Publish Java project to Maven Central Library __maven

Table of Contents What is Maven? How does the MAVEN Central Library publish a jar package to the MAVEN Central Library register MAVEN Central Library account request a warehouse local MAVEN configuration (official description) using GPG to sign Java Project packages (official description) using MVN (MAVEN) for package uploads Official release Project If this is the first time, you need to notify the administrator to activate the warehouse and the MAVEN Central Library for synchronization attention issues

What is Maven?

MAVEN is a set of project management frameworks:
A Project object model,
A set of standard collections,
A Project life cycle (Project lifecycle),
A dependency management system (Dependency Management systems),
and is used to run the logic that defines the plug-in (plugin) target (goal) in the lifecycle phase (phase). Maven Central Library

Maven can build on its own, or use the online Maven platform, and the MAVEN Central Library is a MAVEN platform that provides hosted Java projects on the line. Once the project has been published to the MAVEN Central Library, others can get the jar package directly from the project's name or ID, while MAVEN solves the problem of project dependencies. (similar to the Python Community's PyPI) How to publish a jar package to the MAVEN Central Library Register the MAVEN Central Library account

In [http://oss.sonatype.org] registered account (Note: Sonatype is the MAVEN Central Library Management System), after registration to obtain the username, password. apply for a warehouse to the MAVEN Central Library

In Sonatype's Jira system, create a issue (select Project:community support-open Source Project Repository Hosting; Issue type:new Project), tell the Sonatype administrator that you want to host a project to Sonatype. Note that after the issue is created, only the administrator has permission to change, so be careful not to write the wrong information (see official instructions). After the creation, you need to wait for Sonatype Administrator audit, generally not more than 2 working days, once the audit passed, will be marked on the issue resolved, which means that the Central library is ready to upload their own files at any time. Local MAVEN configuration (official description)

Local needs installation tools: JDK && Maven,maven installation method see documentation, and GPG signature tool

Tell maven the account that we previously applied to the MAVEN Central Library, which is added as follows in the Maven tool's profile ~/.m2/settings.xml:

    <server>
        <id>sonatype-nexus-snapshots</id>
        <username>USERNAME</username>
        <password>PASSWORD</password>
    </server>
    <server>
        <id> sonatype-nexus-staging</id>
        <username>USERNAME</username>
        <password>password </password>
    </server>

Then you modify the Pom.xml file at the root of the project, which is the chief configuration file for Maven behavior, similar to makefile, to tell maven important information about project compilation, packaging, signing, and location of dependent objects on the MAVEN central repository.

The following configuration is typically required in Pom.xml files:

    <project xmlns= "http://maven.apache.org/POM/4.0.0" xmlns:xsi= "Http://www.w3.org/2001/XMLSchema-instance" xsi: schemalocation= "http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" > < Modelversion>4.0.0</modelversion> <groupId>com.coaku</groupId> <artifactid>sdk&
        Lt;/artifactid> <version>1.1.1-SNAPSHOT</version> <packaging>jar</packaging> <name>java-sdk</name> <url>http://www.coaku.com/</url> <description> Q
                Iniu Resource (Cloud) Storage SDK demo for java</description> <licenses> <license> <name>the MIT license</name> <url>http://opensource.org/licenses/MIT< /url> </license> </licenses> <parent> <groupid>org.son Atype.oss</groupid>;artifactid>oss-parent</artifactid> <version>7</version> </parent> <scm> <connection>scm:git:git@github.com:coaku/java-sdk.git</connection> <de Veloperconnection>scm:git:git@github.com:coaku/java-sdk.git</developerconnection> <url>git@gith
                ub.com:coaku/java-sdk.git</url> </scm> <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <art
                    Ifactid>maven-compiler-plugin</artifactid> <version>3.1</version> <configuration> <source>1.6</source> <target> 1.6</target> <encoding>utf-8</encoding> &LT;/CONFIGURATION&G
                T </Plugin> <plugin> <groupId>org.apache.maven.plugins</groupId>
                            <artifactId>maven-gpg-plugin</artifactId> <executions>
                                    <execution> <id>sign-artifacts</id>
                                        <phase>verify</phase> <goals>
                            <goal>sign</goal> </goals>
        </execution> </executions> </plugin> </plugins> </build> <properties> <project.build.sourceencoding>utf-8</project.build .sourceencoding> </properties> <denpendencies> ... </denpendenc Ies> </projecT>
 

to sign a Java project package using GPG (official description)

    > GPG--gen-key                 //Fill in a series of information to generate a pair of public key, during which need to manually enter a passphrase password, followed by the signing of the

    > GPG--list-keys               // Lists the generated key information
    /home/coaku/.gnupg/pubring.gpg
    ------------------------------
    pub   2048r/11fca5b2 2013-07-10
    uid                  qiniu Resource Storage <qbox.team@gmail.com>
    Sub   2048r/dae43050 2013-07-10

    > GPG--keyserver hkp://pool.sks-keyservers.net--send-keys 11fca5b2    //To upload public key to a public key server for others to download

    Other people can get the public key in the following ways:
    > GPG--keyserver hkp://pool.sks-keyservers.net--recv-keys 11fca5b2

using MVN (Maven) for package uploads

The release on Maven is divided into two release versions, one is the SNAPSHOT version and the other is the official release version, which is different, but requires that the version number of the project in the Pom.xml configuration be followed by the "-snapshot" format. Maven automatically removes the "-snapshot" suffix when it is officially released.

Upload Snapshot version:

    > mvn clean deploy-dgpg.passphrase=<passphrase>      /<passphrase> The password that was manually entered before generating the GPG public key, as well as the following

Upload the official release version:

    > mvn release:clean
    > mvn release:prepare-darguments=-dgpg.passphrase=<passphrase>
    > MVN Release:perform-darguments=-dgpg.passphrase=<passphrase>

Official Release Project

Before the Sonatype administrator synchronizes the uploaded items to the Maven central repository, the project will exist in an intermediate state warehouse (Staging Repository), with the starting state open and we need to turn it close. Steps like this.

When the status changes to close, MAVEN checks the project in a series and, if passed, the state switches to close.

When you switch to close, you can officially release the item, switching the same way as close, click the Release button. If this is the first time, you need to notify the administrator to activate the synchronization between the warehouse and the MAVEN Central Library

Back to the previous release of the issue, reply to the Administrator, said that their warehouse has been released, the administrator will activate the warehouse and the MAVEN Central Library after receiving the synchronization work. attention to the problem

The project version number in

1. Pom.xml must be in the "x.x.x-snapshot" format
2. Pom.xml The configuration of SCM (software configuration management) is correct and, if it is GitHub, you need to configure access to GitHub in an SSH-authenticated manner. Details, because MVN involves the push action on the GitHub during the upload process.
3. Before using MVN for uploading, make sure that the local code is consistent with the latest version in the SCM.