跳至主要内容

Deploy to Maven Central

Deploy to Maven Central

Recently, we need to deploy some jar to maven for open source reason, so we through some trial and errors finally make it. This blog is for future reader for review.

Registration

Introduction to Sonatype OSSRH

Sonatype OSSRH uses Nexus to provide deployment service for open source project, and this repo is called maven central, in which OSSRH all us to submit and download binary jar.

Registration

  • Create an account of JIRA
  • Create a new issue about your deploy request

Notice:

  • Only when this issue’s state change to RESOLVED, we can start to deploy jar;
  • If we deploy on behalf of yourself, we should be careful about groupId: e.g. our project is put on github called syncer, so groupId can be com.github.zzt93;

Update POM

After the registration and issue resolved, we need to add more info in pom to do the deployment: name, description, url, groupId, artifactId, version, license, developers, scm

<name>${project.groupId}:${project.artifactId}</name>
<url>https://github.com/0604hx/nerve-tools</url>
<description></description>

<licenses>
    <license>
        <name>The Apache License, Version 2.0</name>
        <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
    </license>
</licenses>
<developers>
    <developer>
        <name>0604hx</name>
        <email>zxingming@foxmail.com</email>
        <roles>
            <role>developer</role>
        </roles>
        <timezone>+8</timezone>
    </developer>
</developers>
<scm>
    <connection>scm:git:https://github.com/0604hx/nerve-`tools.git</connection>
    <developerConnection>scm:git:https://github.com/0604hx/nerve-tools.git</developerConnection>
    <url>https://github.com/0604hx/nerve-tools</url>
    <tag>v${project.version}</tag>
</scm>

Then, add distributionManagement:

<distributionManagement>
    <snapshotRepository>
        <id>ossrh</id>
        <url>https://oss.sonatype.org/content/repositories/snapshots</url>
    </snapshotRepository>
    <repository>
        <id>ossrh</id>
        <name>Maven Central Staging Repository</name>
        <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
    </repository>
</distributionManagement>

Then related plugins: staging for release, add javadoc, add source, use gpg to sign

<plugins>
    <plugin>
        <groupId>org.sonatype.plugins</groupId>
        <artifactId>nexus-staging-maven-plugin</artifactId>
        <version>1.6.3</version>
        <extensions>true</extensions>
        <configuration>
            <serverId>ossrh</serverId>
            <nexusUrl>https://oss.sonatype.org/</nexusUrl>
            <autoReleaseAfterClose>false</autoReleaseAfterClose>
        </configuration>
    </plugin>
    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-javadoc-plugin</artifactId>
        <version>2.10.3</version>
        <executions>
            <execution>
                <id>attach-javadocs</id>
                <goals>
                    <goal>jar</goal>
                </goals>
            </execution>
        </executions>
    </plugin>
    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-source-plugin</artifactId>
        <executions>
            <execution>
                <id>attach-sources</id>
                <goals>
                    <goal>jar-no-fork</goal>
                </goals>
            </execution>
        </executions>
    </plugin>
    <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-gpg-plugin</artifactId>
        <version>1.6</version>
        <executions>
            <execution>
                <id>sign-artifacts</id>
                <phase>verify</phase>
                <goals>
                    <goal>sign</goal>
                </goals>
            </execution>
        </executions>
    </plugin>
</plugins>

Generate & Send Key

Since other people need our public key to verify our jars, we need to distribute our public key to a key server:

gpg --gen-key
gpg --keyserver http://keyserver.ubuntu.com:11371/ --send-keys KEY_ID

If you met the following error when signing jar file:

signing failed: Inappropriate ioctl for device

Here gives the solution:

export GPG_TTY=$(tty)

Update setting.xml

Add account & password in OSSRH, add profile of gpg for sign

    <server>
      <id>ossrh</id>
      <username>your-jira-id</username>
      <password>your-jira-pwd</password>
    </server>

...

    <profile>
      <id>ossrh</id>
      <activation>
        <activeByDefault>true</activeByDefault>
      </activation>
      <properties>
        <gpg.executable>gpg2</gpg.executable>
        <gpg.passphrase>the_pass_phrase</gpg.passphrase>
      </properties>
    </profile>

Deploy

mvn deploy -Dmaven.test.skip=true -e

No secret key

If maven compile that:

gpg: no default secret key: No secret key

it means that the phase of [Generate Key] failed, no secret key is not found.

No public key:Key with id

If the following error shows:

No public key:Key with id

It means that the command gpg --send-keys xx failed, try other key servers in the list of trying one instead.

Release

When last step succeeds, we have already upload our release (non-snapshot) artifacts to the remote repo, but we actually only upload it to a staging repo:

<snapshotRepository>
    <id>ossrh</id>
    <url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
    <id>ossrh</id>
    <name>Maven Central Staging Repository</name>
    <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>

In order to release it, we need:

After you successfully release, your component will be published to Central, typically within 10 minutes, though updates to search.maven.org can take up to two hours.

On the other hands, our snapshot artifact is no need to have above release operation, we can access it if we have snapshot repo in our pom:

<repository>  
    <id>ossrh</id>  
    <url>https://oss.sonatype.org/content/repositories/snapshots</url>  
</repository>

Ref

Written with StackEdit.

评论

发表评论

此博客中的热门博文

Spring Boot: Customize Environment

Spring Boot: Customize Environment Environment variable is a very commonly used feature in daily programming: used in init script used in startup configuration used by logging etc In Spring Boot, all environment variables are a part of properties in Spring context and managed by Environment abstraction. Because Spring Boot can handle the parse of configuration files, when we want to implement a project which uses yml file as a separate config file, we choose the Spring Boot. The following is the problems we met when we implementing the parse of yml file and it is recorded for future reader. Bind to Class Property values can be injected directly into your beans using the @Value annotation, accessed via Spring’s Environment abstraction or bound to structured objects via @ConfigurationProperties. As the document says, there exists three ways to access properties in *.properties or *.yml : @Value : access single value Environment : can access multi
5 条评论
阅读全文

Elasticsearch: Join and SubQuery

Elasticsearch: Join and SubQuery Tony was bothered by the recent change of search engine requirement: they want the functionality of SQL-like join in Elasticsearch! “They are crazy! How can they think like that. Didn’t they understand that Elasticsearch is kind-of NoSQL 1 in which every index should be independent and self-contained? In this way, every index can work independently and scale as they like without considering other indexes, so the performance can boost. Following this design principle, Elasticsearch has little related supports.” Tony thought, after listening their requirements. Leader notice tony’s unwillingness and said, “Maybe it is hard to do, but the requirement is reasonable. We need to search person by his friends, didn’t we? What’s more, the harder to implement, the more you can learn from it, right?” Tony thought leader’s word does make sense so he set out to do the related implementations Application-Side Join “The first implementation
发表评论
阅读全文

Implement isdigit

It is seems very easy to implement c library function isdigit , but for a library code, performance is very important. So we will try to implement it and make it faster. Function So, first we make it right. int isdigit ( char c) { return c >= '0' && c <= '9' ; } Improvements One – Macro When it comes to performance for c code, macro can always be tried. #define isdigit (c) c >= '0' && c <= '9' Two – Table Upper version use two comparison and one logical operation, but we can do better with more space: # define isdigit(c) table[c] This works and faster, but somewhat wasteful. We need only one bit to represent true or false, but we use a int. So what to do? There are many similar functions like isalpha(), isupper ... in c header file, so we can combine them into one int and get result by table[c]&SOME_BIT , which is what source do. Source code of ctype.h : # define _ISbit(bit) (1 << (
发表评论
阅读全文