1. 概述
maven仓库在sonatype管理,所以我们要在sonatype上创建账号并提交一个“我想发布项目”的issue。
另外,group id
不要再使用com.github.xxx
了!这个已经无效了!附图如下:
2. 在sonatype上发布issue
2.1. 创建sonatype账号
基操,不解释。登陆后可以选择中文界面。
sonatype网址System Dashboard - Sonatype JIRA
创建账号地址Sign up for Jira - Sonatype JIRA
2.2. 提issue
找到 提issue 的入口
2.3. 编辑issue
- 项目:Community Support - Open Source Project Repository Hosting (OSSRH)
- 问题类型:New Project
- 摘要:填项目名称就好
- group id:
- 如果是创建在git上的话,需要写成
io.github.xxx
- 如果是其他com.xxx地址的话,地址必须是可以访问的
- 如果是创建在git上的话,需要写成
- project URL 和 SCM url:比如我的git上一个项目地址是github.com/HollandZang…
- project URL:github.com/HollandZang…
- SCM url:github.com/HollandZang…
其他项默认和不填就行,依然能够审核通过
2.4. 等待答复、修改后重新提交
当管理员留下了修改意见之后,会把状态从open改成watting for response。
按照意向整改完成后,一定要记得点击response,把状态重新open,这样管理员才会继续跟进这个issue。
response按钮在这个位置。
点击response后的状态变更记录:
2.5. issue关闭
3. 配置GPG
3.1. 下载安装
从www.gnupg.org/download/下载 GnuPG 的二进制文件 或使用您最喜欢的包管理器安装它,并通过运行带有--version
标志的 gpg 命令来验证它。
$ gpg --version
gpg (GnuPG) 2.2.19
libgcrypt 1.8.5
Copyright (C) 2019 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Home: /home/mylocaluser/.gnupg
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
CAMELLIA128, CAMELLIA192, CAMELLIA256
Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
Compression: Uncompressed, ZIP, ZLIB, BZIP2
3.2. 生成密钥对
$ gpg --gen-key
gpg (GnuPG) 2.2.19; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: Central Repo Test //输入名称
Email address: central@example.com //输入邮箱
You selected this USER-ID:
"Central Repo Test <central@example.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O //输入'O',OK
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key 8190C4130ABA0F98 marked as ultimately trusted
gpg: revocation certificate stored as
'/home/mylocaluser/.gnupg/openpgp-revocs.d/CA925CD6C9E8D064FF05B4728190C4130ABA0F98.rev'
public and secret key created and signed.
pub rsa3072 2021-06-23 [SC] [expires: 2023-06-23]
CA925CD6C9E8D064FF05B4728190C4130ABA0F98 //这个就是公钥
uid Central Repo Test <central@example.com>
sub rsa3072 2021-06-23 [E] [expires: 2023-06-23]
找到GnuPG
文件夹,把其下的bin
目录加入到环境变量PATH中如D:\GnuPG\bin;
。记得重启命令行工具或idea。
不然后面会提示
'gpg.exe' is not recognized as an internal or external command, operable program or batch file - Maven Release Plugin
4. 配置maven
4.1. 配置setting.xml
文件
<settings>
<servers>
<server>
<id>ossrh</id>
<username>your-jira-id</username> //sonatype的登录账号
<password>your-jira-pwd</password> //sonatype的登录密码
</server>
</servers>
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties> //这个节点是mac用的,windows配上会出错
<gpg.executable>gpg2</gpg.executable>
<gpg.passphrase>the_pass_phrase</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>
4.2. 配置pom依赖
<build>
<plugins>
<!--分发管理和认证-->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.7</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
<!--源码插件-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<!--javadoc 插件-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<!--GPG 签名组件-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<!--用于部署和发布的 Nexus Staging Maven 插件-->
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.7</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
</plugins>
</build>
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ossrh</id>
<url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
<scm>
<connection>scm:git:git://github.com/HollandZang/OSSRH-73214.git</connection>
<developerConnection>scm:git:ssh://github.com:HollandZang/OSSRH-73214.git</developerConnection>
<url>http://github.com/HollandZang/OSSRH-73214/tree/master</url>
</scm>
<developers>
<developer>
<name>HollandZang</name>
<email>zhn.pop@gmail.com</email>
</developer>
</developers>
<licenses>
<license>
<name>The Apache License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
5. 把项目发布到maven仓库
5.1. 部署到maven仓库mvn clean deploy
务必要mvn clean先,保持target干净
更新版本时也是用
mvn clean deploy
指令,但是要记得更新你的<version>
标签
第一次会有如下提示,输入第三步GPG安装时的密码
5.2 如果报错了,检查一下节点是否都存在
Invalid POM: xxxxxx Project URL missing, License information missing
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.simpligility.training</groupId>
<artifactId>ossrh-demo</artifactId>
<version>1.0</version>
<packaging>jar</packaging>
<name>ossrh-demo</name>
<description>A demo for deployment to the Central Repository via OSSRH</description>
<url>http://github.com/simpligility/ossrh-demo</url>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
<developers>
<developer>
<name>Manfred Moser</name>
<email>manfred@sonatype.com</email>
<organization>Sonatype</organization>
<organizationUrl>http://www.sonatype.com</organizationUrl>
</developer>
</developers>
<scm>
<connection>scm:git:git://github.com/simpligility/ossrh-demo.git</connection>
<developerConnection>scm:git:ssh://github.com:simpligility/ossrh-demo.git</developerConnection>
<url>http://github.com/simpligility/ossrh-demo/tree/master</url>
</scm>
</project>
5.3. 发布成功
5.3.1 等待sonatype的回复
译:激活io.github.HollandZang的中央同步。成功发布之后,组件将被发布到Central repo1.maven.org/maven2/ ,通常在30分钟内,但更新到search.maven.org 可能需要4个小时。
5.3.2 可以先查看maven仓库
证明确实上传成功了,能够被访问了
5.3.3 查看最终结果
这个时候就可以通过pom直接引入依赖了。 顺便附上这次测试用的okhttp二次封装工具。 mvnrepository.com/artifact/io…