why write this article
Now OkHttp is very popular, I have studied and studied it, the overwhelming tutorials and general tools are all used by Android, and many Android components are encapsulated in it. But OkHttp is not an Android library, it is a java library, and all JVM-based languages are It can be used.
So I wrote a general and simple package of OkHttp and put it on github. This is my first open source project, and I am a little excited. But it is only open source. I thought of submitting it to the maven central repository. But I haven't submitted it. After a day of searching, I finally succeeded.
This article roughly introduces how to publish my project to the maven central repository and the pit I rolled ( Maybe everyone thinks it's funny, just laugh if you want, I can't see it anyway o(∩_∩)o )
what is maven central repository
Be lazy, the following content is excerpted from the release project to the maven central warehouse
Maven is the most popular build tool in the Java world, and the build content covers the entire life cycle of a Java project. One of the most important functions is dependency management. Maven uniformly manages all java jar files through a cloud-like ftp site, and at the same time gives each version of each file a unified and unique coordinate. By retrieving and configuring these coordinates, developers select the components they need to build their own project environment. Therefore, through a description file called pom, we can build the environment required for the project to run on any platform. Facilitates collaboration and sharing code.
And that cloud-like ftp site is the maven central repository. Due to some irresistible factors, our access to the central warehouse is relatively slow. Therefore, in the usual working environment, we often use some mirror sites, such as Alibaba Cloud and Open Source China's warehouse mirrors. At the same time, since the commercial codes in the company cannot be published to public sites, we will also build private servers in the local area network. But whether it is a mirror or a private server, it is like a cache. Although the download speed is improved, in the end, all the jars come from the central warehouse. Therefore, if we publish the project to the maven central repository, all projects based on maven or gradle can rely on downloading your artifacts. Truly one release, available everywhere.
Benefits of publishing to a central repository
Be lazy, the following content is excerpted from the release project to the maven central warehouse
First of all, as a java practitioner, I have a deep understanding of the things I use every day, and I can be self-satisfied by publishing a project to the central warehouse. As for me, I released a project of my own, and I began to have the urge to use my off-get off work time to write some open source code to learn and pretend.
Furthermore, as an experienced java development engineer, we always accumulate some wheels or some common basic classes that we use very easily in our daily work. If we organize it, maintain it continuously, and release it to the central repository, we can avoid a lot of repetitive work. And it also avoids a lot of conflicts: in my current company, the dubbo call interface of each project will define its own Response and Request classes. Repeated definitions of the same type are as annoying as multiple inheritance of cpp. As a result, it is impossible to uniformly handle the call return value of each system. It is neither elegant nor repetitive. If we publish these basic things to the central repository, we only need to cite them. Of course, in this case, it is generally better to publish to private servers. I am just giving an example. The specific experience for everyone.
release process
Before publishing, you need to have your own project homepage and open source code. You can use GitHub or Code Cloud. The following content takes GitHub as an example
Register sonatype's Jira account
Registration address: https://issues.sonatype.org/secure/Signup!default.jspa
Registration is very simple, the important thing is that the email address must be correct, any changes in the issue will be notified by email.
It is important to note here, which is also the pit I rolled over: The Username field must use English + numbers, and must not use Chinese!!! Otherwise, the official cannot assign permissions to you, or you will be asked to register separately.
Because this Username will become this Jira and the OSS account that submitted the maven project, although there is no problem with logging in in Chinese, but there was a problem when submitting it. I tossed it for N hours, and finally asked the official personnel to solve it.
I sent an issue at that time, Let's call it issues1. At that time, the official staff asked me to modify the GroupId. After the modification, I replied that the modification was completed. After waiting for many hours, there was no response. Then I submitted another issue2 with the same content as issue1, and soon there were official staff. Said OK.
After a few minutes issue1, there was also an official reply (not one person), saying that my account XX (Chinese) could not work, let me re-register an account and reply, he helped me get it.
Since issue2 already had an official account at that time The staff replied OK, and I replied in issue1 that I had solved it in another issue. Then I happily submitted it, and after tossing for a long time, I didn't submit it, and kept saying that I had no permission... But I used that I can log in to OSS with my account, but I can’t submit it.
