preface
To publish your JAVA project to Maven’s central repository, the process is very troublesome, and due to the strict nature of Maven’s central repository, you need to log in to the Nexus website to confirm the process manually every time you publish. Pure command line deployment is not supported, so it is impossible to achieve the real CI/CD. To compensate for this, I grabbed the package and analyzed the Nexus API and developed a Github Action(Maven-Nexus-Release) for automatic Close and release to achieve fully automated deployment.
-
rendering
Those of you who have already published jars in Maven’s central repository should know how troublesome it is to publish jars in Maven’s central repository. If you want to publish your open source projects in Maven’s central repository, you can refer to my previous article: Publish Jars in Maven’s central repository
use
First, it’s best to have some knowledge of Github Actions. If you don’t, it’s ok to take a quick look at my previous post: Github Actions
To prepare
Maven project hosted on Github
The maven-gpg-plugin plugin in POM. XML needs to be modified. For example:
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
<configuration>
<! -- This configuration must be configured for GPG non-interactive password entry -->
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
</plugin>
Copy the codeNexus user name and password
Account and password for logging in to https://oss.sonatype.org.
gpg private key
Base64 encoded GPG private key, exported from the command line:
- List the secret key
gpg --list-secret-keys --keyid-format LONG ------------------------------------------------ sec rsa4096/2A6B618785DD7899 2020-11-05 [SC] 992BB9305698C72B846EF4982A6B618785DD7899 uid [ultimate] monkeyWie <[email protected]> ssb rsa4096/F8E9F8CBD90028C5 2020-11-05 [E]Copy the codeFind the key to publish the JAR package, which in this example is 2A6B618785DD7899.
- Export the private key
gpg --armo --export-secret-keys 2A6B618785DD7899
Copy the codeNote The PRIVATE KEY is —–BEGIN PGP PRIVATE KEY BLOCK—– to —–END PGP PRIVATE KEY BLOCK—–, not just the middle text.
gpg passphrase
When generating the GPG key, you will need to enter a short password.
Configure the secret key to Github Secrets
-
Go to the Github project home page and find the Settings option.
-
Enter Secrets menu
-
The New Secret button on the right is used to create the secret key. Create the content of the secret key and give the corresponding name, for example:
Final Secrets are as follows:
Write the Github Action profile
In the project root directory. New lot/workflows/deploy yml file, the content is as follows:
name: deploy
on:
Support for manually triggered builds
workflow_dispatch:
release:
Emitted when creating a release
types: [published]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
# pull source code
- uses: actions/checkout@v2
Install the JDK environment
- name: Set up JDK 1.8
uses: actions/setup-java@v1
with:
java-version: 1.8
Set up the Maven central repository configuration
- name: Set up Apache Maven Central
uses: actions/setup-java@v1
with:
java-version: 1.8
server-id: releases
# Nexus username environment variable
server-username: MAVEN_USERNAME
# Nexus password environment variable
server-password: MAVEN_CENTRAL_TOKEN
# GPG short password environment variable
gpg-passphrase: MAVEN_GPG_PASSPHRASE
# GPG private key
gpg-private-key: The ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
# push jar package to Maven central repository
- name: Publish to Apache Maven Central
# Run the maven deploy command
run: mvn clean deploy
# Environment variable Settings
env:
# Nexus user name, you can also configure secrets if you don't want to expose
MAVEN_USERNAME: xxx
# Nexus password
MAVEN_CENTRAL_TOKEN: The ${{ secrets.MAVEN_CENTRAL_TOKEN }}
# GPG short password
MAVEN_GPG_PASSPHRASE: The ${{ secrets.MAVEN_GPG_PASSPHRASE }}
# Nexus automated deployment
- name: Release on nexus
uses: monkeyWie/maven-nexus-release@v1
with:
# Nexus username
maven-repo-server-username: xxx
# Nexus password
maven-repo-server-password: The ${{ secrets.MAVEN_CENTRAL_TOKEN }}
Copy the codePush the code to Github and you’ll see the corresponding Action. In the example above, there are two ways to trigger the build:
-
Manual trigger
Github can manually trigger the build to facilitate testing, as shown in the following figure:
-
Automatically triggered when a release is released
Creating a release in the Github project automatically triggers the build, once the project is stable.
Afterword.
All the above steps have been verified in my project Proxyee. In addition, the Maven-Nexus-Release project is still in its infancy, and its functions may not be perfect enough. If you have any good ideas and suggestions, please feel free to issue and PR.
Proxyee is a netty based HTTP proxy server that supports HTTP+HTTPS+WebSocket, HTTP and HTTPS packet capture. If you are interested in proxyee, please Star.
This article was first published on my blog: monkeywie.cn. Share the knowledge of JAVA, Golang, front-end, Docker, K8S and other dry goods from time to time.