- Create gpg key
- Export gpg key
- Publish gpg key to ubuntu server
- Create account at Sonatype JIRA
- Configure $HOME/.gradle/settings.gradle user and pass and keys settings
- Configure gradle plugins
- Release
You can see the keys with gpg -K if you dont have a published key into Ubuntu Key Server please do:
gpg --gen-key
gpg -K
cd $HOME/.gnupg
gpg --export-secret-keys -o secring.gpg
gpg --send-keys --keyserver keyserver.ubuntu.com <KEY ID>
Now you need create an account an open a ticket to reserve a groupip.
- https://issues.sonatype.org/secure/Signup!default.jspa
- https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134
edit Configure $HOME/.gradle/settings.gradle with the folloing content.
ossrhUsername=???
ossrhPassword=???
nexusUsername=???
nexusPassword=???
signing.keyId=???
signing.password=???
signing.secretKeyRingFile=???
signing.keyId and signing.password you need get from USER TOKEN from NEXUS UI: https://oss.sonatype.org/#profile;User Token. You need login there using same user/pass you got from jira ticket. The property signing.secretKeyRingFil should be something like $HOME/.gnupg/secring.gpg
build.gradle
apply plugin: "eclipse"
apply plugin: "java"
apply plugin: "signing"
apply plugin: "maven"
group = "YOUR_GROUP_ID"
archivesBaseName = "YOUR_ARTIFACT_NAME"
version = "YOUR_VERSION"
sourceCompatibility = 1.8
targetCompatibility = 1.8
sourceSets {
main.java.srcDirs = ["src/main/java"]
}
repositories {
maven { url 'http://repo.spring.io/libs-milestone' }
maven { url 'http://repo.spring.io/libs-release' }
mavenCentral()
maven { url "https://oss.sonatype.org/content/groups/public/" }
mavenLocal()
}
dependencies {
compile([
])
testCompile([
])
}
eclipse {
classpath {
downloadSources=true
}
}
task javadocJar(type: Jar) {
classifier = 'javadoc'
from javadoc
}
task sourcesJar(type: Jar) {
classifier = 'sources'
from sourceSets.main.allSource
}
artifacts {
archives javadocJar, sourcesJar
}
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath "io.codearte.gradle.nexus:gradle-nexus-staging-plugin:0.9.0"
}
}
apply plugin: 'io.codearte.nexus-staging'
signing {
sign configurations.archives
}
uploadArchives {
repositories {
mavenDeployer {
beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }
repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2/") {
authentication(userName: ossrhUsername, password: ossrhPassword)
}
snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots/") {
authentication(userName: ossrhUsername, password: ossrhPassword)
}
pom.project {
name project.name
description project.description
packaging 'jar'
url 'https://github.com/YOU/YOUR_REPO'
scm {
connection 'scm:git:https://github.com/YOU/YOUR_REPO.git'
developerConnection 'scm:git:[email protected]:YOU/YOUR_REPO.git'
url 'https://github.com/YOU/YOUR_REPO.git'
}
licenses {
license {
name 'The Unlicense'
url 'http://unlicense.org/'
distribution 'repo'
}
}
developers {
developer {
id = 'YOUR_ID_ANY_SRING'
name = 'YOUR_NAME'
email = 'YOUR_EMAIL'
}
}
}
}
}
}
nexusStaging {
username = "${nexusUsername}"
password = "${nexusPassword}"
packageGroup = "${group}"
}
./gradlew uploadArchives
./gradlew closeAndReleaseRepository
@diegopacheco I think that the keyserver listed here is incorrect. See here:
https://central.sonatype.org/pages/working-with-pgp-signatures.html#distributing-your-public-key:~:text=%24%20gpg2%20%2D%2Dkeyserver%20hkp%3A%2F%2Fpool.sks%2Dkeyservers.net%20%2D%2Dsend%2Dkeys%20C6EED57A