Kule nqaku, ndifuna ukujonga ngokuthe ngqo inkqubo yokupapasha i-artifact yeJava ukusuka ekuqaleni ngokusebenzisa i-Github Actions ukuya kwi-Sonatype Maven Central Repository usebenzisa umakhi we-Gradle.
Ndagqiba ekubeni ndibhale eli nqaku ngenxa yokungabikho kwesifundo esiqhelekileyo kwindawo enye. Lonke ulwazi kwakufuneka luqokelelwe isiqwenga ngasinye kwimithombo eyahlukeneyo, ngaphezu koko, alukho lutsha ngokupheleleyo. Ngubani okhathalayo, wamkelekile phantsi kwekati.
Ukudala indawo yokugcina kwi-Sonatype
Inyathelo lokuqala kukudala indawo yokugcina eSonatype Maven Central. Kule nto siyahamba
Ngexesha elithile emva kokuqinisekiswa, i-GroupId yakho iya kuyilwa kwaye sinokudlulela kwinyathelo elilandelayo, uqwalaselo lweGradle.
Ukuqwalasela i-Gradle
Ngexesha lokubhala, andizange ndifumane iiplagi zeGradle ezinokunceda ngokupapasha i-artifact.
Into yokuqala ekufuneka uyiqwalasele ziimfuno zeSonatype zokupapasha. Zezi zilandelayo:
- Ubukho beekhowudi zomthombo kunye neJavaDoc, okt. mabazimase
-sources.jar
ΠΈ-javadoc.jar
iifayile. Njengoko kuchaziwe kuxwebhu, ukuba akunakwenzeka ukubonelela ngeekhowudi zemvelaphi okanye amaxwebhu, unokwenza i-dummy-sources.jar
okanye-javadoc.jar
nge-FUNDA elula ngaphakathi ukuze uphumelele uvavanyo. - Zonke iifayile mazisayinwe nge
GPG/PGP
kwaye.asc
ifayile equlethe utyikityo kufuneka ibandakanywe kwifayile nganye. - Ukufumaneka
pom
ifayile - Amaxabiso achanekileyo
groupId
,artifactId
ΠΈversion
. Uguqulelo lunokuba luluhlu olungenasizathu kwaye alukwazi ukuphela ngalo-SNAPSHOT
- Kufuneka ubukho
name
,description
ΠΈurl
- Ubukho bolwazi malunga nelayisensi, abaphuhlisi kunye nenkqubo yolawulo loguqulelo
Le yimigaqo esisiseko ekufuneka ilandelwe xa kupapashwa. Ulwazi olupheleleyo luyafumaneka
Siphumeza ezi mfuno kwi build.gradle
ifayile. Okokuqala, masifake lonke ulwazi oluyimfuneko malunga nabaphuhlisi, iilayisensi, inkqubo yolawulo loguqulelo, kwaye kananjalo usete i-url, igama kunye nenkcazo yeprojekthi. Masibhale indlela elula yoku:
def customizePom(pom) {
pom.withXml {
def root = asNode()
root.dependencies.removeAll { dep ->
dep.scope == "test"
}
root.children().last() + {
resolveStrategy = DELEGATE_FIRST
description 'Some description of artifact'
name 'Artifct name'
url 'https://github.com/login/projectname'
organization {
name 'com.github.login'
url 'https://github.com/login'
}
issueManagement {
system 'GitHub'
url 'https://github.com/login/projectname/issues'
}
licenses {
license {
name 'The Apache License, Version 2.0'
url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
}
}
scm {
url 'https://github.com/login/projectname'
connection 'scm:https://github.com/login/projectname.git'
developerConnection 'scm:git://github.com/login/projectname.git'
}
developers {
developer {
id 'dev'
name 'DevName'
email '[email protected]'
}
}
}
}
}
Okulandelayo, kufuneka ucacise ukuba ngexesha lendibano eyenziweyo -sources.jar
ΠΈ-javadoc.jar
iifayile. Kweli candelo java
kufuneka udibanise oku kulandelayo:
java {
withJavadocJar()
withSourcesJar()
}
Masiqhubele phambili kwimfuno yokugqibela, simisela iGPG/PGP utyikityo. Ukwenza oku, qhagamshela iplagin signing
:
plugins {
id 'signing'
}
Kwaye yongeza icandelo:
signing {
sign publishing.publications
}
Okokugqibela, masidibanise icandelo publishing
:
publishing {
publications {
mavenJava(MavenPublication) {
