将项目发布到Maven中央仓库时关于GPG的一些操作日志

1、Gpg4win

官网地址: https://www.gpg4win.org/download.html

2、安装Gpg4win

正常安装之后,会自动将 GnuPG\bin 添加到环境变量 Path 中,便于CMD中使用gpg命令。

3、生成加密套件

# 如果之前存在密钥,请先清除
gpg --delete-secret-key 上次设置的Name

# 生成公钥:跟着提示走,输入用户名,邮箱,Ok即可
gpg --gen-key

# 将生成的信息记录下来,包括:
#   gpg: key 指纹
#   pub:公钥有效期以及内容
#   uid:所有者信息
#   最重要的:刚才输入的私钥

4、上传公钥

在发布项目之前,需要将上一步生成的公钥上传到加密服务器,主要有以下这三个:

http://keyserver.ubuntu.com:11371
http://keys.openpgp.org:11371
http://pool.sks-keyservers.net:11371

上传命令:

gpg --keyserver hkp://keyserver.ubuntu.com:11371 --send-keys 公钥串
gpg --keyserver hkp://keys.openpgp.org:11371 --send-keys  公钥串
gpg --keyserver hkp://pool.sks-keyservers.net:11371 --send-keys  公钥串

检测结果:

gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 公钥串
gpg --keyserver hkp://keys.openpgp.org:11371 --recv-keys 公钥串
gpg --keyserver hkp://pool.sks-keyservers.net:11371 --recv-keys 公钥串

这三个加密服务器只需要成功一个就可以,不必全部成功。

5、附:Maven配置(settings.xml)

<?xml version="1.0" encoding="UTF-8"?>

<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">

  <localRepository>D:\JavaHome\apache-maven-3.3.9\repository</localRepository>

  <pluginGroups>
  </pluginGroups>

  <proxies>
  </proxies>

  <servers>
    <server>
      <id>sonatype</id>
      <username>工单系统用户名</username>
      <password>密码</password>
    </server>
  </servers>

  <mirrors>
    <mirror>
        <id>alimaven</id>
        <mirrorOf>central</mirrorOf>
        <name>aliyun maven</name>
        <url>https://maven.aliyun.com/repository/public</url>
    </mirror>
  </mirrors>

  <profiles>
    <profile>
        <id>sonatype</id>
        <activation>
            <activeByDefault>true</activeByDefault>
        </activation>
        <properties>
            <gpg.executable>gpg</gpg.executable>
            <gpg.passphrase>Gpg私钥</gpg.passphrase>
        </properties>
    </profile>
  </profiles>

</settings>

其中红色部分按真实信息填写。

6、附:项目配置(pom.xml):

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <groupId>com.demo</groupId>
    <artifactId>demo01</artifactId>
    <version>0.0.1</version>
    <name>demo01</name>
    <description>demo01</description>
    <url>http://www.itez.com.cn</url>

    <licenses>
        <license>
            <name>The Apache License, Version 2.0</name>
            <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
        </license>
    </licenses>
    
    <scm>
        <tag>master</tag>
        <url>https://gitee.com/xxx/xxx.git</url>
        <connection>scm:git:git@gitee.com/xxx/xxx.git</connection>
        <developerConnection>scm:git:git@gitee.com/xxx/xxx.git</developerConnection>
    </scm>

    <properties>
        <charset>UTF-8</charset>
        <java.version>1.8</java.version>
        <project.build.sourceEncoding>${charset}</project.build.sourceEncoding>
        <nexus.staging.maven.plugin>1.6.7</nexus.staging.maven.plugin>
        <maven.jar.plugin.version>3.0.2</maven.jar.plugin.version>
        <maven.compiler.plugin.version>2.5</maven.compiler.plugin.version>
        <maven.surefire.plugin.version>2.5</maven.surefire.plugin.version>
        <maven.source.plugin.version>2.2.1</maven.source.plugin.version>
        <maven.javadoc.plugin.version>2.9.1</maven.javadoc.plugin.version>
        <maven.gpg.plugin.version>1.5</maven.gpg.plugin.version>
    </properties>

    <developers>
        <developer>
            <name>Z.Mingyu</name>
            <email>netwild@qq.com</email>
            <organization>上游科技 itez.com.cn</organization>
        </developer>
    </developers>
    
    <dependencies>
    </dependencies>
    
    <build>
        <plugins>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-jar-plugin</artifactId>
                <version>${maven.jar.plugin.version}</version>
                <configuration>
                    <excludes>
                        <exclude>*.properties</exclude>
                        <exclude>*.psd</exclude>
                    </excludes>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-compiler-plugin</artifactId>
                <version>${maven.compiler.plugin.version}</version>
                <configuration>
                    <source>${java.version}</source>
                    <target>${java.version}</target>
                    <encoding>${charset}</encoding>
                    <skip>true</skip>
                    <compilerArgument>-parameters</compilerArgument>
                </configuration>
            </plugin>
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-surefire-plugin</artifactId>
                <version>${maven.surefire.plugin.version}</version>
                <configuration>
                    <skip>true</skip>
                    <skipTests>true</skipTests>
                    <testFailureIgnore>true</testFailureIgnore>
                </configuration>
            </plugin>
        </plugins>
    </build>
    
    <distributionManagement>
        <snapshotRepository>
            <id>sonatype</id>
            <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
        </snapshotRepository>
        <repository>
            <id>sonatype</id>
            <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
        </repository>
    </distributionManagement>
    
    <profiles>
        <profile>
            <id>release</id>
            <build>
                <plugins>
                    <plugin>
                        <groupId>org.sonatype.plugins</groupId>
                        <artifactId>nexus-staging-maven-plugin</artifactId>
                        <version>${nexus.staging.maven.plugin}</version>
                        <extensions>true</extensions>
                        <configuration>
                            <serverId>sonatype</serverId>
                            <nexusUrl>https://oss.sonatype.org/</nexusUrl>
                            <autoReleaseAfterClose>true</autoReleaseAfterClose>
                        </configuration>
                    </plugin>
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-source-plugin</artifactId>
                        <version>${maven.source.plugin.version}</version>
                        <executions>
                            <execution>
                                <phase>package</phase>
                                <goals>
                                    <goal>jar-no-fork</goal>
                                </goals>
                            </execution>
                        </executions>
                    </plugin>
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-javadoc-plugin</artifactId>
                        <version>${maven.javadoc.plugin.version}</version>
                        <executions>
                            <execution>
                                <phase>package</phase>
                                <goals>
                                    <goal>jar</goal>
                                </goals>
                                <configuration>
                                    <additionalparam>-Xdoclint:none</additionalparam>
                                </configuration>
                            </execution>
                        </executions>
                    </plugin>
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-gpg-plugin</artifactId>
                        <version>${maven.gpg.plugin.version}</version>
                        <executions>
                            <execution>
                                <id>sign-artifacts</id>
                                <phase>verify</phase>
                                <goals>
                                    <goal>sign</goal>
                                </goals>
                            </execution>
                        </executions>
                    </plugin>
                </plugins>
            </build>
        </profile>
    </profiles>
    
</project>

7、附:发布命令

# 在项目根目录执行
call mvn clean deploy -P release

 

posted @ 2020-04-21 23:42  网无忌  阅读(825)  评论(0编辑  收藏  举报