将自己开发的库上传到Maven Central步骤。
Maven Central上创建账户 注册帐号https://issues.sonatype.org
创建Issue| 条目 | 描述 |
|---|---|
| Group Id | 域名反转(有效域名,后面需要校验该域名属于你本人),如果没有域名,可以直接使用自己的github反转(如github.com/lkl22反转后是io.github.lkl22,其中lkl22是你的github用户名。为了规范化,建议全小写。) |
| Project URL | 项目的url,可以是项目的github地址 |
| SCM url | 项目代码仓库的url,可以是项目的github仓库地址 |
创建完成后详情:
提交了Issue后,系统会马上给你发送一个comment,让你对Group Id进行验证。
我们在GitHub上创建好 https://github.com/lkl22/OSSRH-78126 项目后,在这个Issue下面留言让它们去检测,系统如果检测成功,会发送如下信息:
安装GPG生成工具,然后按照下面的步骤操作:
gen keyabc:~ your name$ gpg --gen-key
gpg (GnuPG) 2.3.4; Copyright (C) 2021 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
gpg: directory '/Users/your name/.gnupg' created
gpg: keybox '/Users/your name/.gnupg/pubring.kbx' created
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: your name
Email address: xxx@qq.com
You selected this USER-ID:
"your name "
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: /Users/your name/.gnupg/trustdb.gpg: trustdb created
gpg: directory '/Users/your name/.gnupg/openpgp-revocs.d' created
gpg: revocation certificate stored as '/Users/your name/.gnupg/openpgp-revocs.d/9836B2660E576A6FC3E362388719953AD89C1B70.rev'
public and secret key created and signed.
pub ed25519 2022-02-12 [SC] [expires: 2024-02-12]
9836B2660E576A6FC3E362388719953AD89C1B70
uid your name
sub cv25519 2022-02-12 [E] [expires: 2024-02-12]
signing.keyId我们只需要取pub最后的8位D89C1B70;signing.password就是我们在生成密钥对过程中要求我们输入的;
如果需要查看keyId,可以输入如下命令:
abc:~ likunlun$ gpg --list-keys
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: next trustdb check due at 2024-02-12
/Users/likunlun/.gnupg/pubring.kbx
----------------------------------
pub ed25519 2022-02-12 [SC] [expires: 2024-02-12]
9836B2660E576A6FC3E362388719953AD89C1B70
uid [ultimate] likunlun
sub cv25519 2022-02-12 [E] [expires: 2024-02-12]
signing.secretKeyRingFile
abc:~ likunlun$ gpg --output pubring.gpg --export-secret-keys D89C1B70 File 'pubring.gpg' exists. Overwrite? (y/N) y配置maven publish
官方指导:https://central.sonatype.org/pages/gradle.html
三方的插件:Gradle Nexus Staging
一、在项目根目录的build.gradle中添加plugin:
apply plugin: ‘io.codearte.nexus-staging’
二、在dependencies中添加两个classpath:
classpath 'com.github.dcendents:android-maven-gradle-plugin:2.1' classpath 'io.codearte.gradle.nexus:gradle-nexus-staging-plugin:0.30.0'
三、添加一个专门用于上传的gradle脚本publish-mavencentral.gradle
四、修改local.properties:
signing.keyId=D89C1B70 signing.password=gpg gen key时设置的密码 signing.secretKeyRingFile=/Users/likunlun/pubring.gpg ##nexus账号信息,也就是创建issue时的账号和密码 ossrhUsername=lkl22 ossrhPassword=your passwordpublish to Maven Central
执行publish task,成功后登录https://s01.oss.sonatype.org/,按图操作:
我们还没有将公钥上传到服务器,执行如下指令上传:
abc:~ likunlun$ gpg --keyserver https://keys.openpgp.org/ --send-keys D89C1B70 gpg: sending key xxxxxxxxxx to https://keys.openpgp.org/
再次点击"Close"后可以看到验证成功:
包Release后,可以按如下步骤搜到你的包:
原先的Issue里多了一个系统发送的Comment:
通过https://search.maven.org/查询我们的包(需要等待差不多4个小时),能查到我们才能通过implementation方式引入。
参考文献GnuPG
JCenter 已经提桶跑路,是时候学会上传到 Maven Central 了
GnuPG for OSX
GPG入门教程
Unable to retrieve secret key from key ring file secring.gpg as it does not exist
