:Microsec_e-Szigno_Root_CA_2009.pem
Adding debian:XRamp_Global_CA_Root.pem
Adding debian:Certigna_Root_CA.pem
Adding debian:HARICA_TLS_ECC_Root_CA_2021.pem
Adding debian:Entrust_Root_Certification_Authority_-_G4.pem
Adding debian:T-TeleSec_GlobalRoot_Class_3.pem
Adding debian:QuoVadis_Root_CA_1_G3.pem
Adding debian:Certainly_Root_R1.pem
Adding debian:AC_RAIZ_FNMT-RCM.pem
Adding debian:USERTrust_RSA_Certification_Authority.pem
Adding debian:SSL.com_EV_Root_Certification_Authority_RSA_R2.pem
Adding debian:CFCA_EV_ROOT.pem
Adding debian:D-TRUST_Root_Class_3_CA_2_EV_2009.pem
Adding debian:ISRG_Root_X2.pem
Adding debian:DigiCert_High_Assurance_EV_Root_CA.pem
Adding debian:DigiCert_Assured_ID_Root_CA.pem
Adding debian:GTS_Root_R4.pem
Adding debian:Go_Daddy_Root_Certificate_Authority_-_G2.pem
Adding debian:Actalis_Authentication_Root_CA.pem
Adding debian:Hongkong_Post_Root_CA_3.pem
Adding debian:GlobalSign_Root_CA_-_R3.pem
Adding debian:ANF_Secure_Server_Root_CA.pem
Adding debian:Security_Communication_Root_CA.pem
Adding debian:GTS_Root_R3.pem
Adding debian:GlobalSign_ECC_Root_CA_-_R5.pem
Adding debian:Trustwave_Global_ECC_P256_Certification_Authority.pem
Adding debian:Amazon_Root_CA_2.pem
Adding debian:GLOBALTRUST_2020.pem
Adding debian:Certigna.pem
Adding debian:GlobalSign_Root_CA.pem
Adding debian:GlobalSign_ECC_Root_CA_-_R4.pem
Adding debian:COMODO_RSA_Certification_Authority.pem
Adding debian:GlobalSign_Root_R46.pem
Adding debian:DigiCert_Global_Root_G2.pem
Adding debian:SecureSign_RootCA11.pem
Adding debian:SZAFIR_ROOT_CA2.pem
Adding debian:Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068.pem
Adding debian:GTS_Root_R2.pem
Adding debian:vTrus_Root_CA.pem
Adding debian:AffirmTrust_Premium_ECC.pem
Adding debian:Trustwave_Global_Certification_Authority.pem
Adding debian:SSL.com_Root_Certification_Authority_ECC.pem
Adding debian:DigiCert_Trusted_Root_G4.pem
Adding debian:NAVER_Global_Root_Certification_Authority.pem
Adding debian:Baltimore_CyberTrust_Root.pem
Adding debian:E-Tugra_Certification_Authority.pem
Adding debian:T-TeleSec_GlobalRoot_Class_2.pem
Adding debian:Certum_Trusted_Network_CA.pem
Adding debian:SwissSign_Gold_CA_-_G2.pem
Adding debian:Hongkong_Post_Root_CA_1.pem
Adding debian:Entrust_Root_Certification_Authority.pem
Adding debian:Certum_Trusted_Root_CA.pem
Adding debian:USERTrust_ECC_Certification_Authority.pem
Adding debian:emSign_ECC_Root_CA_-_G3.pem
Adding debian:Microsoft_ECC_Root_Certificate_Authority_2017.pem
Adding debian:Trustwave_Global_ECC_P384_Certification_Authority.pem
Adding debian:DigiCert_Global_Root_G3.pem
Adding debian:ISRG_Root_X1.pem
Adding debian:SSL.com_EV_Root_Certification_Authority_ECC.pem
Adding debian:GDCA_TrustAUTH_R5_ROOT.pem
Adding debian:Certum_EC-384_CA.pem
Adding debian:Go_Daddy_Class_2_CA.pem
Adding debian:GTS_Root_R1.pem
Adding debian:COMODO_ECC_Certification_Authority.pem
Adding debian:NetLock_Arany_=Class_Gold=_Főtanúsítvány.pem
Adding debian:emSign_Root_CA_-_G1.pem
Adding debian:UCA_Global_G2_Root.pem
