deploy to sonatype

参考文章
https://blog.csdn.net/xuefu_78/article/details/52494698
https://blog.csdn.net/shelldon/article/details/54291474

步驟

申请sonatype账号

申请账号的地址在这里: https://issues.sonatype.org/secure/Signup!default.jspa
申请完成之后,我们需要提供相应的项目信息,地址在这里:https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134
填写group Id,需要按要求填写
创建之后,等待审核

审核通过后

在收到邮件告知后,就可以上传包了

  • 修改setting.xml,添加server项,录入账号密码

      <server>
    <id>nexus-releases</id>
    <username>xx</username>
    <password>xxxxx</password>
    
    nexus-snapshots xx xxxxx

修改pom.xml
譬如:https://github.com/jianliu/l-poi-excel/blob/master/pom.xml
需要注意的是,parent需要填写
还需要name\url\description\licenses\scm\developers
添加相应的插件 compire\javadoc\releases
添加部署的repository\snapshotRepository

GPG秘钥生成

需要先下载gpg软件windows版本 https://gpg4win.org/download.html
按提示操作过程中,需要自己写一个key,在mvn clean deploy 录入对应的key来验证
gpg的作用是生成公钥,用于加密相关jar包
C:\Users\xx>gpg --gen-key
gpg (GnuPG) 2.2.8; Copyright (C) 2018 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: xxx
Email address: xxx@163.com
You selected this USER-ID:
"xxxxxx@163.com"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key A4396BB5BC1F15DD marked as ultimately trusted
gpg: directory 'C:/Users/cdliujian1/AppData/Roaming/gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as 'C:/Users/cdliujian1/AppData/Roaming/gnupg/openpgp-revocs.d\279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD.rev'
public and secret key created and signed.

pub rsa2048 2018-08-21 [SC] [expires: 2020-08-20]
279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD
uid xxxxx@163.com
sub rsa2048 2018-08-21 [E] [expires: 2020-08-20]

C:\Users\xx>gpg --list-keys
C:/Users/xx/AppData/Roaming/gnupg/pubring.kbx

pub rsa2048 2018-08-21 [SC] [expires: 2020-08-20]
279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD
uid [ultimate] xxxxx@163.com
sub rsa2048 2018-08-21 [E] [expires: 2020-08-20]

C:\Users\xx>gpg --keyserver hkp://pool.sks-keyservers.net --send-keys 279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD
gpg: sending key A4396BB5BC1F15DD to hkp://pool.sks-keyservers.net

C:\Users\xx>gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD
gpg: key A4396BB5BC1F15DD: "xxxxx@163.com" not changed
gpg: Total number processed: 1
gpg: unchanged: 1

C:\Users\xx>

打包、上传

首先将version修改为 1.0-SNAPSHOT 带上SNAPSHOT,表明它是快照版本
执行mvn clean deploy,期间会要求录入生成gpg秘钥时输入的密码,校验成功才会上传, 这时包就上传到远程本地仓库了,但其他人还不能下载

mvn release 插件并非必须的,在第一次发布时,只要符合规范,mvn clean deploy 就已经做完了全部事情
mvn release 主要用于将代码提交到远程仓库中去,并非必须品
执行
mvn release:prepare
mvn release:perform

正式发布

到https://oss.sonatype.org/#stagingRepositories登录,
选择自己的仓库,先CLOSE,再Release
如果是第一次发布,在Issue下告知一下工作人员
过一会就可以再maven中心仓库查看到了

posted on 2018-08-23 16:17  j.liu&nbsp;windliu  阅读(2730)  评论(0编辑  收藏  举报