Due to Maven Central's very particular requirements, the release process is a bit elaborate and requires a good deal of local configuration. This guide should walk you through it. It won't do anyone outside of KeepSafe any good, but the workflow is representative of just about any project deploying via Sonatype.
We currently deploy to both Maven Central (via Sonatype's OSS Nexus instance) and to plugins.gradle.org.
- A published GPG code-signing key
- A Sonatype Nexus OSS account with permission to publish in com.getkeepsafe
- A plugins.gradle.org account with permission to publish in com.getkeepsafe
- Permission to push directly to https://github.com/KeepSafe/dexcount-gradle-plugin
- Add your GPG key to your github profile - this is required for github to know that your commits and tags are "verified".
- Configure your code-signing key in ~/.gradle.properties:
signing.keyId=<key ID of your GPG signing key> signing.password=<your key's passphrase> signing.secretKeyRingFile=/path/to/your/secring.gpg
- Configure your Sonatype credentials in ~/.gradle.properties:
SONATYPE_NEXUS_USERNAME=<nexus username> SONATYPE_NEXUS_PASSWORD=<nexus password>
- Configure git with your codesigning key; make sure it's the same as the one
you use to sign binaries (i.e. it's the same one you added to gradle.properties):
# Do this for the dexcount repo only git config user.email "your@email.com" git config user.signingKey "your-key-id"
- Add your plugins.gradle.org credentials to ~/.gradle/gradle.properties:
gradle.publish.key=<the key> gradle.publish.secret=<the secret>
- Edit gradle.properties, remove '-SNAPSHOT' from the VERSION property
- Edit readme so that Gradle examples point to the new version
- Edit changelog, add relevant changes, note the date and new version (follow the existing pattern)
- Verify that the everything works:
./gradlew clean check
- Make a signed commit:
git commit -S -m "Release version X.Y.Z" - Make a signed tag ()check existing tags for message format):
git tag -s -a X.Y.Z
- Upload binaries to Sonatype:
./gradlew publish
- Go to oss.sonatype.org, log in with your credentials
- Click "Staging Repositories"
- Find the "comgetkeepsafe" repo, usually at the bottom of the list
- "Close" the repository (select it then click the "close" button up top), the text field doesn't matter so put whatever you want in it
- Wait until that's done
- "Release" the repository, leave the checkbox checked. Hooray, we're in Maven Central now!
- Upload binaries to Gradle's plugin portal:
./gradlew publishPlugins
- Edit gradle.properties, bump the version number and add '-SNAPSHOT'
- Make a signed commit:
git commit -S -m "Prepare next development version" - Push all of our work to Github to make it official:
git push --tags origin master