Followup part 2 — Using Maven to only sign and deploy jars to Maven Central. Build and compilation is done entirely with Ant
Question
This is a follow up to: Followup questions: Using Maven to only sign and deploy jars to Maven Central. Build and compilation is done entirely with Ant
Thanks to the answer to the previous questions, and some advice from a sonatype support person, I've just had my first "non failure". Here's the current output for mvn deploy :
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building XBN-Java 0.1.2-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-enforcer-plugin:1.0:enforce (enforce-maven) @ xbnjava ---
[INFO]
[INFO] --- maven-install-plugin:2.4:install (default-install) @ xbnjava ---
[INFO] Installing R:\jeffy\programming\sandbox\xbnjava\pom.xml to C:\Users\jeffy\.m2\repository\com\github\aliteralmind\xbnjava\0.1.2-SNAPSHOT\xbnjava-0.1.2-SNAPSHOT.pom
[INFO]
[INFO] --- maven-deploy-plugin:2.7:deploy (default-deploy) @ xbnjava ---
Downloading: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/0.1.2-SNAPSHOT/maven-metadata.xml
607/607 B
Downloaded: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/0.1.2-SNAPSHOT/maven-metadata.xml (607 B at 0.5 KB/sec)
Uploading: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/0.1.2-SNAPSHOT/xbnjava-0.1.2-20140717.010135-5.pom
2/4 KB
4/4 KB
Uploaded: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/0.1.2-SNAPSHOT/xbnjava-0.1.2-20140717.010135-5.pom (4 KB at 11.9 KB/sec)
Downloading: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/maven-metadata.xml
290/290 B
Downloaded: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/maven-metadata.xml (290 B at 1.5 KB/sec)
Uploading: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/0.1.2-SNAPSHOT/maven-metadata.xml
607/607 B
Uploaded: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/0.1.2-SNAPSHOT/maven-metadata.xml (607 B at 2.5 KB/sec)
Uploading: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/maven-metadata.xml
290/290 B
Uploaded: https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava/maven-metadata.xml (290 B at 1.0 KB/sec)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 4.579 s
[INFO] Finished at: 2014-07-16T21:01:36-04:00
[INFO] Final Memory: 7M/19M
[INFO] ------------------------------------------------------------------------
According to this log, the following files were uploaded into
https://oss.sonatype.org/content/repositories/snapshots/com/github/aliteralmind/xbnjava
-
maven-metadata.xml -
0.1.2-SNAPSHOT/maven-metadata.xml -
0.1.2-SNAPSHOT/xbnjava-0.1.2-20140717.010135-5.pom
When actually looking at that directory in my browser, I see these files:
-
maven-metadata.xml(all files also have amd5andsha1version) -
0.1.2-SNAPSHOT/maven-metadata.xml -
0.1.2-SNAPSHOT/xbnjava-0.1.2-20140716.174151-1.pom
So, I don't understand why the log says the 20140717 files were sent, but the server actually contains the 20140716 versions. But there's a bigger problem, as the goal is to have
-
xbnjava-0.1.2.jar -
xbnjava-0.1.2-sources.jar -
xbnjava-0.1.2-javadoc.jar
on the server (along with their *.asc companions) and none of them are.
In the POM, I have this property
<properties>
<jarprefix>../build/${project.artifactId}-${project.version}/download/${project.artifactId}-${project.version}</jarprefix>
</properties>
and this plugins block (which is a subset of the profiles section), which contains three artifacts, each of which explicitly points to one of those three jar files
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.8</version>
<executions>
<execution>
<id>attach-artifacts</id>
<phase>package</phase>
<goals>
<goal>attach-artifact</goal>
</goals>
<configuration>
<artifacts>
<artifact>
<file>${jarprefix}.jar</file>
<type>jar</type>
</artifact>
<artifact>
<file>${jarprefix}-javadoc.jar</file>
<type>jar</type>
<classifier>javadoc</classifier>
</artifact>
<artifact>
<file>${jarprefix}-sources.jar</file>
<type>jar</type>
<classifier>sources</classifier>
</artifact>
</artifacts>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
(The POM is
R:\jeffy\programming\sandbox\xbnjava\pom.xml
the jars are in
R:\jeffy\programming\build\xbnjava-0.1.1\download
)
So what is the next step in getting the POM to
- recognize the jar files
- sign them (and prompt me for my public-key passphrase, right?), and
- push them to Maven?
Below are my updated settings.xml and pom.xml .
(The sonatype support person also suggested considering a "minimal Maven" idea , which avoids the POM entirely. It's an intriguing idea, but I'd like to first see this through.)
Thank you for helping me.
