Java开源项目发布到maven中央仓库
来源:互联网 发布:javascript alert 编辑:程序博客网 时间:2024/04/30 05:41
相关网站:
OSS 注册地址:https://issues.sonatype.org/secure/Signup!default.jspa
OSS nexus地址:https://oss.sonatype.org
中央仓库搜索网站:http://search.maven.org/
issues.sonatype.org是一个JIRA站点,OSS用来管理流程。
oss.sonatype.org为nexus站点,构件发布是在这个oss系统上。在这里可以查询到全世界已发布的构件。
这两个网址的用户名和密码相同。
说明:
最近需要发布一个构件,看了网上一些相关博文,讲的都很详细,但对于新手果然还是有图有真相,于是斗胆拼凑在一起,图侵删。
大体流程
在sonatype上提出issue申请-->发布项目到oss nexus-->回复Issue-->oss 工作人员审核后发布到maven中心仓库
1、在sonatype提出issuse申请
1.1 注册一个 Sonatype 用户
注册地址:https://issues.sonatype.org/secure/Signup!default.jspa
填上用户名、邮箱、登陆密码等,注意用户名以后不能修改。
1.2 创建一个发布项目的 Issue
登陆后,点击create发布新的Issue。
.png)
Project和Issue Type按照下图这样选。
.png)
Group Id、Project URL等必填。
Group Id类似java的package,将唯一指定一个发布的构件。最好用属于自己的域名,这里用github也是可以的。
.png)
1.2 等待 Issue 审核通过
一般很快就有回复,回复中会提示后边需要做的事。
重要的是这两个网址,分别指出了oss snapshot和 oss staging的 repo地址。在后边的pom.xml修改时用到。
- Deploy snapshot artifacts into repository https://oss.sonatype.org/content/repositories/snapshots
- Deploy release artifacts into the staging repository https://oss.sonatype.org/service/local/staging/deploy/maven2
2、GPG 生成密钥对
2.1 安装 GPG
linux 下安装用 yum install gpg 就可以了。
ubuntu下安装 使用 apt-get,sudo apt-get install gnupg。
2.2 生成秘钥对
期间需要输入用户名,邮箱等,都不重要。重要的是Passphase,相当于密钥库密码,在后边使用maven发布构件到oss nexus的时候会用到。
命令行执行: # gpg --gen-key
$ gpg --gen-key
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? # 直接回车,使用默认的1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) # 直接回车
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) # 直接回车
Key does not expire at all
Is this correct? (y/N) Y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: your_name # 输入用户名
Email address: your_email # 输入邮箱
Comment: your_comments # 输入一些注释说明
You selected this USER-ID:
"your_name (your_comments) <your_email>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O # 输入 O 确认
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy. # 这里可以干些别的事情,动动鼠标,聊聊天,写写代码。gpg用这些信息做随机数
+++++
.+++++
# 生成的秘钥位置
gpg: ~/.gnupg/trustdb.gpg: trustdb created
gpg: key B15C5AA3 marked as ultimately trusted
public and secret key created and signed.
# 生成的秘钥信息
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/B15C5AA3 2016-09-19
Key fingerprint = DB61 9873 924C 020E 20E7 E461 0170 C912 B15C 5AA3
uid your_name (your_comments) <your_email>
sub 2048R/31A906E1 2016-09-19
gpg (GnuPG) 1.4.19; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection? # 直接回车,使用默认的1
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (2048) # 直接回车
Requested keysize is 2048 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0) # 直接回车
Key does not expire at all
Is this correct? (y/N) Y
You need a user ID to identify your key; the software constructs the user ID
from the Real Name, Comment and Email Address in this form:
"Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
Real name: your_name # 输入用户名
Email address: your_email # 输入邮箱
Comment: your_comments # 输入一些注释说明
You selected this USER-ID:
"your_name (your_comments) <your_email>"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O # 输入 O 确认
You need a Passphrase to protect your secret key.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy. # 这里可以干些别的事情,动动鼠标,聊聊天,写写代码。gpg用这些信息做随机数
+++++
.+++++
# 生成的秘钥位置
gpg: ~/.gnupg/trustdb.gpg: trustdb created
gpg: key B15C5AA3 marked as ultimately trusted
public and secret key created and signed.