Adding debian:Security_Communication_ECC_RootCA1.pem
Adding debian:QuoVadis_Root_CA_2_G3.pem
Adding debian:Certum_Trusted_Network_CA_2.pem
Adding debian:IdenTrust_Public_Sector_Root_CA_1.pem
Adding debian:Entrust.net_Premium_2048_Secure_Server_CA.pem
Adding debian:QuoVadis_Root_CA_2.pem
Adding debian:ACCVRAIZ1.pem
Adding debian:TeliaSonera_Root_CA_v1.pem
Adding debian:SecureTrust_CA.pem
Adding debian:OISTE_WISeKey_Global_Root_GB_CA.pem
Adding debian:DigiCert_TLS_RSA4096_Root_G5.pem
Adding debian:ePKI_Root_Certification_Authority.pem
Adding debian:AffirmTrust_Networking.pem
Adding debian:TWCA_Global_Root_CA.pem
Adding debian:Hellenic_Academic_and_Research_Institutions_ECC_RootCA_2015.pem
Adding debian:QuoVadis_Root_CA_3_G3.pem
Adding debian:TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem
Adding debian:D-TRUST_Root_Class_3_CA_2_2009.pem
Adding debian:certSIGN_ROOT_CA.pem
Adding debian:emSign_Root_CA_-_C1.pem
Adding debian:E-Tugra_Global_Root_CA_RSA_v3.pem
Adding debian:GlobalSign_Root_CA_-_R6.pem
Adding debian:Amazon_Root_CA_1.pem
Adding debian:TWCA_Root_Certification_Authority.pem
Adding debian:IdenTrust_Commercial_Root_CA_1.pem
Adding debian:Starfield_Root_Certificate_Authority_-_G2.pem
Adding debian:DigiCert_TLS_ECC_P384_Root_G5.pem
Adding debian:SwissSign_Silver_CA_-_G2.pem
Adding debian:Telia_Root_CA_v2.pem
Adding debian:Autoridad_de_Certificacion_Firmaprofesional_CIF_A62634068_2.pem
Adding debian:HiPKI_Root_CA_-_G1.pem
Adding debian:certSIGN_Root_CA_G2.pem
Adding debian:e-Szigno_Root_CA_2017.pem
Adding debian:DigiCert_Assured_ID_Root_G3.pem
Adding debian:COMODO_Certification_Authority.pem
Adding debian:Buypass_Class_3_Root_CA.pem
Adding debian:AffirmTrust_Premium.pem
Adding debian:CA_Disig_Root_R2.pem
Adding debian:D-TRUST_EV_Root_CA_1_2020.pem
Adding debian:QuoVadis_Root_CA_3.pem
Adding debian:UCA_Extended_Validation_Root.pem
Adding debian:TunTrust_Root_CA.pem
Adding debian:AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS.pem
Adding debian:Amazon_Root_CA_3.pem
Adding debian:emSign_ECC_Root_CA_-_C3.pem
Adding debian:Secure_Global_CA.pem
Adding debian:Amazon_Root_CA_4.pem
Adding debian:Comodo_AAA_Services_root.pem
Adding debian:DigiCert_Assured_ID_Root_G2.pem
Adding debian:Starfield_Services_Root_Certificate_Authority_-_G2.pem
Adding debian:AffirmTrust_Commercial.pem
Adding debian:Starfield_Class_2_CA.pem
Adding debian:Security_Communication_RootCA2.pem
Adding debian:Entrust_Root_Certification_Authority_-_EC1.pem
Adding debian:DigiCert_Global_Root_CA.pem
Adding debian:OISTE_WISeKey_Global_Root_GC_CA.pem
Adding debian:E-Tugra_Global_Root_CA_ECC_v3.pem
Adding debian:Hellenic_Academic_and_Research_Institutions_RootCA_2015.pem
Adding debian:SSL.com_Root_Certification_Authority_RSA.pem
Adding debian:Izenpe.com.pem
Adding debian:Entrust_Root_Certification_Authority_-_G2.pem
Adding debian:Microsoft_RSA_Root_Certificate_Authority_2017.pem
Adding debian:GlobalSign_Root_E46.pem
Adding debian:Atos_TrustedRoot_2011.pem
Adding debian:Security_Communication_RootCA3.pem
done.
