Without further ado, let’s talk about a few websites:
- Sonatype
- Gradle
- GitHub
This article will start from scratch, using Gradle 7 to publish Java libraries to the Maven central repository, and using GitHub Action to implement automatic release push.
Registered sonatype
Go to Issues.sonatype.org/ and set up an account
Release issue
After registering, log in to Sonatype and publish an issue
Summary: Just fill in whatever you want, I’m filling in the project name anyway.Group Id: Fill in the class libraryGroup IdIf the domain name is an independent one, you may be asked to verify the ownership of the domain nameTXTNote), the other person will remind you to add the Issue after receiving it.Project URL: Enter the project url, or GitHub address.SCM url: If the project is on GitHub, fill in the GitHub address and add.git
Just submit it like this and wait for the reply (the picture below is less than half an hour!).
You will see the following unhelpful reply:
Modify thebuild.gradleThe configuration file
Note 1: I am using Gradle version 7.1.1, please try other versions.
Note 2: My Gradle configuration file is Groovy version, please convert it to Kotlin DSL version.
First add maven-publish and Signing to your plugins.
plugins {
id 'maven-publish'
id 'signing'
}
Copy the codeThen add the following at the end of the configuration file:
java {
withJavadocJar()
withSourcesJar()
}
javadoc {
options.addStringOption("charset"."UTF-8")
if (JavaVersion.current().isJava9Compatible()) {
options.addBooleanOption('html5'.true)
}
}
publishing {
publications {
mavenJava(MavenPublication) {
artifactId = 'Component name'
from components.java
pom {
name = 'Project name'
description = 'Project Description'
url = 'project URL'
licenses {
license {
name = 'License Name'
url = 'Permit Address'
}
}
developers {
developer {
id = 'Developer ID'
name = 'Developer name'
email = 'Developer Email'
}
}
scm {
connection = 'scm:git:git://github.com/path/to/repo.git'
developerConnection = 'scm:git:ssh://github.com/path/to/repo.git'
url = 'https://github.com/path/to/repo'
}
}
}
}
repositories {
maven {
name = "OSSRH"
if (project.version.toString().endsWith("-SNAPSHOT")) {
url = "https://s01.oss.sonatype.org/content/repositories/snapshots"
} else {
url = "https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/"
}
credentials {
username = findProperty("ossrhUsername") ?: System.getenv("OSSRH_USERNAME")
password = findProperty("ossrhPassword") ?: System.getenv("OSSRH_PASSWORD")
}
}
}
}
signing {
sign(publishing.publications.mavenJava)
}
Copy the codeThe main contents are:
- Generate JavadocJar
- Generate SourcesJar
- Set the Javadoc to UTF-8 encoding
- Settings for the publisher
- The signature
Create a key
For Windows, GPG4Win can be installed through Chocolatey or Scoop
For macOS systems, GPG can be installed through Homebrew
brew install gpg
Copy the codeFor Linux, you can use the package management tool to install gnupg
sudo apt install gnupg # Debian system
sudo yum install gnupg # RedHat department
Copy the codeOnce installed, you can create a key using GPG –generate-key, remembering the password you set.
Once created, type GPG -k to view the generated key. You should see the following:
pub rsa3072 2021-07-25 [SC] [expires: 2023-07-25]
A36DDCA2B4E3D244AA685BC6C2F673BC0FEB0227
uid [ultimate] TestTest <[email protected]>
sub rsa3072 2021-07-25 [E] [expires: 2023-07-25]
Copy the codeNow identify a few nouns that will be used later in this article:
A36DDCA2B4E3D244AA685BC6C2F673BC0FEB0227forThe key fingerprintThe key fingerprintThe last 8 bits of (0FEB0227) forKEYID
Now export KeyRingFile
GPG --export-secret-keys > secret.gpgCopy the codeReplace [key fingerprint] with your actual value and it will generate secret. GPG in the current directory for later use.
Secret. GPG is now BASE64, and Windows recommends doing it under Git Bash:
base64 secret.gpg > secret.gpg.base64
Copy the codeNow upload the public key to the public keyserver (Sonatype looks for the public key on multiple servers, such as keys.gnupg.net, pool.sks-keyservers.net, keyserver.ubuntu.com), and try the other two if one server cannot upload.
Ubuntu.com --send-keysCopy the code“Last Step” GitHub Action!
Create the following files
name: Publish package to the Maven Central Repository
on:
release:
types: [created]
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v2
with:
java-version: "11"
distribution: "adopt"
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build
- name: Decode
run: | echo "${{secrets.SIGNING_SECRET_KEY_RING_FILE}}" > ~/.gradle/secring.gpg.base64 base64 -d ~/.gradle/secring.gpg.base64 > ~/.gradle/secring.gpg - name: Publish package
run: gradle publish -Psigning.keyId=${{secrets.SIGNING_KEY_ID}} -Psigning.password=${{secrets.SIGNING_KEY_PASSWORD}} -Psigning.secretKeyRingFile=$(echo ~/.gradle/secring.gpg)
env:
OSSRH_USERNAME: The ${{ secrets.OSSRH_USERNAME }}
OSSRH_PASSWORD: The ${{ secrets.OSSRH_PASSWORD }}
Copy the codeCreate the following Secrets:
Among them:
OSSRH_USERNAME: Your Sonatype usernameOSSRH_PASSWORD: Your Sonatype passwordSIGNING_KEY_ID: Mentioned aboveKEYID, eightSIGNING_KEY_PASSWORD: Specifies the private key passwordSIGNING_SECRET_KEY_RING_FILE:secret.gpg.base64The contents of the
End and spend
Release on GitHub, open s01.oss.sonatype.org/, click on the left Staging Repositories, and you’ll see the release you just released in the list.
Click Close. If successful, click Release to publish the class library to the Maven central repository.