# 生成的秘钥信息
gpg: checking the trustdb
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
pub 2048R/B15C5AA3 2016-09-19
Key fingerprint = DB61 9873 924C 020E 20E7 E461 0170 C912 B15C 5AA3
uid your_name (your_comments) <your_email>
sub 2048R/31A906E1 2016-09-19
之后可以用 # gpg --list-keys 查看所有生成的gpg 秘钥。
# gpg --list-keys
pub 2048R/B15C5AA3 2016-09-19
uid your_name (your_comments) <your_email>
sub 2048R/31A906E1 2016-09-19
uid your_name (your_comments) <your_email>
sub 2048R/31A906E1 2016-09-19
2.1 将公钥发布到 PGP 密钥服务器
公钥是需要上传到oss服务器的key 池子里:
# gpg --keyserver hkp://pool.sks-keyservers.net --send-keys B15C5AA3
确认已经上传成功:
# gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys B15C5AA3
3、修改Maven配置文件
oss规定了这些标签必须有:
<modelVersion>
<groupId>
<artifactId>
<version>
<packaging>
<name>
<description>
<url>
<licenses>
<scm><url>
<scm><connection>
<developers>
<groupId>
<artifactId>
<version>
<packaging>
<name>
<description>
<url>
<licenses>
<scm><url>
<scm><connection>
<developers>
还需要指定父项目:
<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>7</version>
</parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>7</version>
</parent>
除了二进制jar包,相对应的-sources.jar和-javadoc.jar也是必须的,所有这些jar以及pom.xml都需要通过PGP签名。
所以,我们需要在pom.xml里添加相应的maven插件来帮助我们生成这些东西。
3.1 修改pom.xml
一个简单的模板
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>7</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.my_name</groupId>
<artifactId>java-erasure</artifactId>
<packaging>jar</packaging>
<version>1.1-SNAPSHOT</version>
<name>java-erasure</name>
<url>https://github.com/my_name/java-erasure</url>
<description>A Java erasure codes wrapper library for Jerasure</description>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
<distribution>repo</distribution>
</license>
</licenses>
<scm>
<url>https://github.com/my_name /java-erasure</url>
<connection>scm:git:git@github.com:my_name/java-erasure.git</connection>
<developerConnection>scm:git:git@github.com:my_name/java-erasure.git</developerConnection>
<tag>HEAD</tag>
</scm>
<developers>
<developer>
<name>my_name</name>
<email>my_email</email>
<url>https://github.com/my_name</url>
</developer>
</developers>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>16.0.1</version>
</dependency>
<dependency>
<groupId>com.sun.jna</groupId>
<artifactId>jna</artifactId>
<version>3.0.9</version>
</dependency>
</dependencies>
<distributionManagement>
<snapshotRepository>
<!-- 这个id需要在setting.xml中设置,后边讲到 -->
<id>oss</id>
<name>OSS Snapshots Repository</name>
<!-- 这里的url就是Issue中回复的snapshots 的repo地址-->
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>oss</id>
<name>OSS Staging Repository</name>
<!-- 这里的url就是Issue中回复的staging 的repo地址-->
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
<build>
<plugins>
<plugin>
<!-- Source -->
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
<phase>package</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- JavaDoc -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<configuration>
<charset>UTF-8</charset>
<encoding>UTF-8</encoding>
</configuration>
<executions>
<execution>
<id>attach-javadocs</id>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- GPG -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.0</version>
<configuration>
<source>1.6</source>
<target>1.6</target>
<fork>true</fork>
<verbose>true</verbose>
<encoding>UTF-8</encoding>
<showWarnings>true</showWarnings>
</configuration>
</plugin>
<!-- JNA -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<environmentVariables>
<LD_LIBRARY_PATH>/usr/local/lib</LD_LIBRARY_PATH>
</environmentVariables>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.5.1</version>
</plugin>
</plugins>
</build>
</project>
<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>7</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.my_name</groupId>
<artifactId>java-erasure</artifactId>
<packaging>jar</packaging>
<version>1.1-SNAPSHOT</version>
<name>java-erasure</name>
<url>https://github.com/my_name/java-erasure</url>
<description>A Java erasure codes wrapper library for Jerasure</description>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
<distribution>repo</distribution>
</license>
</licenses>
<scm>
<url>https://github.com/my_name /java-erasure</url>
<connection>scm:git:git@github.com:my_name/java-erasure.git</connection>
