Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/johnsonlee/sonatype-publish-plugin
Gradle Plugin for publishing artifacts to Sonatype and Nexus
https://github.com/johnsonlee/sonatype-publish-plugin
gradle gradle-plugin java kotlin maven nexus publish publishing sonatype
Last synced: 24 days ago
JSON representation
Gradle Plugin for publishing artifacts to Sonatype and Nexus
- Host: GitHub
- URL: https://github.com/johnsonlee/sonatype-publish-plugin
- Owner: johnsonlee
- License: apache-2.0
- Created: 2021-10-04T07:29:02.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2023-11-03T01:09:17.000Z (about 1 year ago)
- Last Synced: 2024-11-15T09:49:49.719Z (about 1 month ago)
- Topics: gradle, gradle-plugin, java, kotlin, maven, nexus, publish, publishing, sonatype
- Language: Kotlin
- Homepage:
- Size: 203 KB
- Stars: 25
- Watchers: 2
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
## Introduction
Due to Sonatype's strict validation rules, the publishing requirement must be satisfied by every artifact which wants to be published to Sonatype.
For Java and Android library projects, the publishing configurations are very similar, but the configurations of creating publication are quite different, this gradle plugin is used to simplify the engineering complexity of publishing artifacts to [Sonatype](https://oss.sonatype.org/), developers don't need to write boilerplate publishing DSL for each project to satisfy Sonatype validation rules.
This plugin not only support publishing artifacts to [Sonatype](https://oss.sonatype.org/), but also support publishing artifacts to private Nexus repository.
## Prerequisite
* [Sonatype](https://oss.sonatype.org/) Account
* [GPG](https://gnupg.org/) keyFor more information, see [References](#references)
## Getting Started
```kotlin
plugins {
kotlin("jvm")
id("io.johnsonlee.sonatype-publish-plugin") version "1.6.1"
}group = ""
version = "1.0.0"
```Then, execute publish tasks:
```bash
./gradlew publishToMavenLocal -x signMavenJavaPublication
```## Configuring Environment Variables
To publish artifacts to remote maven repository, additional configurations are quired.
### Sonatype
* `OSSRH_USERNAME`
The account id of [Sonatype](https://oss.sonatype.org/), searching from project properties by default, otherwise searching from system env
* `OSSRH_PASSWORD`
the account password of [Sonatype](https://oss.sonatype.org/), searching from project properties by default, otherwise searching from system env
* `OSSRH_PACKAGE_GROUP`
The package group of [Sonatype](https://oss.sonatype.org/), e.g. `io.johnsonlee`, searching from project properties by default, otherwise searching from system env
### Nexus
* `NEXUS_URL`
The endpoint of Nexus service, e.g. http://nexus.johnsonlee.io/, searching from project properties by default, otherwise searching from system env
* `NEXUS_USERNAME`
The account id of Nexus, searching from project properties by default, otherwise searching from system env
* `NEXUS_PASSWORD`
The account password of Nexus, searching from project properties by default, otherwise searching from system env
## Configuring Signing Properties
* `signing.keyId`
The GPG key id (short format). In this example, the GPG key id is `71567BD2`
```
$ gpg --list-secret-keys --keyid-format=short
/Users/johnsonlee/.gnupg/secring.gpg
------------------------------------
sec 4096R/71567BD2 2021-03-10 [expires: 2031-03-10]
uid Johnson
ssb 4096R/4BA89E7A 2021-03-10
```* `signing.password`
The password of GPG key
* `signing.secretKeyRingFile`
The secret key ring file, e.g. */Users/johnsonlee/.gnupg/secring.gpg*
> The best practice is putting the properties above into `~/.gradle/gradle.properties`
>
> ```properties
> OSSRH_USERNAME=johnsonlee
> OSSRH_PASSWORD=*********
> OSSRH_PACKAGE_GROUP=io.johnsonlee
> signing.keyId=71567BD2
> signing.password=*********
> signing.secretKeyRingFile=/Users/johnsonlee/.gnupg/secring.gpg
> ```## Configuring Git Repository
The following git configurations are be used for generating maven POM file, please skip if already done.
* `user.name`
```bash
git config user.name
```* `user.email`
```bash
git config user.email
```* `remote.origin.url` (optional)
The `remote.origin.url` is available by default unless the git repository is created locally
```bash
git remote add origin [email protected]:/
```## Configuring Project Info
* `project.group`
The `groupId` of the publication, only the root project need to configured, subproejcts will inherit from the root project
* `project.version`
The `version` of the publication, only the root project need to configured, subproejcts will inherit from the root project
The `artifactId` of the publication is the `project.name` by default
## Configuring License (optional)
Add a license file (`LICENSE`, `LICENSE.txt`, `LICENSE.md` or `LICENSE.rst`) into project, then the license type will be recognized automatically.
For more information on repository licenses, see "[Supported Licenses](https://docs.github.com/en/repositories/managing-your-repositorys-settings-and-features/customizing-your-repository/licensing-a-repository#searching-github-by-license-type)"
## Publishing Artifacts to Sonatype
```bash
./gradlew initializeSonatypeStagingRepository publishToSonatype
``````bash
./gradlew closeAndReleaseRepository
```## Publishing Artifacts to Nexus
### Java/Kotlin Project
```bash
./gradlew clean publish
```### Android Project
For Android projects, using `-x` to disable publication tasks for *debug* variants:
```bash
./gradlew clean publish -x publishDebugPublicationToMavenRepository
```After release complete, the artifacts will be synced to [Maven Central](https://mvnrepository.com/repos/central) automatically
## References
- [OSSRH Requirements](https://central.sonatype.org/publish/requirements/)
- [OSSRH Guide](https://central.sonatype.org/publish/publish-guide/)
- [Generating A New GPG Key](https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key)