Thanks for Lubos Krnac sharing this article.
He had described himself like below:
I am a Java/JavaScript developer. My religion is to constantly improve my development skills according to best practices. I strongly believe that TDD drives better design and nicely decoupled code. Past experience includes C++, Assembler and C#. You can find my blog at http://lkrnac.net/ .
This Article is From :http://www.sonatype.org/nexus/2015/01/08/deploy-to-maven-central-repository/
Do you need to make your Java library publicly accessible? Is your project hosted on GitHub? Do you like idea of “all-in-one deploy to Maven Central Repository” button? I am going to show how to set it up with usage of maven-release-plugin. Source code is hosted on GitHub, so SSH access to source control will be also described.
There are various steps needed to set up environment for your project. I followed a lot of steps from official Sonatype guide, therefore I will refer to it when needed. But this guide also describes a lot of techniques that are not needed for configuring a “deploy to Maven Central repository” button.
Consideration
My first approach was to create a Jenkins job that would represent the “Deploy to Maven Central” button. This idea is much cleaner for me than pushing from my development machine. I tried hard but couldn’t make Jenkins SSH Agent plugin register my SSH identity when the maven-release-plugin is pushing a version update to GitHub. Therefore, I created a very simple Linux Bash script that involves two steps.
1. Create Sonatype JIRA ticket for registration of your groupId
Sonatype drives one of the biggest Nexus repositories. It is needed to deploy Java artifacts before it can be synced into the Maven Central repository. In order to release the Java library into a Sonatype Nexus repository, a JIRA ticket is needed to create your user account and setup permissions to publish your own projects. The Sonatype guide includes description on how to create it.
Pick up the Maven groupId reflecting your top level domain. It is typically the same as the main Java package (e.g. com.google, not com.google.guava). This is because you don’t want to create a JIRA ticket for each project/library under your domain/main package/groupId. Here is more reading about Java package naming conventions.
This step is only necessary a first. Once your account is set up, you can do as many releases and deployments of different projects under that groupId as you want.
2. Configure your pom.xml
In the past a parent pom was the suggested use case. However the single inheritance of Maven project caused issues for many users and it is now best practice to manage all configuration in your own pom.
Luckily this setup is well documented and can easily be added to your project pom or for reuse across multiple projects to your organization pom.
3. Configure GPG signing of Maven artifact
This is needed because of security policy of Maven Central repository. Include various sub-steps:
- Installing GnuPG tool
- Generate a key pair
- Distribute your public key
- Set up signing of artifact in settings.xml (your local repository configuration).
Working with GPG is documented in more detail in the Central Repository documentation as well.
<
profiles
>
<
profile
>
<
id
>ossrh</
id
>
<
properties
>
<
gpg.keyname
>F21879F3</
gpg.keyname
>
<
gpg.passphrase
>*********</
gpg.passphrase
>
<
gpg.defaultKeyring
>false</
gpg.defaultKeyring
>
<
gpg.useagent
>true</
gpg.useagent
>
<
gpg.lockMode
>never</
gpg.lockMode
>
<
gpg.homedir
>/home/lkrnac/.gnupg</
gpg.homedir
>
<
gpg.publicKeyring
>/home/lkrnac/.gnupg/pubring.gpg</
gpg.publicKeyring
>
<
gpg.secretKeyring
>/home/lkrnac/.gnupg/secring.gpg</
gpg.secretKeyring
>
</
properties
>
</
profile
>
</
profiles
>
4. Set up your credentials for Sonatype Nexus repository
Needed for push to Sonatype Nexus repository. Same as Sonatype JIRA credentials. Again in settings.xml:
<
servers
>
<
server
>
<
id
>ossrh</
id
>
<
username
>lkrnac</
username
>
<
password
>*************</
password
>
</
server
>
</
servers
>
5. Fill pom.xml mandatory sections
6. Set up SSH access to GitHub
Follow these sub-steps:
7. Create “Deploy to Maven Central” button
Maven-release-plugin needs to push/check-in version update to source control system and tag the revision. In my case the code is hosted on GitHub. Therefore I need to register my SSH identity (generated in previous step) before invoking maven-release-plugin’s goals. This is done by bash script maven-central-deploy.sh located alongside pom.xml:
!
/bin/bash
# Deploy maven artefact in current directory into Maven central repository
# using maven-release-plugin goals
read
-p
"Really deploy to maven central repository (yes/no)? "
if
( [
"$REPLY"
==
"yes"
] )
then
ssh
-add ~/.
ssh
/lubos
.krnac
ssh
-add -l
mvn release:clean release:prepare release:perform -B -e |
tee
maven-central-deploy.log
ssh
-add -D
else
echo
'Exit without deploy'
fi
Make the script executable by: chmod +x maven-central-deploy.sh
8. Push the “Deploy to Maven Central” button
Just run: ./maven-central-deploy.sh
confirm and enter SSH private key passphase if required.
9. Release artifact via Sonatype Nexus repository
When the artifact is pushed to Sonatype Nexus repository like this, you need to release it manually. You can also setup automatic releases with the usage of the Nexus Staging plugin. Finally you need to add comments to the Sonatype JIRA issue you created at the beginning and wait until somebody reviews your artifact and sets up the sync to Maven Central. Of course the JIRA part would need to be done only once.
Link
Example project configured this way is hosted on GitHub. (It’s tiny testing library).
扫一扫
2391
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