Processing triggers for libc-bin (2.35-0ubuntu3.4) ...
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for ca-certificates (20230311ubuntu0.22.04.1) ...
Updating certificates in /etc/ssl/certs...
0 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
done.
And use it to upload a file to test
$ cat settings.xml
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>maven-releases</id>
<username>deployuser</username>
<password>MyDeployUserPassword</password>
</server>
</servers>
<pluginGroups></pluginGroups>
<proxies></proxies>
<mirrors></mirrors>
<profiles></profiles>
</settings>
$ mvn --settings ./settings.xml deploy:deploy-file -DgroupId=science.freshbrewed -DartifactId=project -Dversion=1.0.2 -
DgeneratePom=true -Dpackaging=zip -DrepositoryId=maven-releases -Durl=https://nexus.freshbrewed.science/repository/maven-releases -Dfile=test.zip
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------< org.apache.maven:standalone-pom >-------------------
[INFO] Building Maven Stub Project (No POM) 1
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-deploy-plugin:2.7:deploy-file (default-cli) @ standalone-pom ---
Uploading to maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/1.0.2/project-1.0.2.zip
Uploaded to maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/1.0.2/project-1.0.2.zip (745 B at 380 B/s)
Uploading to maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/1.0.2/project-1.0.2.pom
Uploaded to maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/1.0.2/project-1.0.2.pom (429 B at 394 B/s)
Downloading from maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/maven-metadata.xml
Downloaded from maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/maven-metadata.xml (337 B at 1.1 kB/s)
Uploading to maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/maven-metadata.xml
Uploaded to maven-releases: https://nexus.freshbrewed.science/repository/maven-releases/science/freshbrewed/project/maven-metadata.xml (368 B at 421 B/s)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.689 s
[INFO] Finished at: 2023-11-08T22:16:25-06:00
[INFO] ------------------------------------------------------------------------
You can see it in the repo
So now let’s add our file to Nexus
name: BuildResume
run-name: ${{ gitea.actor }} building Resume
on: [push]
jobs:
Build-Resume:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: apt
run: |
# if running as non-root, add sudo
apt update
apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2 maven zip
- name: Npm
run: |
npm install
- name: NpmMakePDF
run: |
# need no sandbox for root user
npm run makepdfr
- name: debug
run: |
set -x
pwd
ls -ltra
export
- name: mavensettings
run: |
cat <<EOF > ${{ gitea.workspace }}/settings.xml
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>maven-releases</id>
<username>deployuser</username>
<password>${{secrets.MAVENPASSWORD}}</password>
</server>
</servers>
<pluginGroups></pluginGroups>
<proxies></proxies>
<mirrors></mirrors>
<profiles></profiles>
</settings>
EOF
- name: zipAndMaven
run: |
zip ${{ gitea.workspace }}/test.zip ${{ gitea.workspace }}/resume.pdf
mvn --settings ${{ gitea.workspace }}/settings.xml deploy:deploy-file -DgroupId=science.freshbrewed -DartifactId=project -Dversion=1.0.$GITHUB_RUN_NUMBER -DgeneratePom=true -Dpackaging=zip -DrepositoryId=maven-releases -Durl=https://nexus.freshbrewed.science/repository/maven-releases -Dfile=${{ gitea.workspace }}/test.zip
- name: Upload the Resume Artifact
uses: actions/upload-artifact@v3
with:
name: Resume-${{ github.run_number }}.pdf
path: ${{ gitea.workspace }}/resume.pdf
- run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
- run: echo "🖥️ The workflow is now ready to test your code on the runner."
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ gitea.status }}."
which ran and uploaded the zip
Which we can see uploaded to Nexus
We can see the PDF in the Zip
We can search Nexus for it as well to find the latest copy.
