Home‎ > ‎Maven‎ > ‎

Sonatype


My notes on releasing releases to sonatype.org and the goal is to describe how I release to sonatype. I have listed 3 open source projects where I use the pattern below and this could help guide your design. 

Reference

1. Create GPG Key

  • Download the tools for your OS. I use theMac GPG Tools.
  • Create a new private key for the email address used on sonatype.org login. 
  • Be sure to upload your public key to the public key server. 
  • DO NOT FORGET YOUR PASSPHRASE!!!! Write it down in a secure location and one you can remember!

2. Modify pom.xml for releasing

  • Start out  your version with something like this if you want. <version>0.1-alpha-11-SNAPSHOT</version>. This will allow the maven release plugin to increment the release each time you run it which will go like this... 0.1-alpha-11-SNAPSHOT... 0.1-alpha-12-SNAPSHOT... 0.1-alpha-13-SNAPSHOT
<groupId>com.arcbees.gquery</groupId>
<artifactId>gquery-plugins</artifactId>
<version>0.1-alpha-11-SNAPSHOT</version>
<packaging>pom</packaging>
<parent>
   
<groupId>org.sonatype.oss</groupId>
   
<artifactId>oss-parent</artifactId>
   
<version>7</version>
</parent>
  • Next I add these two items in the parent pom.xml, one for source generation and next the maven release plugin.
<plugin>
   
<groupId>org.apache.maven.plugins</groupId>
   
<artifactId>maven-source-plugin</artifactId>
   
<version>2.2.1</version>
</plugin>

<plugin>
   
<groupId>org.apache.maven.plugins</groupId>
   
<artifactId>maven-release-plugin</artifactId>
   
<configuration>
       
<autoVersionSubmodules>true</autoVersionSubmodules>
       
<useReleaseProfile>false</useReleaseProfile>
       
<releaseProfiles>release</releaseProfiles>
       
<arguments>-Psonatype-oss-release -Prelease -Dgpg.passphrase=${gpg.passphrase}</arguments>
   
</configuration>
</plugin>
  • Next there are 3 things to add in profiles. 
    • First add sonatype-oss-release id and identify your submodules you want the release to take place for. This is needed for multi module projects or projects with a parent pom.xml.
    • Second add a release goal for building the javadocs 
    • Thirdly add release-sign-artifacts for having gpg sign the artifacts that are uploaded to sonatype. Be sure there in this order, or signing will not take place at the end of the build. 
    • See an example here: parent example
<profiles>
   
<profile>
       
<id>sonatype-oss-release</id>
       
<modules>
           
<module>tooltip</module>
       
</modules>
   
</profile>

   
<profile>
       
<id>release</id>
       
<activation>
           
<property>
               
<name>performRelease</name>
               
<value>true</value>
           
</property>
       
</activation>
       
<build>
           
<pluginManagement>
               
<plugins>
                   
<plugin>
                       
<groupId>org.apache.maven.plugins</groupId>
                       
<artifactId>maven-javadoc-plugin</artifactId>
                       
<version>2.9</version>
                       
<executions>
                           
<execution>
                               
<id>attach-javadocs</id>
                               
<goals>
                                   
<goal>jar</goal>
                               
</goals>
                           
</execution>
                       
</executions>
                       
<configuration>
                           
<source>${target.jdk}</source>
                           
<failOnError>true</failOnError>
                           
<quiet>true</quiet>
                           
<links>
                               
<link>http://download.oracle.com/javase/6/docs/api/</link>
                               
<link>http://google-web-toolkit.googlecode.com/svn/javadoc/2.0/</link>
                               
<link>http://aopalliance.sourceforge.net/doc/</link>
                           
</links>
                       
</configuration>
                   
</plugin>
               
</plugins>
           
</pluginManagement>
       
</build>
   
</profile>

   
<profile>
       
<id>release-sign-artifacts</id>
       
<activation>
           
<property>
               
<name>performRelease</name>
               
<value>true</value>
           
</property>
       
</activation>
       
<build>
           
<pluginManagement>
               
<plugins>
                   
<plugin>
                       
<groupId>org.apache.maven.plugins</groupId>
                       
<artifactId>maven-gpg-plugin</artifactId>
                       
<executions>
                           
<execution>
                               
<id>sign-artifacts</id>
                               
<phase>verify</phase>
                               
<goals>
                                   
<goal>sign</goal>
                               
</goals>
                           
</execution>
                       
</executions>
                   
</plugin>
               
</plugins>
           
</pluginManagement>
       
</build>
   
</profile>
</profiles>
  • There are a few other incidentals needed to release starting with scm, organization, url and such. Use the example here for setting up the other needed information. 
  • Add the sonatype credentials to ~/.m2/setting.xml. This will allow you to release the snapshot that is needed to release. Find the use of them here.
<server>
   
<id>sona-nexus-deploy</id>
   
<username>branflake2267</username>
   
<password>xxxxxxx</password>
</server>
<distributionManagement>
   
<repository>
       
<id>sona-nexus-deploy</id> <!-- Add to settings.xml <server><id>sona-nexus-deploy</id> -->
       
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2</url>
   
</repository>
   
<snapshotRepository>
       
<id>sona-nexus-deploy</id>
       
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
   
</snapshotRepository>
</distributionManagement>

3. Deploy a Release

Run these commands to release. 
  1. export JAVA_HOME=`/usr/libexec/java_home -v 1.6` 
  2. mvn clean deploy -Prelease 
  3. mvn release:clean
  4. mvn release:prepare -Dgpg.passphrase=xxxxxx
  5. mvn release:perform -Dgpg.passphrase=xxxxxx
  6. https://oss.sonatype.org/index.html - goto sonatype and login then goto staging repositories. 
    1. Find your library in the list
    2. Check and click on 'close' 
    3. If all goes well the close will return to the list as releasable. 
    4. But if the signatures, javadocs or source are not present for the release it will tell you and you will need to drop the release and reconfigure your pom.

4. Deploy a Release but in Batch Mode

This will run the release, but skip the interactive release version choices and auto increment above. 
  1. export JAVA_HOME=`/usr/libexec/java_home -v 1.6`  
  2. mvn clean deploy -Prelease -DskipTests
  3. mvn release:clean release:prepare --batch-mode -Dgpg.passphrase= xxxxxx
  4. mvn release:perform -Dgpg.passphrase= xxxxxx
  5. https://oss.sonatype.org/index.html - goto sonatype and login then goto staging repositories. 
    1. Find your library in the list
    2. Check and click on 'close' 
    3. If all goes well the close will return to the list as releasable. 
    4. But if the signatures, javadocs or source are not present for the release it will tell you and you will need to drop the release and reconfigure your pom.

Projects that Release to Sonatype:

Find some of the sites where the above strategy is done to deploy the open source libraries. Check out the parent and child poms for more information to use in creating your own.
































































































Comments