customizePom(pom)
groupId group
artifactId archivesBaseName
version version
from components.java
}
}
repositories {
maven {
url "https://oss.sonatype.org/service/local/staging/deploy/maven2"
credentials {
username sonatypeUsername
password sonatypePassword
}
}
}
}
kuyinto sonatypeIgama lomsebenzisi ΠΈ sonatypePassword izinto ezahlukeneyo eziqulathe igama lokungena kunye negama lokugqitha ezenziwe ngexesha lobhaliso
Ngaloo ndlela i-final build.gradle
iya kujongeka ngolu hlobo:
Ikhowudi epheleleyo yokwakha
plugins {
id 'java'
id 'maven-publish'
id 'signing'
}
java {
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8
withJavadocJar()
withSourcesJar()
}
group 'io.github.githublogin'
archivesBaseName = 'projectname'
version = System.getenv('RELEASE_VERSION') ?: "0.0.1"
repositories {
mavenCentral()
}
dependencies {
testImplementation 'org.junit.jupiter:junit-jupiter-api:5.5.2'
testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.5.2'
}
test {
useJUnitPlatform()
}
jar {
from sourceSets.main.output
from sourceSets.main.allJava
}
signing {
sign publishing.publications
}
publishing {
publications {
mavenJava(MavenPublication) {
customizePom(pom)
groupId group
artifactId archivesBaseName
version version
from components.java
}
}
repositories {
maven {
url "https://oss.sonatype.org/service/local/staging/deploy/maven2"
credentials {
username sonatypeUsername
password sonatypePassword
}
}
}
}
def customizePom(pom) {
pom.withXml {
def root = asNode()
root.dependencies.removeAll { dep ->
dep.scope == "test"
}
root.children().last() + {
resolveStrategy = DELEGATE_FIRST
description 'Some description of artifact'
name 'Artifct name'
url 'https://github.com/login/projectname'
organization {
name 'com.github.login'
url 'https://github.com/githublogin'
}
issueManagement {
system 'GitHub'
url 'https://github.com/githublogin/projectname/issues'
}
licenses {
license {
name 'The Apache License, Version 2.0'
url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
}
}
scm {
url 'https://github.com/githublogin/projectname'
connection 'scm:https://github.com/githublogin/projectname.git'
developerConnection 'scm:git://github.com/githublogin/projectname.git'
}
developers {
developer {
id 'dev'
name 'DevName'
email '[email protected]'
}
}
}
}
}
Ndifuna ukuqaphela ukuba sifumana uguqulelo kuguquko lokusingqongileyo: System.getenv('RELEASE_VERSION')
. Siza kuyiveza ngexesha lendibano kwaye siyithathe kwigama lethegi.
Ukuveliswa kweqhosha le-PGP
Enye yeemfuno ze-Sonatype kukuba zonke iifayile zisayinwe ngeqhosha le-GPG/PGP. Kule nto siyahamba
- Senza isibini esibalulekileyo:
gpg --gen-key
, ngenisa igama lomsebenzisi, i-imeyile, kwaye usete negama lokugqitha. - Sifumanisa
id
isitshixo sethu ngomyalelo:gpg --list-secret-keys --keyid-format short
. I-Id iya kuchazwa emva kokusindwa, umzekelo: rsa2048/9B695056 - Ukupapasha isitshixo sikawonke-wonke kumncedisi
https://keys.openpgp.org umyalelo:gpg --keyserver [https://keys.openpgp.org](https://keys.openpgp.org/) --send-keys 9B695056
- Sithumela ngaphandle isitshixo esiyimfihlo kwindawo engafanelekanga, siya kuyidinga kwixesha elizayo:
gpg --export-secret-key 9B695056 > D:\gpg\9B695056.gpg
Ukumisela iintshukumo zeGithub
Masiqhubele phambili ukuya kwinqanaba lokugqibela, seta ukwakha kwaye upapashe ngokuzenzekelayo usebenzisa i-Github Actions.
