
Overview
The simple post is aimed to jot down the steps I have taken to publish a library to Maven Central. Here I am publishing a simple library for merging two yaml files
First you need to have a Github Repo
I used my Yaml-Merge application Github repo.
https://github.com/LogicalSapien/yaml-merge.git
Add your code to the repo.
Update pom.xml
Make sure pom.xml has necessary details such as :
- GroupId
- ArtifactId
- Version
- Packaging
- Name
- Description
- Url
- Licence
- Developer Info
- Scm Url
- Distribution management info
- Necessary Build plugins that includes source, javadoc, gpg, nexus staging..
A sample pom.xml can be found here
Create a Sonatype Jira account and create an issue
Signup here: https://issues.sonatype.org/secure/CreateIssue!default.jspa
Then create an open source project. Eg: https://issues.sonatype.org/browse/OSSRH-61994
You might need to verify the ownership of your domain name (which is reverse of your GroupId). Then wait for the status to be RESOLVED
Update the Jira server details in Maven settings
Add a server in settings.xml in maven. This can be found in .m2 folder or your maven installation folder.
<servers> <server> <id>ossrh</id> <username>{jira-user-id}</username> <password>{jira-password}</password> </server> </servers>
Install GnuPg and sign
Download and Install GnuPg
# gpg --version gpg (GnuPG) 2.2.23
Generate key, enter a passphrase when prompted:
# gpg --full-gen-key gpg (GnuPG) 2.2.23; Copyright (C) 2020 Free Software Foundation, Inc. This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. gpg: keybox 'C:/Users/Owner/AppData/Roaming/gnupg/pubring.kbx' created Please select what kind of key you want: (1) RSA and RSA (default) (2) DSA and Elgamal (3) DSA (sign only) (4) RSA (sign only) (14) Existing key from card Your selection? 1 RSA keys may be between 1024 and 4096 bits long. What keysize do you want? (3072) Requested keysize is 3072 bits Please specify how long the key should be valid. 0 = key does not expire <n> = key expires in n days <n>w = key expires in n weeks <n>m = key expires in n months <n>y = key expires in n years Key is valid for? (0) Key does not expire at all Is this correct? (y/N) y GnuPG needs to construct a user ID to identify your key. Real name: Elmo Yeldo Email address: contact@logicalsapien.com Comment: You selected this USER-ID: "Elmo Yeldo <contact@logicalsapien.com>" Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? O We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: AllowSetForegroundWindow(10324) failed: Access is denied. gpg: AllowSetForegroundWindow(13136) failed: Access is denied. We need to generate a lot of random bytes. It is a good idea to perform some other action (type on the keyboard, move the mouse, utilize the disks) during the prime generation; this gives the random number generator a better chance to gain enough entropy. gpg: C:/Users/Owner/AppData/Roaming/gnupg/trustdb.gpg: trustdb created gpg: key C4E3A77EFF3B47FF marked as ultimately trusted gpg: directory 'C:/Users/Owner/AppData/Roaming/gnupg/openpgp-revocs.d' created gpg: revocation certificate stored as 'C:/Users/Owner/AppData/Roaming/gnupg/openpgp-revocs.d\FC361B95D84933206D52C37AC4E3A77EFF3B47FF.rev' public and secret key created and signed. pub rsa3072 2020-11-13 [SC] FC361B95D84933206D52C37AC4E3A77EFF3B47FF uid Elmo Yeldo <contact@logicalsapien.com> sub rsa3072 2020-11-13 [E]
Publish the key:
#gpg --keyserver hkp://pool.sks-keyservers.net --send-key FC361B95D84933206D52C37AC4E3A77EFF3B47FF gpg: sending key C4E3A77EFF3B47FF to hkp://pool.sks-keyservers.net
Add gpg passphrase in Maven settings
Under profile, add the gpg profile:
<profile> <id>ossrh</id> <activation> <activeByDefault>true</activeByDefault> </activation> <properties> <gpg.executable>gpg</gpg.executable> <gpg.passphrase>{Passphrase}</gpg.passphrase> </properties> </profile>
Maven Deploy
Run the commands for maven deployment
mvn clean deploy
During the deployment, it might ask to enter the gpg passphrase.
If all goes well, you’ll get a message like:
Created staging repository with ID "comlogicalsapiendataformat-1000".
and a BUILD SUCESS
message.
You can login to https://oss.sonatype.org and click on Staging Repositories on left to see the library
Once everything is okay, you can move to release with this coommand:
mvn nexus-staging:release
It might take sometime to get it available in Maven Central repo
Conculsion
You can add it to your project pom as :
<dependency> <groupId>com.logicalsapien.dataformat</groupId> <artifactId>yaml-merge</artifactId> <version>1.0.0</version> </dependency>
Reference:
https://maven.apache.org/repository/guide-central-repository-upload.html