We can also browse the HTML Backend and get a direct link
Warp Up / Walk through
The final version of the build.yaml (Available at https://gitea.freshbrewed.science/builder/PublicResume/src/branch/main/.gitea/workflows/build.yaml):
name: BuildResume
run-name: ${{ gitea.actor }} building Resume
on: [push]
jobs:
Build-Resume:
runs-on: ubuntu-latest
steps:
- name: Check out repository code
uses: actions/checkout@v3
- name: apt
run: |
# if running as non-root, add sudo
apt update
apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2 maven zip
- name: Npm
run: |
npm install
- name: NpmMakePDF
run: |
# need no sandbox for root user
npm run makepdfr
- name: debug
run: |
set -x
pwd
ls -ltra
export
- name: mavensettings
run: |
cat <<EOF > ${{ gitea.workspace }}/settings.xml
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>maven-releases</id>
<username>deployuser</username>
<password>${{secrets.MAVENPASSWORD}}</password>
</server>
</servers>
<pluginGroups></pluginGroups>
<proxies></proxies>
<mirrors></mirrors>
<profiles></profiles>
</settings>
EOF
- name: zipAndMaven
run: |
zip ${{ gitea.workspace }}/test.zip ${{ gitea.workspace }}/resume.pdf
mvn --settings ${{ gitea.workspace }}/settings.xml deploy:deploy-file -DgroupId=science.freshbrewed -DartifactId=project -Dversion=1.0.$GITHUB_RUN_NUMBER -DgeneratePom=true -Dpackaging=zip -DrepositoryId=maven-releases -Durl=https://nexus.freshbrewed.science/repository/maven-releases -Dfile=${{ gitea.workspace }}/test.zip
- name: Upload the Resume Artifact
uses: actions/upload-artifact@v3
with:
name: Resume-${{ github.run_number }}.pdf
path: ${{ gitea.workspace }}/resume.pdf
- run: echo "💡 The ${{ gitea.repository }} repository has been cloned to the runner."
- run: echo "🖥️ The workflow is now ready to test your code on the runner."
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ gitea.status }}."
And the release.yaml (Available at https://gitea.freshbrewed.science/builder/PublicResume/src/branch/main/.gitea/workflows/release.yaml)
name: release
run-name: ${{ gitea.actor }} Releasing Resume
on:
push:
tags:
- '*'
jobs:
Release-Resume:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: setup go
uses: https://github.com/actions/setup-go@v4
with:
go-version: '>=1.20.1'
- name: apt
run: |
# if running as non-root, add sudo
apt update
apt install -y libnss3-dev libgdk-pixbuf2.0-dev libgtk-3-dev libxss-dev libasound2
- name: Npm
run: |
npm install
- name: NpmMakePDF
run: |
# need no sandbox for root user
npm run makepdfr
- name: debug
run: |
set -x
pwd
ls -ltra
export
- name: Upload the Resume Artifact
uses: actions/upload-artifact@v3
with:
name: Resume-${{ github.run_number }}.pdf
path: ${{ gitea.workspace }}/resume.pdf
- name: Create Release
id: use-go-action
uses: https://gitea.com/actions/release-action@main
with:
files: |-
*.pdf
api_key: ${{secrets.RELEASE_TOKEN}}
- name: List files in the repository
run: |
ls ${{ gitea.workspace }}
- run: echo "🍏 This job's status is ${{ gitea.status }}."
Let’s show a demo of adding some content:
Summary
I clearly have some work to turn this into a real resume, however the foundations are set. The format as markdown means I can generate PDF or DOCX quite easily. Because it’s in a GIT repo, we can create PRs and various versions. We installed the OS version of Sonatype Nexus, albeit not in HA mode. This gives us a decent on-prem artifact sharing mechanism we could engage with using maven. Lastly, we worked out a working build YAML and showed an end-to-end demo.
My next move will be to create branch builds that would be pathed differently as well as generate Docx versions. I want some form of tagging to indicate versions that have been released (sent out). I need to have the version bundled into the File itself for actual Document revision tracking. Lastly, I want some form of a front page or link in my Github profile. That is mostly because pointing someone at a Nexus URL doesn’t seem like the best user experience.