After a few hours of tossing, I have no choice but to go to issue2 to ask for help from the official staff, and then the brother who asked me to re-register in issue1 said in issue2 that it was because my account was in Chinese. , Unable to assign permissions, let me re-register one and reply in issue2, he helped me assign permissions...
After re-registering an account, submit it with a new account, OK...
Login to Jira
Login after registration: https://issues.sonatype.org/login.jsp
Create an Issue
Create address: https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134
This address has already selected the project and type, just fill it in directly. Of course, if you want to create a Project through the [Create] button,
select [Community Support - Open Source Project Repository Hosting (OSSRH)]
Issue TypeRequired and select [New Project]
Summary, Description Fill in it yourself, pay attention to use the E-text
Group Id: This must be noted, if you are using GitHub, it must be com.github. Your github username, for example, my project address is: https://github.com/ KeRan213539/CommonOkHttp , then my groupId is com.github.KeRan213539, of course, you can also use GitHub's Page domain name io.github. Your github username. If you have your own domain name and project address, the official staff will ask Do you have the ownership of this domain name. Be sure to use this groupId in the pom of your project, preferably the package path also uses
Project URL: is your project address
SCM url: is your project git address
Username(s): You can use it Fill in, this is the account of the partner who can assist you to submit the project, provided that he also has to register
other default values in this Jira
After creating the issue, wait for the official reply. Usually if it is 22:00 23:00, the reply will be faster. If you are lucky, you will reply in a few minutes.
When you see a reply like com.github.xxx has been prepared, now user(s) xxx can:Deploy snapshot artifacts into repository ... means OK, you can submit
Generate a key pair using GPG
While waiting for the Issue, you can make the key for the
Windows system first, and you can download the Gpg4win software to generate the key pair. Download address: https://www.gpg4win.org/download.html
There is a pit when downloading, a donation page will pop up, and then there is no place to download, and the download will not start automatically. It feels as if you can't download without donation. In fact, there is All Downloads under the download page, which has a connection files.gpg4win.org , where you can find the same version number as the latest version on the download page, download
and install. , the other can be canceled
. After the installation is complete, open CMD
Check if the installation is successful
gpg --version
Generate key pair
gpg --gen-key
Real name: Name (E)
Email address: Email
You selected this USER-ID:
"xxx [email protected] "
Change (N)ame, (E)mail, or ( O)kay/(Q)uit? o
After going down, you will be asked to enter your username and email address, as well as a Passphase (enter twice), which is equivalent to the keystore password, don't forget it.
View public key
gpg --list-keys
pub rsa2048 2017-12-16 [SC] [expires: 2019-12-16]
9DF36BF5DFB87B6F04DBCE3D63EC6544BEE6682D
uid [ultimate] xxx[email protected]
sub rsa2048 2017-12-16 [E] [expires: 2019-12-16]
9DF36BF5DFB87B6F04DBCE3D63EC6544BEE6682D is the public key
publish the public key to the PGP
keyserver gpg --keyserver hkp://pool.sks-keyservers.net --send-keys your public key
Check whether the public key is released successfully
gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys your public key
Modify Maven configuration
If your issue passes, you can start submitting the project.
Modify the maven global configuration file settings.xml, in the conf folder of the maven installation directory
<servers>
<server>
<id>oss</id>
<username>username</username>
<password>password</password>
< /server>
</servers>
The id here is to be used in pom.xml, the username and password are Jira's account password
pom.xml
<project>
...
<name>dexcoder-assistant</name>
<description>dexcoder-assistant is a rapid development kit.</description>
<url>http://www.dexcoder.com/</url>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
<developers>
<developer>
<name>selfly</name>
<email>[email protected]</email>
</developer>
</developers>
<scm>
<connection>scm:git:[email protected]:selfly/dexcoder-assistant.git</connection>
<developerConnection>scm:git:[email protected]:selfly/dexcoder-assistant.git</developerConnection>
<url>[email protected]:selfly/dexcoder-assistant.git</url>
</scm>
<profiles>
<profile>
<id>release</id>
<build>
<plugins>
<!-- Source -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- Javadoc -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<configuration>
<show>private</show>
<nohelp>true</nohelp>
<charset>UTF-8</charset>
<encoding>UTF-8</encoding>
<docencoding>UTF-8</docencoding>
<additionalparam>-Xdoclint:none</additionalparam> <!-- TODO 临时解决不规范的javadoc生成报错,后面要规范化后把这行去掉 -->
</configuration>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- GPG -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
<distributionManagement>
<snapshotRepository>
<id>oss</id>
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>oss</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
</profile>
</profiles>
...