Izenzo zeGithub luphawu olukuvumela ukuba wenze ngokuzenzekelayo ukuhamba komsebenzi ngokuphumeza umjikelo opheleleyo weCI / CD. Ukwakha, ukuvavanya, kunye nokusasazwa kunokuqhutywa ziziganeko ezahlukeneyo: ukutyhala ikhowudi, ukudala ukukhulula, okanye imiba. Lo msebenzi usimahla ngokupheleleyo koovimba boluntu.
Kweli candelo, ndiza kukubonisa indlela yokuseta ukwakha kunye nokutyhala ikhowudi kwaye uyisebenzise kwindawo yokugcina ye-Sonatype ekukhululweni, kunye nokuseta iimfihlo.
Sibeka iimfihlo
Ukudibanisa ngokuzenzekelayo kunye nokusasazwa, sifuna inani lamaxabiso ayimfihlo, njenge-id yesitshixo, igama lokugqitha esilingenisileyo xa sisenza isitshixo, iqhosha le-PGP ngokwalo, kunye ne-Sonatype yokungena/igama lokugqitha. Unokuziseta kwicandelo elikhethekileyo kwindawo yokugcina:
Siseta eziguquguqukayo zilandelayo:
- SONATYPE_USERNAME / SONATYPE_PASSWORD - ukungena / igama lokugqitha esilingenisileyo xa sibhalisa ngeSonatype
- SIGNING_KEYID/SIGNING_PASSWORD β PGP id isitshixo kunye negama lokugqitha iseti ngexesha lokuvelisa.
Ndifuna ukuhlala kuguqulo lwe-GPG_KEY_CONTENTS kwiinkcukacha ezithe vetshe. Inyani yeyokuba kupapasho sifuna iqhosha labucala le-PGP. Ukuze ndiyithumele kwiimfihlo, ndasebenzisa
- Masifihle isitshixo sethu ngegpg:
gpg --symmetric --cipher-algo AES256 9B695056.gpg
ngokungenisa igama lokugqithisa. Kufuneka ibekwe kuguquguquko: SECRET_PASSPHRASE - Masiguqulele isitshixo esifihliweyo esifunyenweyo sibe kwifomu yokubhaliweyo sisebenzisa i-base64:
base64 9B695056.gpg.gpg > 9B695056.txt
. Umxholo uya kufakwa kuguquguquko: GPG_KEY_CONTENTS.
Yakha ukuseta xa utyhala ikhowudi kwaye udala iPR
Okokuqala kufuneka wenze ifolda kwingcambu yeprojekthi yakho: .github/workflows
.
Kuyo, phawula ifayile, umzekelo, gradle-ci-build.yml
ngomxholo olandelayo:
name: build
on:
push:
branches:
- master
- dev
- testing
pull_request:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Set up JDK 8
uses: actions/setup-java@v1
with:
java-version: 8
- name: Build with Gradle
uses: eskatos/gradle-command-action@v1
with:
gradle-version: current
arguments: build -PsonatypeUsername=${{secrets.SONATYPE_USERNAME}} -PsonatypePassword=${{secrets.SONATYPE_PASSWORD}}
Oku kuhamba komsebenzi kuya kwenziwa xa kutyhalwa kumasebe master
, dev
ΠΈ testing
, kwakhona xa usenza izicelo zokutsala.
Icandelo lemisebenzi likhankanya amanyathelo aza kuphunyezwa kwiziganeko ezikhankanyiweyo. Kule meko, siya kwakha kuguqulelo lwamva nje lobuntu, sebenzisa iJava 8, kwaye sisebenzise iplagin yeGradle. eskatos/gradle-command-action@v1
leyo, isebenzisa uguqulelo lwamva nje lomakhi, izakuqhuba imiyalelo ekhankanyiweyo kuyo arguments
. Izinto eziguquguqukayo secrets.SONATYPE_USERNAME
ΠΈ secrets.SONATYPE_PASSWORD
ezi zimfihlo sibuze ngaphambili.
