Gradle publishes the Java class library to the Maven central repository
Less nonsense. Let's start with a few websites:
This article starts from scratch and uses Gradle 7 to publish the Java class library to the Maven central repository GitHub Action Automatically push the release when it is released.
Register sonatype
Needless to say, open it https://issues.sonatype.org/ Just register an account
Publish issue
After registering, log in to Sonatype and issue an issue
- Summary: just fill it in. Anyway, I filled in the project name.
- Group Id: fill in the Group Id of the class library. Note that if it is an independent domain name, the other party will ask to verify the ownership of the domain name (verify the TXT record), and the other party will remind you to add it after receiving the Issue.
- Project URL: fill in the project website or GitHub address.
- SCM url: if the project is placed on GitHub, fill in the GitHub address and add git
Just submit it in this way and wait for the reply slowly (the picture below can be finished in less than half an hour!)
You will see the following useless reply:
Modify build Gradle profile
Note 1: the latest version of Gradle I use is 7.1.1. Please try other versions yourself.
Note 2: my Gradle configuration file is Groovy version, and please convert the Kotlin DSL version by yourself.
First, add Maven publish and signing plug-ins in plugins,
plugins {
id 'maven-publish'
id 'signing'
}
Then add the following at the end of the configuration file:
java {
withJavadocJar()
withSourcesJar()
}
javadoc {
options.addStringOption("charset", "UTF-8")
if (JavaVersion.current().isJava9Compatible()) {
options.addBooleanOption('html5', true)
}
}
publishing {
publications {
mavenJava(MavenPublication) {
artifactId = 'Component name'
from components.java
pom {
name = 'Project name'
description = 'Project description'
url = 'project URL'
licenses {
license {
name = 'License name'
url = 'License address'
}
}
developers {
developer {
id = 'developer ID'
name = 'Developer name'
email = 'Developer email'
}
}
scm {
connection = 'scm:git:git://github.com/path/to/repo.git'
developerConnection = 'scm:git:ssh://github.com/path/to/repo.git'
url = 'https://github.com/path/to/repo'
}
}
}
}
repositories {
maven {
name = "OSSRH"
if (project.version.toString().endsWith("-SNAPSHOT")) {
url = "https://s01.oss.sonatype.org/content/repositories/snapshots"
} else {
url = "https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/"
}
credentials {
username = findProperty("ossrhUsername") ?: System.getenv("OSSRH_USERNAME")
password = findProperty("ossrhPassword") ?: System.getenv("OSSRH_PASSWORD")
}
}
}
}
signing {
sign(publishing.publications.mavenJava)
}
The main contents are as follows:
- Generate JavadocJar
- Generate SourcesJar
- Set Javadoc to UTF-8 encoding
- Settings for the publisher
- autograph
Create key
For Windows systems, gpg4win can be installed through chocolate or Scoop
For Mac OS systems, you can install gpg through Homebrew
brew install gpg
For Linux systems, the gnupg tool can be installed through the package management tool
sudo apt install gnupg # Debian system sudo yum install gnupg # RedHat system
After installation, you can create a key through GPG -- generate key, and remember the set password.
After creation, enter gpg -k to view the generated key, and you will see the following:
pub rsa3072 2021-07-25 [SC] [expires: 2023-07-25]
A36DDCA2B4E3D244AA685BC6C2F673BC0FEB0227
uid [ultimate] TestTest <example@example.com>
sub rsa3072 2021-07-25 [E] [expires: 2023-07-25]
Now identify several nouns that will be used later in this article:
- A36DDCA2B4E3D244AA685BC6C2F673BC0FEB0227 is the key fingerprint
- The last 8 bits (0FEB0227) of the key fingerprint is KEYID
Now export KeyRingFile
gpg --export-secret-keys [Key fingerprint] > secret.gpg
Replace [Key fingerprint] with your actual value, and it will generate secret in the current directory GPG file, reserved for standby.
Now set secret GPG performs BASE64 processing. It is recommended to execute in Git Bash for Windows system:
base64 secret.gpg > secret.gpg.base64
Now upload the public key to the public key server (Sonatype will find the public key on multiple servers, such as keys.gnupg.net, pool.sks-keyservers.net and keyserver.ubuntu.com). If one server cannot upload, you can try another two.
gpg --keyserver keyserver.ubuntu.com --send-keys [Key fingerprint]
"Last step" GitHub Action!
First create the following file with any file name
name: Publish package to the Maven Central Repository
on:
release:
types: [created]
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up JDK 11
uses: actions/setup-java@v2
with:
java-version: "11"
distribution: "adopt"
- name: Grant execute permission for gradlew
run: chmod +x gradlew
- name: Build with Gradle
run: ./gradlew build
- name: Decode
run: |
echo "${{secrets.SIGNING_SECRET_KEY_RING_FILE}}" > ~/.gradle/secring.gpg.base64
base64 -d ~/.gradle/secring.gpg.base64 > ~/.gradle/secring.gpg
- name: Publish package
run: gradle publish -Psigning.keyId=${{secrets.SIGNING_KEY_ID}} -Psigning.password=${{secrets.SIGNING_KEY_PASSWORD}} -Psigning.secretKeyRingFile=$(echo ~/.gradle/secring.gpg)
env:
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
Create the following Secrets:
Of which:
- OSSRH_USERNAME: your username for Sonatype
- OSSRH_PASSWORD: your password for Sonatype
- SIGNING_KEY_ID: KEYID mentioned above, 8-bit
- SIGNING_KEY_PASSWORD: set the password of the private key
- SIGNING_SECRET_KEY_RING_FILE: secret. gpg. Content in Base64
Sprinkle flowers at the end
release on GitHub and open https://s01.oss.sonatype.org/ , click Staging Repositories on the left, and you will see the release just released appear in the list.
After confirmation, you can select and click Close. If successful, click Release to publish the class library to the Maven central warehouse.