</project>
pom.xml must include: name, description, url, licenses, developers, scm and other basic information, using Maven's profile function, only in release, create source package, document package, use GPG for digital signature.
In addition, the id in snapshotRepository and repository must be consistent with the id of server in setting.xml.
If it is a multi-module project, you only need to declare these in the parent pom.xml, and only need to modify some corresponding information in the child pom.xml, such as the name tag.
Since I am using jdk8, the format requirements for doc are stricter, and non-standard doc comments will report errors. At this time, you can configure the additionalparam parameter in the doc plugin, which has been configured in the above code. But this is only a temporary solution, Or try to use standard doc comments.
Submit project to OSS
After the maven configuration modification is completed, you can submit the project, use the command:
mvn clean deploy -P release
当执行以上 Maven 命令时,会自动弹出一个对话框,需要输入上面提到的 Passphase,它就是刚才设置的 GPG 密钥库的密码。
注意:此时上传的构件并未正式发布到中央仓库中,只是部署到 OSS 中了,下面才是真正的发布。
执行上面的命令的过程中,可能会找不到gpg.exe, 检查环境变量,发现环境变量中已经配制了gpg.exe所在的路径,但是还是报错... 如何解决? setting.xml中加入:
<profile>
<id>release</id>
<properties>
<gpg.executable>D:/Program Files (x86)/GnuPG/bin/gpg.exe</gpg.executable>
<gpg.passphrase>上面提到的 Passphase</gpg.passphrase>
</properties>
</profile>
注意 ID要与pom.xml里的发布的 profile 的ID对应
其中<gpg.executable>为你的gpg.exe的完整路径
<gpg.passphrase> 为上面提到的 Passphase,这样就不用在每次发布的时候都输入密码了,但是我发现即便有这个,有时候(只是有时,不是每次)还是要让输入密码,暂时不清楚是什么问题.
上面这2个配制也可以配制到pom.xml的gpg插件的<configuration>中,去掉<gpg.>就行,当然密码最好还是不要放在pom.xml里,因为如果你的代码开源的话,密码也一起开源了...
如何发布快照版本?
在pom.xml中的项目版本号后面加上 -SNAPSHOT 就行
在 OSS中发布
使用 Jira 账号登录 https://oss.sonatype.org,在 Staging Repositories 中查看刚才已上传的构件。
一般发布的构件不多,可以直接滚动条拉到最后就能看到自己的构件,或者更改时间排序,也可进行模糊查询定位到自己的构件
找到自己的构建后选中,并点击上方的 【Close】按钮关闭构建,这个过程有点慢,稍等几分钟
刷新页面,发现关闭成功后,再次选中自己的构建,点击上方的【Release】发布构建.
通知Sonatype 已经成功发布
在Issue中通过审核的官方回复中,通常会让你在发布成功后再次回复告知他们,在刚才那个Issue中回复已经成功发布,官方会回复你大概需要等多久才能在中央仓库中找到你的项目(10分钟左右)以及要多久才能在搜索中搜到(2个小时左右)
以后的提交过程
第一次提交才这么麻烦,以后提交只用重复maven发布,OSS中Close,Release的过程就可以了,当然需要等待的时间还是10分钟和2小时.
如果要发布新的项目,在使用相同GroupId的情况下,与上面的过程一样.只有使用不同的GroupId的时候,才会需要再去提交Issue申请.
当然如果你没有换电脑的话 GPG 的过程只需要一次就行
结束
到此发布过程就结束了.本文参考了以下文章,特别感谢这些文章的作者:
Maven 发布自己的项目到 Maven 中央仓库
[干货]--发布项目到maven中央仓库
将项目发布到Maven中央库