IJPay Jar was uploaded to JitPack before , but many students reported that Jar could not be downloaded. In order to respond to the call of the masses, this time we need to submit jars to the central repository. We can use Sonatype OSSRH to submit Jars and other resources to Maven's central repository.
Sonatype OSSRH introduction:
Sonatype OSSRH uses Nexus to provide warehouse management services for open source projects. This warehouse is the so-called maven central warehouse. OSSRH allows us to submit binary files to the Maven central warehouse.
1: Deploy development binaries (snapshorts)
2: Staged releases
3: Publish a release, then sync them to the central repository.
1. Preparation
- Register an account: https://issues.sonatype.org Register an account
- Create issues for a new project: https://issues.sonatype.org Create issues
For details, please refer to IJPay's issues
Description: The jar package can be submitted only when the status of this issues is resolved
2. Review requirements
Need to add the following in pom.xml file
- 1. Provide JavaDoc and source
- 2. Use gpg or pgp to sign the file
- 3. Correct coordinates: groupId, artifactId, version
- 4. ProjectName, description, url, license, developers, scm and other information
How to add can refer to my open source project IJPay https://github.com/Javen205/IJPay/blob/master/pom.xml
3. Deploy and publish
Here I use the Maven deployment plugin so we need to add the corresponding configuration in the pom.xml file.
The general steps are as follows:
- Distribution management and certification
- Configure plugins that generate JavaDoc and sources packages
- Configure GPG auto-signed plugins
3.1 Distribution management and authentication
<distributionManagement>
<snapshotRepository>
<id>nexus-release</id>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>nexus-release</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>You need to configure the account and password of sonatype (jira) in maven_home/conf/settings.xml
<servers>
<server>
<id>nexus-release</id>
<username>sonatype用户名</username>
<password>sonatype账户的密码</password>
</server>
</servers>Special note: The nexus-release here should be consistent with the id in the snapshotRepository above
3.2 Configure plugins that generate javadoc and sources packages
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.10.3</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
<configuration>
<!-- 解决 java8 下发布到 maven 中心库时,生成 doc 的异常 -->
<additionalparam>-Xdoclint:none</additionalparam>
<encoding>${project.build.sourceEncoding}</encoding>
<outputDirectory>${basedir}</outputDirectory>
<reportOutputDirectory>${basedir}</reportOutputDirectory>
</configuration>
</plugin>
3.3 Use GPG to generate a signature key for signature
3.3.1 Using GPG tools to generate signatures
Mac computers can directly use brew to download gpg brew install gpg
installation default directory/usr/local/Cellar/gnupg/2.2.0/bin
For more information, please refer to Teacher Ruan Yifeng's blog
Note: After entering your name, email address and remarks according to the prompts, you will be prompted to enter a passphrase to protect the key. If you do not need a passphrase, press Enter. If you enter a passphrase, you must remember it. will be used . Next, the system will ask you to enter some random characters, just click on the letters and symbols of the keyboard, but don't press Enter.
3.3.2 Upload the generated public key to the Sonatype server
After generating the key, according to Sonatype's requirements, we need to upload the public key to the server
gpg --keyserver hkp://pool.sks-keyservers.net --send-keys 公钥的IDVerify it:
gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 私钥的ID3.3.3 Configure GPG auto-signed plugin
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>Configure GPG's signature in profiles in settings.xml :
</profiles>
<profile>
<id>nexus-release</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.passphrase>这里是上文生成key的passphrase</gpg.passphrase>
</properties>
</profile>
</profiles>The configuration work is basically completed here.
3.3.4 Compiling native code
Enter the directory where the project is located and executemvn clean install
3.3.5 Upload SNAPSHOT version code
First of all, for the smooth execution of subsequent operations, we need to ensure that the entire directory of the project has no local uncommitted modifications. It is best to pull it first to ensure that there are no conflicts in the subsequent steps. Then run:
mvn release:prepare
mvn release:prepare does the following:
1、Checks that your local source code does not have any modifications
2、 Writes a release.properties file with details of what it is doing
3、Modifies the pom.xml to the release versions
4、Does a build as far as “package” in order to assure itself that it’s changes have not broken the build
5、Commits the modified pom.xml files to SCM
6、Tags the trunk
7、Modifies the pom.xml to the next snapshot version
8、Commits the modified pom.xml files to SCM
If the command runs smoothly to the end, then this step is complete. If something goes wrong in the middle, you can run this command again after fixing the problem, and if you want more detailed information, you can run:
mvn release:prepare -XIf you don't want to start where you left off, but want to start all over, you can type:
mvn release:prepare -Dresume=falseIf you want to roll back, then
mvn release:rollbackIf this step is successful, upload it to https://oss.sonatype.org/content/repositories/snapshots here.
3.3.6 Upload non-SNAPSHOT version code
mvn clean deploy -P release -Dgpg.passphrase=第3.3.1步中的passphrase密码
mvn release:perform does the following
1、Checks out the tagged release into target/checkout
2、Forks a “mvn deploy site-deploy”
3、Removes the release.properties file
Note: When mvn clean deploy -P release -Dgpg.passphrase=passphrase password in step 3.3.1 is executed, if your version is snapshot, upload snapshot, if it is non-snapshot, upload non-snapshot, Maven will judge whether it is a snapshot version or an official version according to whether -SNAPSHOT is included in the version number of the module (version in the pom file).
3.3.7 Release build
Enter https://oss.sonatype.org and log in, there will be a staging Repositories on the left, click to enter, find your widget on the right panel, the status should be open, you want to set it to closed, click close on the top button
Next, the system will automatically verify the validity. If there is no error in your Group Id and pom.xml, the status will automatically become closed. If there is a problem, it will prompt you that there is a problem below. If you add a problem, you can click the drop button to delete it. Drop this component, and re-execute the uploading steps after modification.
Next you need to click the release button to release your artifact.
Notify staff in Issue
Then go back to your Issue in JIRA and write a comment. I wrote that Component has been successfully issued. Tell the staff that the release is complete and wait for their review. After passing the review, we can search for our components in the central library! The search address is: http://search.maven.org/
4. Summary
0. Configure the plugin for generating JavaDoc, source and automatic signature (gpg)
1. Execute mvn clean install on the local code to solve the compilation problem of the code itself
2. Prepare the GPG tool
3. Apply for registration of Sonatype
4. For the SNAPSHOT version, then Execute mvn release:prepare, once an error is found, you need to execute mvn release:rollback, after the project is completed, execute mvn release:clean
5. For the release version, execute mvn clean deploy -P release -Dgpg.passphrase=generate Key The password for passphrase.
5. Add badges
[](https://maven-badges.herokuapp.com/maven-central/com.github.javen205/IJPay)Just replace when using
com.github.javen205/IJPayThe above is the detailed introduction of Github open source Java project ( IJPay ) uploaded to Maven Central Repository. If you encounter problems, you can leave a message to communicate.
Recommended reading
10 minutes Publish open source library
Android Studio with Jitpack Upload aar (Library) to JCenter
Android dependency management and private server
build Git service based on CentOS