Settings:
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>ossrh</id>
<username>aliteralmind</username>
<password>MY_SONATYPE_DOT_COM_PASSWORD</password>
</server>
</servers>
<pluginGroups></pluginGroups>
<proxies></proxies>
<mirrors></mirrors>
<profiles></profiles>
</settings>
POM:
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.aliteralmind</groupId>
<artifactId>xbnjava</artifactId>
<packaging>pom</packaging>
<version>0.1.2-SNAPSHOT</version>
<name>XBN-Java</name>
<url>https://github.com/aliteralmind/xbnjava</url>
<inceptionYear>2014</inceptionYear>
<organization>
<name>Jeff Epstein</name>
</organization>
<description>XBN-Java is a collection of generically-useful backend (server side, non-GUI) programming utilities, featuring RegexReplacer and FilteredLineIterator. XBN-Java is the foundation of Codelet (http://codelet.aliteralmind.com).</description>
<parent>
<groupId>org.sonatype.oss</groupId>
<artifactId>oss-parent</artifactId>
<version>7</version>
</parent>
<licenses>
<license>
<name>Lesser General Public License (LGPL) version 3.0</name>
<url>https://www.gnu.org/licenses/lgpl-3.0.txt</url>
</license>
<license>
<name>Apache Software License (ASL) version 2.0</name>
<url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
</license>
</licenses>
<developers>
<developer>
<name>Jeff Epstein</name>
<email>aliteralmind-github@yahoo.com</email>
<roles>
<role>Lead Developer</role>
</roles>
</developer>
</developers>
<issueManagement>
<system>GitHub Issue Tracker</system>
<url>https://github.com/aliteralmind/xbnjava/issues</url>
</issueManagement>
<distributionManagement>
<snapshotRepository>
<id>ossrh</id>
<url>https://oss.sonatype.org/content/repositories/snapshots</url>
</snapshotRepository>
</distributionManagement>
<scm>
<connection>scm:git:git@github.com:aliteralmind/xbnjava.git</connection>
<url>scm:git:git@github.com:aliteralmind/xbnjava.git</url>
<developerConnection>scm:git:git@github.com:aliteralmind/xbnjava.git</developerConnection>
</scm>
<properties>
<java.version>1.7</java.version>
<jarprefix>../build/${project.artifactId}-${project.version}/download/${project.artifactId}-${project.version}</jarprefix>
</properties>
<profiles>
<!--
This profile will sign the JAR file, sources file, and javadocs file using the GPG key on the local machine.
See: https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven
-->
<profile>
<id>release-sign-artifacts</id>
<activation>
<property>
<name>release</name>
<value>true</value>
</property>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.8</version>
<executions>
<execution>
<id>attach-artifacts</id>
<phase>package</phase>
<goals>
<goal>attach-artifact</goal>
</goals>
<configuration>
<artifacts>
<artifact>
<file>${jarprefix}.jar</file>
<type>jar</type>
</artifact>
<artifact>
<file>${jarprefix}-javadoc.jar</file>
<type>jar</type>
<classifier>javadoc</classifier>
</artifact>
<artifact>
<file>${jarprefix}-sources.jar</file>
<type>jar</type>
<classifier>sources</classifier>
</artifact>
</artifacts>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
2 answers
solution1
2 ACCPTED 2014-07-17 06:40:04
You are attaching the artifacts in the release-sign-artifacts profile which was probably disabled when you run the ´mvn deploy´ command. Try running mvn deploy -Drelease=true or just move the release-sign-artifacts profile to the main .pom section. Not sure you need a separate profile at all.
The timestamps are fine. This is how the Maven repository stores SNAPSHOTs.
Maven has a steep learning curve but once you understand the essential concepts it just works.
solution2
1 2014-07-18 14:18:43
This is the change I made, as suggested in @AlexeyGavrilov's answer :
Original:
<profiles>
<!--
This profile will sign the JAR file, sources file, and javadocs file using the GPG key on the local machine.
See: http://blog.sonatype.com/2010/01/how-to-generate-pgp-signatures-with-maven/
-->
<profile>
<id>release-sign-artifacts</id>
<activation>
<property>
<name>release</name>
<value>true</value>
</property>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.8</version>
<executions>
<execution>
<id>attach-artifacts</id>
<phase>package</phase>
<goals>
<goal>attach-artifact</goal>
</goals>
<configuration>
<artifacts>
<artifact>
<file>${jarprefix}.jar</file>
<type>jar</type>
</artifact>
<artifact>
<file>${jarprefix}-javadoc.jar</file>
<type>jar</type>
<classifier>javadoc</classifier>
</artifact>
<artifact>
<file>${jarprefix}-sources.jar</file>
<type>jar</type>
<classifier>sources</classifier>
</artifact>
</artifacts>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
New:
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>build-helper-maven-plugin</artifactId>
<version>1.8</version>
<executions>
<execution>
<id>attach-artifacts</id>
<phase>package</phase>
<goals>
<goal>attach-artifact</goal>
</goals>
<configuration>
<artifact>
<file>${jarprefix}.jar</file>
<type>jar</type>
</artifact>
<artifact>
<file>${jarprefix}-javadoc.jar</file>
<type>jar</type>
<classifier>javadoc</classifier>
</artifact>
<artifact>
<file>${jarprefix}-sources.jar</file>
<type>jar</type>
<classifier>sources</classifier>
</artifact>
</artifacts>
</configuration>
</execution>
</executions>
</plugin>
</plugins>
</build>
<profiles>
<!--
This profile will sign the JAR file, sources file, and javadocs file using the GPG key on the local machine.
See: http://blog.sonatype.com/2010/01/how-to-generate-pgp-signatures-with-maven/
-->
<profile>
<id>release-sign-artifacts</id>
<activation>
<property>
<name>release</name>
<value>true</value>
</property>
</activation>
</profile>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
Followup questions: Using Maven to only sign and deploy jars to Maven Central. Build and compilation is done entirely with Ant
How to use Maven to only sign three jars and push them to Maven Central?
Jenkins - Ant Build Maven Deploy
Using ANT how to build and deploy a non maven project on Hudson
Unable to deploy maven artifact to maven central repository using travis
Using Compile-Time Only Jars with Maven
How to package dependency JARs as part of project JAR using maven
Deploy Ant project into Maven repository
Compilation Errors after Maven successfully downloaded Jars
by using maven Build projects and deploy it using jboss-maven-plugin
Related Tags