准备阶段
namespace 域名认证
当需要在 sonatype 认证 com.xxx命名空间时,需要将 @.xxx.com 配置域名解析。
记录类型:TXT
文本内容:验证的 key。
GPG 公私钥生成
GPG 下载地址:https://www.gnupg.org/download/index.html
Mac 可以使用 brew install gpg直接安装
使用方式可参考:
- https://central.sonatype.org/publish/requirements/gpg/
- https://www.jianshu.com/p/7f19ceacf57c
生成证书
$ gpg --gen-key
查询证书
$ gpg --list-keys
gpg: 正在检查信任度数据库
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: 深度:0 有效性: 1 已签名: 0 信任度:0-,0q,0n,0m,0f,1u
gpg: 下次信任度数据库检查将于 2027-04-06 进行
[keyboxd]
---------
pub ed25519 2024-04-06 [SC] [有效至:2027-04-06]ABC
uid [ 绝对 ] xxx <xxx@163.com>
sub cv25519 2024-04-06 [E] [有效至:2027-04-06]
上传公钥到公钥管理服务器
$ gpg --keyserver keyserver.ubuntu.com --send-keys ABC
gpg: 正在发送密钥 ABC 到 hkp://keyserver.ubuntu.com如果报错 gpg: keyserver send failed: No route to host可以参考该文章上传公钥:https://vayne.cc/2022/03/13/gpg/
推送阶段
pom.xml 文件配置
配置 url
<url>https://github.com/xxx/yyy</url>
配置 license
<licenses><license><name>The Apache Software License, Version 2.0</name><url>http://www.apache.org/licenses/LICENSE-2.0.txt</url><distribution>repo</distribution></license></licenses>
配置 issueManagement
<issueManagement><system>github</system><url>https://github.com/xxx/yyy/issues</url></issueManagement>
配置 SCM
<scm><connection>scm:git:https://github.com/xxx/yyy.git</connection><developerConnection>scm:git:https://github.com/xxx/yyy.git</developerConnection><url>https://github.com/xxx/yyy</url></scm>
配置开发者信息
<developers><developer><name>xxx</name><email>xxx@zzz.com</email><url>https://github.com/xxx</url></developer></developers>
通用插件配置
<build><plugins><plugin><groupId>org.codehaus.mojo</groupId><artifactId>flatten-maven-plugin</artifactId><version>1.5.0</version><configuration><updatePomFile>true</updatePomFile><flattenMode>oss</flattenMode></configuration><executions><execution><id>flatten</id><phase>process-resources</phase><goals><goal>flatten</goal></goals></execution><execution><id>flatten.clean</id><phase>clean</phase><goals><goal>clean</goal></goals></execution></executions></plugin><!-- 不上传源代码,删除该插件 --><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-source-plugin</artifactId><version>3.1.0</version><inherited>true</inherited><executions><execution><id>attach-sources</id><goals><goal>jar</goal></goals></execution></executions><configuration><excludeResources>true</excludeResources><useDefaultExcludes>true</useDefaultExcludes></configuration></plugin><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-javadoc-plugin</artifactId><version>3.1.0</version><inherited>true</inherited><executions><execution><id>bundle-sources</id><phase>package</phase><goals><goal>jar</goal></goals></execution></executions><configuration><maxmemory>1024</maxmemory><encoding>UTF-8</encoding><show>protected</show><notree>true</notree><!-- Avoid running into Java 8's very restrictive doclint issues --><failOnError>false</failOnError><doclint>none</doclint></configuration></plugin></plugins></build>Maven 上传插件配置
<profiles><profile><id>release</id><build><plugins><plugin><groupId>org.apache.maven.plugins</groupId><artifactId>maven-gpg-plugin</artifactId><version>1.6</version><executions><execution><id>sign-artifacts</id><phase>verify</phase><goals><goal>sign</goal></goals></execution></executions><configuration><gpgArguments><!--表示密码直接输入,不需要弹出密码框--><arg>--pinentry-mode</arg><arg>loopback</arg></gpgArguments></configuration></plugin><!-- 配置方式:https://central.sonatype.org/publish/publish-portal-maven/#deploymentname --><plugin><groupId>org.sonatype.central</groupId><artifactId>central-publishing-maven-plugin</artifactId><version>0.4.0</version><extensions>true</extensions><configuration><publishingServerId>central</publishingServerId><tokenAuth>true</tokenAuth><autoPublish>true</autoPublish><excludeArtifacts><excludeArtifact>xxx-yyy</excludeArtifact></excludeArtifacts></configuration></plugin></plugins></build></profile></profiles>
settings.xml 文件配置
<servers><server><id>central</id><username>xxx</username><password>yyy</password></server></servers><profiles><profile><id>gpg</id><activation><activeByDefault>true</activeByDefault></activation><properties><gpg.executable>gpg</gpg.executable><gpg.keyname>xxx@zzz.com</gpg.keyname><gpg.passphrase>passphrase</gpg.passphrase><gpg.useagent>true</gpg.useagent></properties></profile></profiles>
执行构建并上传
$ mvn clean deploy -Prelease
上传结果
报错参考
- Javadocs must be provided but not found in entries:需要提供 Javadoc
- License information is missing:需要提供 license 信息
- Project URL is not defined:需要定义项目 URL 信息
- SCM URL is not defined:需要定义 SCM 信息
- version cannot be a SNAPSHOT:Maven 中央仓库不支持推送快照版本
参考文档
- https://central.sonatype.org/publish/publish-portal-maven/
- https://central.sonatype.org/publish/requirements/gpg/
- https://www.gnupg.org/download/index.html
- https://www.jianshu.com/p/7f19ceacf57c
分享并记录所学所见