Iziphumo zokwakha ziya kuboniswa kwithebhu yeZenzo:
Ukusasaza ngokuzenzekelayo xa ukhupho olutsha lukhutshwa
Masenze ifayile yokuhamba komsebenzi eyahlukileyo ye-autodeploy gradle-ci-publish.yml
:
name: publish
on:
push:
tags:
- 'v*'
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v1
- name: Set up JDK 8
uses: actions/setup-java@v1
with:
java-version: 8
- name: Prepare to publish
run: |
echo '${{secrets.GPG_KEY_CONTENTS}}' | base64 -d > publish_key.gpg
gpg --quiet --batch --yes --decrypt --passphrase="${{secrets.SECRET_PASSPHRASE}}"
--output secret.gpg publish_key.gpg
echo "::set-env name=RELEASE_VERSION::${GITHUB_REF:11}"
- name: Publish with Gradle
uses: eskatos/gradle-command-action@v1
with:
gradle-version: current
arguments: test publish -Psigning.secretKeyRingFile=secret.gpg -Psigning.keyId=${{secrets.SIGNING_KEYID}} -Psigning.password=${{secrets.SIGNING_PASSWORD}} -PsonatypeUsername=${{secrets.SONATYPE_USERNAME}} -PsonatypePassword=${{secrets.SONATYPE_PASSWORD}}
Ifayile iphantse yafana naleyo yangaphambili, ngaphandle kwesiganeko apho iyakuthi iqaliswe. Kule meko, esi sisiganeko sokwenza ithegi enegama eliqala ngo-v.
Ngaphambi kokuthunyelwa, kufuneka sikhuphe isitshixo se-PGP kwiimfihlo kwaye sibeke kwingcambu yeprojekthi, kunye nokuyisusa. Okulandelayo, kufuneka sisete imo eguquguqukayo ekhethekileyo RELEASE_VERSION
esibhekisa kuyo gradle.build
ifayile. Konke oku kwenziwa kwicandelo Prepare to publish
. Sifumana isitshixo sethu kwi-GPG_KEY_CONTENTS eguquguqukayo, siyiguqulele kwifayile yegpg, emva koko iguqule ukuntsonkotha kwayo ngokuyibeka kwifayile. secret.gpg
.
Emva koko, siphendukela kwinguqu ekhethekileyo GITHUB_REF
, apho sinokufumana uguqulelo esilusetayo xa sisenza ithegi. Olu tshintsho lufanelekile kule meko. refs/tags/v0.0.2
apho sinqumle abalinganiswa bokuqala abali-11 ukufumana inguqulelo ethile. Okulandelayo, sisebenzisa imiyalelo eqhelekileyo yeGradle yokupapasha: test publish
Ukujonga iziphumo zokusasazwa kwindawo yogcino lweSonatype
Emva kokuba ukukhululwa kudalwe, ukuhamba komsebenzi okuchazwe kwicandelo langaphambili kufuneka kuqale. Ukwenza oku, yenza ukhupho:
igama lethegi kufuneka liqale ngo-v. Ukuba, emva kokucofa ukupapasha ukukhutshwa, ukuhamba komsebenzi kugqibezela ngempumelelo, singaya
I-artifact yavela kwindawo yokugcina iStaging. Ibonakala ngokukhawuleza kwimo eVulekileyo, emva koko kufuneka idluliselwe kwimo yokuVala ngokucofa iqhosha elifanelekileyo. Emva kokujonga ukuba zonke iimfuno zifezekisiwe, i-artifact iya kwisimo sokuVala kwaye ayisekho ukulungiswa. Kule fomu, iya kuphelela eMavenCentral. Ukuba konke kulungile, ungacofa iqhosha khulula, kwaye i-artifact iya kuphelela kwindawo yokugcina i-Sonatype.
Ukuze i-artifact ingene kwi-MavenCentral, kuya kufuneka uyibuze kumsebenzi esiwenze kwasekuqaleni. Kufuneka wenze oku kube kanye kuphela, ngoko sipapasha okokuqala. Kumaxesha alandelayo, oku akufuneki, yonke into iya kulungelelaniswa ngokuzenzekelayo. Bandivulela ungqamaniso ngokukhawuleza, kodwa kuthathe malunga neentsuku ezi-5 ukuba i-artifact ifumaneke eMavenCentral.
Kuphelele apho, sipapashe i-artifact yethu eMavenCentral.
amakhonkco aluncedo
- Ngokufanayo
inqaku , ipapashe kuphela ngemaven - Ukucwangcisa
indawo yokugcina I-Sonatype Jira I-Sonatype yokudala umsebenziUmzekelo: indawo yokugcina apho yonke into yenziwe
umthombo: www.habr.com