打包压缩包结构(zip,tar.gz等格式)
$ tree
`-- com
`-- sonatype
`-- central
`-- example
`-- example_java_project
`-- 0.1.0
|-- example_java_project-0.1.0-javadoc.jar
|-- example_java_project-0.1.0-javadoc.jar.asc
|-- example_java_project-0.1.0-javadoc.jar.md5
|-- example_java_project-0.1.0-javadoc.jar.sha1
|-- example_java_project-0.1.0-sources.jar
|-- example_java_project-0.1.0-sources.jar.asc
|-- example_java_project-0.1.0-sources.jar.md5
|-- example_java_project-0.1.0-sources.jar.sha1
|-- example_java_project-0.1.0.jar
|-- example_java_project-0.1.0.jar.asc
|-- example_java_project-0.1.0.jar.md5
|-- example_java_project-0.1.0.jar.sha1
|-- example_java_project-0.1.0.pom
|-- example_java_project-0.1.0.pom.asc
|-- example_java_project-0.1.0.pom.md5
`-- example_java_project-0.1.0.pom.sha1
HASH验证文件生成方式
linux/mac系统自行搜索
windows下使用以下命令操作,该命令支持一下HASH算法MD2、MD4、MD5、 SHA1、SHA256、SHA384、SHA512
certutil -hashfile ***.jar MD5 > ***.jar.md5
注意:sha1,md5等文件实际上是将生成的哈希值放到txt文件里面,然后进行以下扩展名改为对应的加密方式即可,一定要注意文件内只有哈希值,没有其他的东西
source.jar生成方式
使用该插件构建的时候会自动生成
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>2.2.1</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
javadoc.jar的生成方式
Java项目和kotlin项目的生成方式不同
- Java项目
使用此插件可直接在构建的时候生成Javadoc.jar
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>2.9.1</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
- Kotlin或Kotlin-Java混合项目
使用此插件可,执行mvn dokka:javadocJar
可生成javadoc.jar(未实验直接构建的方式,因为懒)
<plugin>
<groupId>org.jetbrains.dokka</groupId>
<artifactId>dokka-maven-plugin</artifactId>
<version>1.9.20</version>
<executions>
<execution>
<phase>pre-site</phase>
<goals>
<goal>dokka</goal>
</goals>
</execution>
</executions>
</plugin>
pom的存在形态
官方模板参考链接,注意要命名为 xxx.pom
,不要.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.simpligility.training</groupId>
<artifactId>ossrh-demo</artifactId>
<version>1.0</version>
<packaging>jar</packaging>
<name>ossrh-demo</name>
<description>A demo for deployment to the Central Repository via OSSRH</description>
<url>http://github.com/simpligility/ossrh-demo</url>
<licenses>
<license>
<name>The Apache Software License, Version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
<developers>
<developer>
<name>Manfred Moser</name>
<email>manfred@sonatype.com</email>
<organization>Sonatype</organization>
<organizationUrl>http://www.sonatype.com</organizationUrl>
</developer>
</developers>
<scm>
<connection>scm:git:git://github.com/simpligility/ossrh-demo.git</connection>
<developerConnection>scm:git:ssh://github.com:simpligility/ossrh-demo.git</developerConnection>
<url>http://github.com/simpligility/ossrh-demo/tree/master</url>
</scm>
...
</project>
gpg加密方式(注意这里需要提前下载对应的加密工具)
- 密钥生成命令
gpg --gen-key
输入命令后,会让你录入邮件和用户名,自行操作
正常结果如下:
gpg (GnuPG) 2.2.19; Copyright (C) 2019 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Note: Use "gpg --full-generate-key" for a full featured key generation dialog.
GnuPG needs to construct a user ID to identify your key.
Real name: Central Repo Test
Email address: central@example.com
You selected this USER-ID:
"Central Repo Test <central@example.com>"
Change (N)ame, (E)mail, or (O)kay/(Q)uit? O
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key 8190C4130ABA0F98 marked as ultimately trusted
gpg: revocation certificate stored as
'/home/mylocaluser/.gnupg/openpgp-revocs.d/CA925CD6C9E8D064FF05B4728190C4130ABA0F98.rev'
public and secret key created and signed.
pub rsa3072 2021-06-23 [SC] [expires: 2023-06-23]
CA925CD6C9E8D064FF05B4728190C4130ABA0F98
uid Central Repo Test <central@example.com>
sub rsa3072 2021-06-23 [E] [expires: 2023-06-23]
上面的pub中的HASH字符就是密钥,CA925CD6C9E8D064FF05B4728190C4130ABA0F98
,后面需要用到
- 密钥推送到密钥服务器
gpg --keyserver keyserver.ubuntu.com --send-keys CA925CD6C9E8D064FF05B4728190C4130ABA0F98
支持的密钥服务器
keyserver.ubuntu.com
keys.openpgp.org
pgp.mit.edu
- GPG加密命令
gpg -ab myfile.java
上传方式
官方压缩包上传指南
此处直接参考官方的指南吧,没啥难度了
注意:选用此方式需要有自己的域名,并且在中央仓库进行反向域名命名空间创建才可使用,创建反向域名空间之后,还需要进行txt-DNS解析进行验证,DNS解析验证存在一定的延迟。
NAMESPACE此处请参考此处官方指导链接