Initial Step Requirements
Step 1: Install JDK, Maven, set up a GitHub account, etc.
Set up a GitHub account if you haven’t already.
Step 3: Create a new GitHub repository.
Add an SSH key to your GitHub account
Push the code to GitHub.
Sign up for your Sonatype JIRA account
Create a JIRA Issue for your new hosted project. Make a simple request here.
Step 8: Install GNU Pg for your operating system. Confirm as follows:
C:\Users\Nadeem> GPG --version GPG (GnuPG) 2.1.15 libgcrypt 1.7.3 Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Home: C:/Users/Nadeem/AppData/Roaming/gnupg Supported algorithms: Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, CAMELLIA192, CAMELLIA256 Hash: SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224 Compression: Uncompressed, ZIP, ZLIB, BZIP2Step 9: Generate key pairs
C:\Users\Nadeem> GPG -- full-gen-key GPG (GnuPG) 2.1.15; Copyright (C) 2016 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: keybox 'C:/Users/Nadeem/AppData/Roaming/gnupg/pubring.kbx' created Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (2048) Requested keysize is 2048 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: Nadeem Mohammad Email address: [email protected] Comment: You selected this USER-ID: "Nadeem Mohammad <[email protected]>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: C:/Users/Nadeem/AppData/Roaming/gnupg/trustdb.gpg: trustdb created gpg: key 27835B3BD2A2061F marked as ultimately trusted gpg: directory 'C:/Users/Nadeem/AppData/Roaming/gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as 'C:/Users/Nadeem/AppData/Roaming/gnupg/openpgp-revocs.d\5694AA563793429557F1727835B3BD2A223A.rev' public and secret key created and signed. pub rsa2048 2016-08-29 [SC] 5694AA563793429557F1727835B3BD2A223A uid Nadeem Mohammad <[email protected]> sub rsa2048 2016-08-29 [E] C:\Users\Nadeem>Step 10: Enter your password.
Publishing steps
Step 1: Add the Distributed Management section to pom.xml.
Add a publishing plug-in to Deploy Plugin.
< Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution < Execution Execution > Execution <id>default-deploy</id> <phase>deploy</phase> <goals> <goal>deploy</goal> </goals> </execution> </executions> </plugin>Here’s how to add distribution management items to the POM:
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
<repository>
<id>ossrh</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</distributionManagement>Step 2: Add OSRH server to your Maven configuration file ~/$M2_REPO/settings.xml.
<settings>
<servers>
<server>
<id>ossrh</id>
<username>your-jira-id</username>
<password>your-jira-pwd</password>
</server>
</servers>
</settings>Note: The ID should correspond to the Servers/Server ID in settings.xml, as well as to the repository in the Snapshot library and POM file.
Step 3: Add a code management section SCM to the POM.
<scm>
<connection>scm:git:git://github.com/dexecutor/dependent-tasks-executor.git</connection>
<developerConnection>scm:git:[email protected]:yujiaao/spring-mvc-source-analysis.git</developerConnection>
<url>https://github.com/dexecutor/dependent-tasks-executor</url>
<tag>HEAD</tag>
</scm>Step 4: Add the Maven Release plugin.
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-release-plugin</artifactId> The < version > 2.5.3 < / version > < configuration > < localCheckout > true < / localCheckout > < pushChanges > false < / pushChanges > <mavenExecutorId>forked-path</mavenExecutorId> <arguments>-Dgpg.passphrase=${gpg.passphrase}</arguments> </configuration> <dependencies> <dependency> <groupId>org.apache.maven.scm</groupId> </artifactId> maven-scm-provider-gitexe</artifactId> <version>1.9.5</version> </dependency> </dependencies> </plugin>Place the GPG password in the profile corresponding to Maven Settings.xml.
<settings>
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.passphrase>[your_gpg_passphrase]</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>Added the Nexus Staging Maven plugin.
<plugin> <groupId>org.sonatype.plugins</groupId> <artifactId>nexus-staging-maven-plugin</artifactId> The < version > 1.6.7 < / version > < extensions > true < / extensions > < configuration > < serverId > ossrh < / serverId > <nexusUrl>https://oss.sonatype.org/</nexusUrl> <autoReleaseAfterClose>true</autoReleaseAfterClose> </configuration> </plugin>Step 5: Add the source code and Javadoc plug-ins.
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> < version > 3.0.1 < / version > < executions > < execution > < id > attach - sources < / id > < goals > < goal > jar < / goal > < / goals > < / execution > </executions> </plugin><plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> </encoding> utf-8 </encoding> </encoding> <execuations> <execution> <id>attach-javadoc</id> <goals> </execution> </executions> </plugin>Step 6: Configure the project signature for the release.
<profiles> <! -- GPG Signature on release --> <profile> <id>release-sign-artifacts</id> <activation> <property> <name>performRelease</name> <value>true</value> </property> </activation> <build> <plugins> <plugin> . < groupId > org, apache maven plugins < / groupId > < artifactId > maven GPG -- plugin < / artifactId > < version > 1.6 < / version > <executions> <execution> <id>sign-artifacts</id> <phase>verify</phase> <goals> <goal>sign</goal> </goals> </execution> </executions> </plugin> </plugins> </build> </profile> </profiles>Publish the GPG key pair to the GPG server:
GPG -- keyserver [KEY_SERVER] - send - key [KEY_ID] The KEY_ID aa563793429557f1727835b3bd2a223a in The above case is 5694. Some of the key servers are: pool.sks-keyservers.net gnupg.net:11371 keys.pgp.net surfnet.nl mit.eduStep 8: Release the official version!
mvn clean
mvn release:prepare
mvn release:performStep 9: Push the tag and code to the remote library.
Git push -- tags git push origin masterStep 10: Verify the Sonatype library.
Step 11: Update Sonatype’s JIRA ticket.
See the example pom.xml file for detailed configuration.
What if you make a mistake?
Step 1: Cancel this release:
Git reset -- hard HEAD~1 (You may have to do it a second time, Primaryupon when the error occurred.) git reset -- hard HEAD~1Step 2: Delete the tag.
git tag -d tagName
git push origin :refs/tags/tagName