将项目发布到Maven中央仓库时关于GPG的一些操作日志
1、Gpg4win
官网地址: https://www.gpg4win.org/download.html
2、安装Gpg4win
正常安装之后,会自动将 GnuPG\bin 添加到环境变量 Path 中,便于CMD中使用gpg命令。
3、生成加密套件
# 如果之前存在密钥,请先清除 gpg --delete-secret-key 上次设置的Name # 生成公钥:跟着提示走,输入用户名,邮箱,Ok即可 gpg --gen-key # 将生成的信息记录下来,包括: # gpg: key 指纹 # pub:公钥有效期以及内容 # uid:所有者信息 # 最重要的:刚才输入的私钥
4、上传公钥
在发布项目之前,需要将上一步生成的公钥上传到加密服务器,主要有以下这三个:
http://keyserver.ubuntu.com:11371
http://keys.openpgp.org:11371
http://pool.sks-keyservers.net:11371
上传命令:
gpg --keyserver hkp://keyserver.ubuntu.com:11371 --send-keys 公钥串 gpg --keyserver hkp://keys.openpgp.org:11371 --send-keys 公钥串 gpg --keyserver hkp://pool.sks-keyservers.net:11371 --send-keys 公钥串
检测结果:
gpg --keyserver hkp://keyserver.ubuntu.com:11371 --recv-keys 公钥串 gpg --keyserver hkp://keys.openpgp.org:11371 --recv-keys 公钥串 gpg --keyserver hkp://pool.sks-keyservers.net:11371 --recv-keys 公钥串
这三个加密服务器只需要成功一个就可以,不必全部成功。
5、附:Maven配置(settings.xml)
<?xml version="1.0" encoding="UTF-8"?> <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> <localRepository>D:\JavaHome\apache-maven-3.3.9\repository</localRepository> <pluginGroups> </pluginGroups> <proxies> </proxies> <servers> <server> <id>sonatype</id> <username>工单系统用户名</username> <password>密码</password> </server> </servers> <mirrors> <mirror> <id>alimaven</id> <mirrorOf>central</mirrorOf> <name>aliyun maven</name> <url>https://maven.aliyun.com/repository/public</url> </mirror> </mirrors> <profiles> <profile> <id>sonatype</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg</gpg.executable> <gpg.passphrase>Gpg私钥</gpg.passphrase> </properties> </profile> </profiles> </settings>
其中红色部分按真实信息填写。
6、附:项目配置(pom.xml):
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.demo</groupId> <artifactId>demo01</artifactId> <version>0.0.1</version> <name>demo01</name> <description>demo01</description> <url>http://www.itez.com.cn</url> <licenses> <license> <name>The Apache License, Version 2.0</name> <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url> </license> </licenses> <scm> <tag>master</tag> <url>https://gitee.com/xxx/xxx.git</url> <connection>scm:git:git@gitee.com/xxx/xxx.git</connection> <developerConnection>scm:git:git@gitee.com/xxx/xxx.git</developerConnection> </scm> <properties> <charset>UTF-8</charset> <java.version>1.8</java.version> <project.build.sourceEncoding>${charset}</project.build.sourceEncoding> <nexus.staging.maven.plugin>1.6.7</nexus.staging.maven.plugin> <maven.jar.plugin.version>3.0.2</maven.jar.plugin.version> <maven.compiler.plugin.version>2.5</maven.compiler.plugin.version> <maven.surefire.plugin.version>2.5</maven.surefire.plugin.version> <maven.source.plugin.version>2.2.1</maven.source.plugin.version> <maven.javadoc.plugin.version>2.9.1</maven.javadoc.plugin.version> <maven.gpg.plugin.version>1.5</maven.gpg.plugin.version> </properties> <developers> <developer> <name>Z.Mingyu</name> <email>netwild@qq.com</email> <organization>上游科技 itez.com.cn</organization> </developer> </developers> <dependencies> </dependencies> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jar-plugin</artifactId> <version>${maven.jar.plugin.version}</version> <configuration> <excludes> <exclude>*.properties</exclude> <exclude>*.psd</exclude> </excludes> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-compiler-plugin</artifactId> <version>${maven.compiler.plugin.version}</version> <configuration> <source>${java.version}</source> <target>${java.version}</target> <encoding>${charset}</encoding> <skip>true</skip> <compilerArgument>-parameters</compilerArgument> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> <version>${maven.surefire.plugin.version}</version> <configuration> <skip>true</skip> <skipTests>true</skipTests> <testFailureIgnore>true</testFailureIgnore> </configuration> </plugin> </plugins> </build> <distributionManagement> <snapshotRepository> <id>sonatype</id> <url>https://oss.sonatype.org/content/repositories/snapshots/</url> </snapshotRepository> <repository> <id>sonatype</id> <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url> </repository> </distributionManagement> <profiles> <profile> <id>release</id> <build> <plugins> <plugin> <groupId>org.sonatype.plugins</groupId> <artifactId>nexus-staging-maven-plugin</artifactId> <version>${nexus.staging.maven.plugin}</version> <extensions>true</extensions> <configuration> <serverId>sonatype</serverId> <nexusUrl>https://oss.sonatype.org/</nexusUrl> <autoReleaseAfterClose>true</autoReleaseAfterClose> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> <version>${maven.source.plugin.version}</version> <executions> <execution> <phase>package</phase> <goals> <goal>jar-no-fork</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-javadoc-plugin</artifactId> <version>${maven.javadoc.plugin.version}</version> <executions> <execution> <phase>package</phase> <goals> <goal>jar</goal> </goals> <configuration> <additionalparam>-Xdoclint:none</additionalparam> </configuration> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-gpg-plugin</artifactId> <version>${maven.gpg.plugin.version}</version> <executions> <execution> <id>sign-artifacts</id> <phase>verify</phase> <goals> <goal>sign</goal> </goals> </execution> </executions> </plugin> </plugins> </build> </profile> </profiles> </project>
7、附:发布命令
# 在项目根目录执行 call mvn clean deploy -P release
版权声明: 本文为博主 网无忌 原创文章,欢迎转载,但请务必标注原文链接。