如何发布代码到maven中心仓库

deploy to sonatype

参考文章

https://blog.csdn.net/xuefu_78/article/details/52494698

https://blog.csdn.net/shelldon/article/details/54291474

步驟

申请sonatype账号

申请账号的地址在这里: https://issues.sonatype.org/secure/Signup!default.jspa

申请完成之后，我们需要提供相应的项目信息，地址在这里:https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=21&pid=10134

填写group Id，需要按要求填写

创建之后，等待审核

审核通过后

在收到邮件告知后，就可以上传包了

• 修改setting.xml，添加server项,录入账号密码

    <server>
  <id>nexus-releases</id>
  <username>xx</username>
  <password>xxxxx</password>
  

  nexus-snapshots
  xx
  xxxxx

修改pom.xml

譬如：https://github.com/jianliu/l-poi-excel/blob/master/pom.xml

需要注意的是，parent需要填写

还需要name\url\description\licenses\scm\developers

添加相应的插件 compire\javadoc\releases

添加部署的repository\snapshotRepository

GPG秘钥生成

需要先下载gpg软件windows版本 https://gpg4win.org/download.html

按提示操作过程中，需要自己写一个key，在mvn clean deploy 录入对应的key来验证

gpg的作用是生成公钥，用于加密相关jar包

C:\Users\xx>gpg --gen-key

gpg (GnuPG) 2.2.8; Copyright (C) 2018 Free Software Foundation, Inc.

This is free software: you are free to change and redistribute it.

There is NO WARRANTY, to the extent permitted by law.

Note: Use "gpg --full-generate-key" for a full featured key generation dialog.

GnuPG needs to construct a user ID to identify your key.

Real name: xxx

Email address: xxx@163.com

You selected this USER-ID:

"xxxxxx@163.com"

Change (N)ame, (E)mail, or (O)kay/(Q)uit? O

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

We need to generate a lot of random bytes. It is a good idea to perform

some other action (type on the keyboard, move the mouse, utilize the

disks) during the prime generation; this gives the random number

generator a better chance to gain enough entropy.

gpg: key A4396BB5BC1F15DD marked as ultimately trusted

gpg: directory 'C:/Users/cdliujian1/AppData/Roaming/gnupg/openpgp-revocs.d' created

gpg: revocation certificate stored as 'C:/Users/cdliujian1/AppData/Roaming/gnupg/openpgp-revocs.d\279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD.rev'

public and secret key created and signed.

pub rsa2048 2018-08-21 [SC] [expires: 2020-08-20]

279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD

uid xxxxx@163.com

sub rsa2048 2018-08-21 [E] [expires: 2020-08-20]

C:\Users\xx>gpg --list-keys

C:/Users/xx/AppData/Roaming/gnupg/pubring.kbx

pub rsa2048 2018-08-21 [SC] [expires: 2020-08-20]

279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD

uid [ultimate] xxxxx@163.com

sub rsa2048 2018-08-21 [E] [expires: 2020-08-20]

C:\Users\xx>gpg --keyserver hkp://pool.sks-keyservers.net --send-keys 279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD

gpg: sending key A4396BB5BC1F15DD to hkp://pool.sks-keyservers.net

C:\Users\xx>gpg --keyserver hkp://pool.sks-keyservers.net --recv-keys 279A2AE668EA9A4E34CBE490A4396BB5BC1F15DD

gpg: key A4396BB5BC1F15DD: "xxxxx@163.com" not changed

gpg: Total number processed: 1

gpg: unchanged: 1

C:\Users\xx>

打包、上传

首先将version修改为 1.0-SNAPSHOT 带上SNAPSHOT，表明它是快照版本

执行mvn clean deploy,期间会要求录入生成gpg秘钥时输入的密码，校验成功才会上传， 这时包就上传到远程本地仓库了，但其他人还不能下载

mvn release 插件并非必须的，在第一次发布时，只要符合规范，mvn clean deploy 就已经做完了全部事情

mvn release 主要用于将代码提交到远程仓库中去，并非必须品

执行

mvn release:prepare

mvn release:perform

正式发布

到https://oss.sonatype.org/#stagingRepositories登录，

选择自己的仓库，先CLOSE,再Release

如果是第一次发布，在Issue下告知一下工作人员

过一会就可以再maven中心仓库查看到了