This the multi-page printable view of this section. Click here to print.
Maven
1 - Maven Release
1. 设置 OSSRH
1.1 创建账户
1.2 证明域名所有权
Now that you have an account the next step in the process is to prove ownership of the domain that matches the group that you’d like to publish to. Usually this is your domain name in reverse, so something like com.company
if your domain is company.com
. Since our developer community is at solace.community
this meant we would publish to the community.solace
group.
To prove that we own this domain I had to execute a few simple steps:
- Open a New Project Ticket with OSSRH.
- Follow the instructions request in the ticket to addd a DNS TXT record to our domain.
- Wait a few hours (it says it could take up to 2 business days) for the DNS TXT record to be verified.
- Check the ticket for confirmation that domain ownership has been confirmed.
- Make a note to comment on this ticket after your first release to enable syncing to maven central!
1.3 创建 Token
Now that we have permission to publish to our domain we need to create a user token for publishing. This token will be used as part of the publishing process.
To get this token do the following:
- Login to the OSSRH Nexus Repository Manager w/ your OSSRH account
- Go to your profile using the menu under your username at the top right.
- You should see a list menu that is on the
Summary
page; change it toUser Token
. You can create your token on this page. - Copy & Paste this token info so you can use it later! (Keep it private!)
2. 设置 Maven
- Ensured that my
groupId
starts with the reverse domain that we have approval to publish to! For example this is what we used, note that thegroupId
starts withcommunity.solace
. - When publishing maven projects you have releases and you have snapshots. A “release” is the final build for a version which does not change whereas a “snapshot” is a temporary build which can be replaced by another build with the same name.
- Include a description name, description and url pointing to your repository. For example,
- Include a license, source control info
scm
, developers and organization(I believe this is optional) information. - Add a profile for OSSRH which includes the
snapshotRepository
info, thenexus-staging-maven-plugin
, and themaven-gpg-plugin
. Note in the example below I have this profileactiveByDefault
so you don’t have to specify it when running maven commands, however you may not want to do this. - Include the
maven-release-plugin
, themaven-javadoc-plugin
, themaven-source-plugin
and theflatten-maven-plugin
plugin.
3. 设置 GPG 签名
3.1 创建私有 Key
Install the gpg tool; on mac you can do this by executing the command below. If you aren’t using a mac check out the instructions here
brew install gpg
Generate your key pair. You will be prompted for a “Real Name” and “Eamil Address” that you want to use with the key
gpg --gen-key
3.2 共享公共 Key
Get your keypair identifier. To do this you need to list your keys. The key will have an identifier that looks like a random string of characters, something like C48B6G0D63B854H7943892DF0C753FEC18D3F855. In the command below I’ve replaced it with
MYIDENTIFIER
to show it’s location.MJD-MacBook-Pro.local:~$ gpg --list-keys /path/to/keyring/pubring.kbx ---------------------------------------- pub rsa3072 2021-03-11 [SC] [expires: 2023-03-11] MYIDENTIFIER uid [ultimate] solacecommunity <community-github@solace.com> sub rsa3072 2021-03-11 [E] [expires: 2023-03-11]
Distribute to a key server using the identifier found in the previous step. Note that you may want to publish to a different keyserver. The one that worked for me was hkp://keyserver.ubuntu.com:11371
gpg --keyserver hkp://pool.sks-keyservers.net --send-keys MYIDENTIFIER
4. 设置 Github 密匙
基于前面的操作,在 Github 中设置以下密匙,可以以仓库或组织来设置:
OSSRH_USERNAME:OSSRH 的登录账户名
OSSRH_PASSWORD:OSSRH 中获得的 Token
OSSRH_GPG_SECRET_KEY:GPG 的私有 Key,可以通过如下命令导出
gpg --export-secret-keys -a {KEY-ID} > secret.txt
OSSRH_GPG_SECRET_KEY_PASSWORD:GPG 私有 Key 的密码,即创建 Key 时设置的密码
5. 设置 Github Action
参考仓库:infilos/maven-github-action-demo
在该仓库中,推送 main 分支会自动触发 Maven 发布,并创建对应的 Release 日志。