<developerConnection>scm:git:git@github.com:my_name/java-erasure.git</developerConnection>
<tag>HEAD</tag>
</scm>
<developers>
<developer>
<name>my_name</name>
<email>my_email</email>
<url>https://github.com/my_name</url>
</developer>
</developers>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.11</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>16.0.1</version>
</dependency>
<dependency>
<groupId>com.sun.jna</groupId>
<artifactId>jna</artifactId>
<version>3.0.9</version>
</dependency>
</dependencies>
<distributionManagement>
<snapshotRepository>
<!-- 这个id需要在setting.xml中设置,后边讲到 -->
<id>oss</id>
<name>OSS Snapshots Repository</name>
<!-- 这里的url就是Issue中回复的snapshots 的repo地址-->
<url>https://oss.sonatype.org/content/repositories/snapshots/</url>
</snapshotRepository>
<repository>
<id>oss</id>
<name>OSS Staging Repository</name>
<!-- 这里的url就是Issue中回复的staging 的repo地址-->
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>
<build>
<plugins>
<plugin>
<!-- Source -->
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
<phase>package</phase>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- JavaDoc -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<configuration>
<charset>UTF-8</charset>
<encoding>UTF-8</encoding>
</configuration>
<executions>
<execution>
<id>attach-javadocs</id>
<phase>package</phase>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<!-- GPG -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.0</version>
<configuration>
<source>1.6</source>
<target>1.6</target>
<fork>true</fork>
<verbose>true</verbose>
<encoding>UTF-8</encoding>
<showWarnings>true</showWarnings>
</configuration>
</plugin>
<!-- JNA -->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<configuration>
<environmentVariables>
<LD_LIBRARY_PATH>/usr/local/lib</LD_LIBRARY_PATH>
</environmentVariables>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.5.1</version>
</plugin>
</plugins>
</build>
</project>
3.2 修改 ~/.m2/settings.xml
找到maven的全局配置文件~/.m2/settings.xml,在里面找到<servers>节点,增加如下配置:
<servers>
<server>
<id>oss</id>
<username>在sonatype注册的用户名</username>
<password>sonatype密码</password>
</server>
</servers>
<server>
<id>oss</id>
<username>在sonatype注册的用户名</username>
<password>sonatype密码</password>
</server>
</servers>
4、发布到 OSS nexus仓库中
4.1 本地发布snapshot到OSS nexus
执行deploy发布:
# mvn clean deploy
这时会弹出一个对话框,需要输入上面提到的 Passphase,它就是刚才设置的 GPG 密钥库的密码,用来确认发布者身份。
snapshot发布之后,可以在oss nexus中看到已发布的构件。但不能做什么操作,需要再发布到staging。
4.1 本地发布staging到OSS nexus中
# mvn release:prepare
# mvn release:perform
这时,构件就已经发布到oss nexus的stagng repo中了。
此时上传的构件并未正式发布到中央仓库中,只是部署到 OSS 中了,下面才是真正的发布。
4.2 从 OSS nexus中发布
使用 Sonatype 账号登录https://oss.sonatype.org/#stagingRepositories,可在 Staging Repositories 中查看刚才已上传的构件。
一般发布的构件不多,可以直接拉到底就能看到自己的构件,也可进行模糊查询定位到自己的构件(见后边附图)。
此时,该构件的状态为 Open,需要勾选它,然后点击 Close 按钮。
这里输入构件的描述信息,这个信息会在maven搜索结果出现,所以可以写详细些。
系统会自动验证该构件是否满足指定要求,当验证完毕后,状态会变为 Closed。
最后,点击 Release 按钮来发布该构件。手动刷新后看到已经发布。
附
oss nexus 中搜索 staging repo中的构件:
5、通知 Sonatype 已成功发布
5.1 在之前的在Issue下面回复,已经成功发布到oss nexus中
在Issue下面回复一条“构件已成功发布”的评论,这是为了通知 Sonatype 的工作人员为需要发布的构件做审批,发布后会关闭该Issue。
5.2 等待构件审批通过
简单的,等。
5.3 发布到maven中央仓库中
这时,就可以在maven的中央仓库中搜索到自己发布的构件了,以后可以直接在pom.xml中使用了!
6、继续发布
第一次成功发布之后,以后就不用这么麻烦了,可以直接使用Group Id发布任何的构件,当然前提是Group Id没有变。
以后的发布流程:
a)构件完成后直接使用maven在命令行上传构建;
b)在https://oss.sonatype.org/ close、release构件;
c)等待同步好(大约2小时多)之后,就可以使用了
参考:
https://www.dexcoder.com/selfly/article/4352
http://colobu.com/2014/09/30/deploy-a-project-to-maven-central/
https://www.iteblog.com/archives/1807
1 0
- Java开源项目发布到maven中央仓库
- 发布本地项目到中央maven仓库
- 发布项目到maven中央仓库
- 发布java项目到maven中央库
- 【转】发布Maven构件到中央仓库
- 发布构建到maven中央仓库
- maven 发布jar到 nexus 中央仓库
- 发布Jar包到Maven中央仓库
- 发布构件到Maven中央仓库
- 发布jar包到Maven中央仓库
- Jar发布到MAVEN中央仓库实践
- 发布Maven构件到中央仓库
- 发布Jar包到Maven中央仓库
- JAVA开源软件开发必备技能-发布构建到maven中央仓库的方法和详细步骤
- [Maven实战]发布maven项目到中央仓库(Central Repository)
- 将项目发布到 maven 中央仓库踩过的坑
- 将项目发布到Maven中央库
- 将项目发布到Maven中央库
- jsonp跨域
- nginx默认nginx.conf
- 【数据库】使用悲观锁实现线程同步,实现秒杀效果
- Android6.0权限设置
- H264 AAC/PCM 到MP4容器
- Java开源项目发布到maven中央仓库
- 关于LINUX权限-bash: ./startup.sh:
- Unity3D优化之缓存
- 类中的访问顺序
- 局域网PC 访问服务器SOCKET
- Jmete-JDBC Request与BeanShell PostProcessor的结合使用
- Eclipse中Maven常用命令以及Maven生命周期详解
- 使用mp4v2将H264+AAC合成mp4文件
- python--替换特殊字符
