Use Gradle to deploy the jar package to the Maven central repository

Source: Internet
Author: User
Tags maven central sonatype

Use Gradle to deploy the jar package to the Maven central repository

Maven, as the best Dependency management system in the Java industry, hosts the jar package to the Maven Central Library. Using Maven Dependency is a common practice of various third-party libraries in the industry. If, if you want to share some of your own libraries with others, you can also follow this routine. Gradle can be seen as an upgraded version of Maven. It uses the best Dependency management system of Maven, but it also avoids the disadvantages of the stereotypes of Maven build pipeline and xml format configuration files, it can be said that it is currently the best build tool in the Java field. The following describes how to use Gradle to deploy the self-developed jar package to the Maven central repository.

Part 1: register a Maven central database account for your project

Register an account in the http://oss.sonatype.orgz (Note: Sonatype is the Maven central repository Management System) and get the username and password after registration. Later build scripts will be used.

In the Sonatype JIRA system, create an issue (select Project: Community Support-Open Source Project Repository Hosting; Issue Type: New Project) and notify the Sonatype administrator, you want to host a project on Sonatype. Note that after the Issue is created, only the Administrator has the permission to change it. Therefore, be careful not to write the error message.

After the creation, you need to wait for the Sonatype administrator to review. Generally, the Resolved will be indicated on the Issue once the review is passed. This means that the central database is ready, you can upload your own files at any time.

Part 2: Maven central repository hosting Specification

To build a better Maven ecosystem, Maven has clear quality requirements for the databases hosted on it: * The project's Pom file must contain the following elements: * If the jar package is deployed and the jar package contains java classes, you must upload the source code package and javadoc package of the jar package in addition to the jar package, three packages must be deployed. jar/-sources. jar/**-javadoc. jar. * All packages to be deployed must use the GPG signature, and the Public Key of the signature certificate must be uploaded to the hkp: // pool.sks-keyservers.net/server. More Info Maven Central Requirementhttps: // docs.sonatype.org/display/repository/central?sync=requirements

Part 3: GPG Signature

As mentioned above, all files to be uploaded to the Maven central repository need to be signed. First, you need to download the GPG tool (https://gpgtools.org /). Mac users can download the GPGTools Installer with UI to the Key Server. Very simple. For command line control, see the Gennerate GPG signature With Maven https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven

Part 4: Gradle script

Apply plugin: 'idea'
Apply plugin: 'java'
Apply plugin: 'maven'
Apply plugin: 'signing '// use signing plugin for Digital Signature

// Define the GroupID and Version. ArtefactID automatically uses the Project name.
Group = 'com. thoughtworks. toggle'
Version = '0. 1.0-SNAPSHOT'
SourceCompatibility = 1.6
TargetCompatibility = 1.6

Repositories {
MavenCentral ();
}

Dependencies {
Compile (
'Junit: junit: 4.11 ',
)
}

UploadArchives {
Repositories {
MavenDeployer {
// Digitally sign the Pom File
BeforeDeployment {MavenDeployment deployment-> signing. signPom (deployment )}

// Specify the central repository address to which the project is deployed. UserName and Password are the accounts registered in Part 1.
Repository (url: "https://oss.sonatype.org/content/repositories/snapshots "){
Authentication (userName: sonatypeUsername, password: sonatypePassword)
}
// Construct the project's Pom file. See the Pom File Specification in Part 2. Do not omit required items.
Pom. project {
Name project. name
Packaging 'jar'
Description 'toggle is a little java tool to make your life easier when you try to use Feature Toggle in Java .'
Url 'https: // github.com/xianlinbox/Toggle'

Scm {
URLs 'scm: git@github.com: xianlinbox/Toggle. git'
Connection 'scm: git@github.com: xianlinbox/Toggle. git'
Persistent connection 'git @ github.com: xianlinbox/Toggle. git'
}

Licenses {
License {
Name 'The Apache Software License, Version 2.0'
Url 'HTTP: // www.apache.org/licenses/LICENSE-2.0.txt'
Distribution 'repo'
}
}

Developers {
Developer {
Id 'xianlinbox'
Name 'Liu Xiannings'
}
}
}
}
}
}

// See Part 2 to generate **. jar/**-javadoc. jar/**-sources. jar for the project
Task javadocJar (type: Jar, dependsOn: javadoc ){
Classifier = 'javadoc'
From 'build/docs/javadoc'
}

Task sourcesJar (type: Jar ){
Classifier = 'Sources'
From sourceSets. main. allSource
}

Artifacts {
Archives jar
Archives javadocJar
Archives sourcesJar
}

// Digitally sign all jar packages
Signing {
Sign configurations. archives
}

Part 5: Problems Encountered

1. java. security. InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty
This problem occurs only when OpenJDK is used, because the OpenJDK package does not contain a valid certificate, you just need to associate the cacerts in the system library with it.

Cd $ (/usr/libexec/java_home-v 1.7)/jre/lib/security
Ln-follicle/System/Library/Java/Support/CoreDeploy. bundle/Contents/Home/lib/security/cacerts

2. Return Code is 400

There is a sad process for this problem. If you are interested, you can take a look at this issue: issue fixed process receives this Error Message during deployment. There are two types of problems: * The same jar package is repeatedly deployed to the Maven library, but the Maven library is set to prohibit repeated deployment. This problem occurs in the MavenDeployer of Gradle 1.0 and the jar package is submitted repeatedly, but it has been fixed in version 1.1. * Try to deploy a release jar package to the snapshot library. My situation is the latter, but Root Cause is quite shameful, because I wrote version number as "0.1.0-snapshot", which does not comply with Maven's specifications for the Snapshot package. Therefore, changed to "0.1.0-SNAPSHOT" as the release version.

Maven official guide _ Chinese full version clear PDF

Maven 3.1.0 release, Project Build Tool

Install Maven in Linux

Maven3.0 configuration and simple use

Set up sun-jdk and Maven2 in Ubuntu

Get started with Maven

This article permanently updates the link address:

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.