Skip to content

Commit

Permalink
Replace Bintray with Maven Central (#104)
Browse files Browse the repository at this point in the history
* Replace Bintray with Maven Central

Required by #94

* Only sign files when uploading to Maven Central

- Otherwise the build will fail on Travis and locally if the signing properties aren't set

* Fix signing
  • Loading branch information
adamdougal authored Nov 16, 2021
1 parent 0f528f0 commit 5e2cada
Show file tree
Hide file tree
Showing 2 changed files with 167 additions and 40 deletions.
104 changes: 87 additions & 17 deletions RELEASING.md
Original file line number Diff line number Diff line change
@@ -1,28 +1,98 @@
# Releasing

We use axion-release which relies on semantic versioning and git tags.
## Set up a Sonatype Account

1. Create a Sonatype Account using your `@sky.uk` email address: https://issues.sonatype.org/secure/Signup!default.jspa
2. Create a Jira issue requesting access to the `uk.sky` group id: https://issues.sonatype.org/secure/CreateIssue.jspa?issuetype=11003&pid=10134

## Generate a GPG Signing Key

1. Install GPG

Red Hat / CentOS:
```shell
yum install gnupg
```

Ubuntu / Debian:
```shell
apt-get install gnupg
```

Mac OS X
```shell
brew install gnupg
```

2. Generate a signing key, selecting option 1 (RSA and RSA) for the kind of key you want:

```shell
gpg --full-generate-key
```

3. Export your key:

To simply release a bug fix:
```shell
gpg --keyring secring.gpg --export-secret-keys > ~/.gnupg/secring.gpg
```

./gradlew check release
./gradlew bintrayUpload
5. Take note of the last 8 characters of the key, for example if this was the output:

To bump the version (when adding functionality or breaking backwards compatibility):
```shell
pub rsa3072 2021-11-16 [SC]
5E323D1244C346B15FBF73A210F0219E5BEFCDB2
uid John Smith <john.smith@sky.uk>
sub rsa3072 2021-11-16 [E]
```

./gradlew release -Prelease.forceVersion=1.0.0
./gradlew bintrayUpload
Take note of `5BEFCDB2`. This is your signing key ID.

## Bump the version

We use axion-release which relies on semantic versioning and git tags.

:warning: Warning, the below commands should only be run on the master branch.

Get the current version:
```shell
./gradlew currentVersion
```

To simply release a bug fix and update the patch version run:
```shell
./gradlew check release
```

To bump the minor or major version (when adding functionality or breaking backwards compatibility):
```shell
./gradlew check release -Prelease.forceVersion=1.0.0
```

## Upload to Maven Central

:warning: Warning, once published it's impossible to delete or update the artifact. See here for more info
https://central.sonatype.org/faq/can-i-change-a-component/.

1. To upload all artifacts to Maven Central run:

```shell
./gradlew uploadArchives -PossrhUsername=your-jira-id -PossrhPassword=your-jira-password -Psigning.keyId=YourKeyId -Psigning.password=YourPublicKeyPassword -Psigning.secretKeyRingFile=PathToYourKeyRingFile
```

./gradlew currentVersion
- `signing.password` should be set to the password you used when generating your signing key
- `signing.secretKeyRingFile` should be the path to your `secring.gpg` file e.g. `~/.gnupg/secring.gpg`
- The above properties can alternatively be stored in your systems `~/.gradle/gradle.properties` file

Note that the `bintrayUpload` Gradle tasks will fail authentication unless the relevant `openSource*` properties have
been defined in the system gradle.properties or overridden on the Gradle command line.
2. Login to https://s01.oss.sonatype.org/ using the Sonatype account you created earlier
3. Click `Staging Repositories` in the left-hand sidebar
4. Find the version you wish to publish and review the details
5. Click `Close` in the top bar menu
6. If Sonatype's automated checks are happy that the artifact meets the
[requirements](https://central.sonatype.org/publish/requirements/) you should be able to click `Release` in the top bar
menu
7. Once the artifact has been uploaded to Maven Central, you will need to create a release on GitHub:
7.1. Under Releases, click on Draft New Release
7.2. The title of the release should be the tag (eg. 1.0.0)
7.3. In the release notes, include a link to the uploaded artifact on Maven Central, and list all PRs that have been merged since the last release

Once the artifact has been uploaded to bintray, you will need to create a release on GitHub:
* Under Releases, click on Draft New Release
* Select the tag created by the Gradle release task (eg. 1.0.0)
* The title of the release should be the tag (eg. 1.0.0)
* In the release notes, include a link to the uploaded artifact on bintray, and list all PRs that have been merged since the last release

Don't forget to publish the artifact on bintray!
More info on the above steps can be found here https://central.sonatype.org/publish/release/.
103 changes: 80 additions & 23 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@ plugins {
id 'java-library'
id 'idea'
id 'maven-publish'
id 'com.jfrog.bintray' version '1.8.4'
id 'maven'
id 'signing'
id 'pl.allegro.tech.build.axion-release' version '1.10.0'
id 'com.github.johnrengelman.shadow' version '5.0.0'
}
Expand All @@ -21,29 +22,11 @@ java {
targetCompatibility = JavaVersion.VERSION_1_8
}

if (!project.hasProperty('openSourceRepoUser')) {
ext.openSourceRepoUser = 'dummy'
if (!project.hasProperty('ossrhUsername')) {
ext.ossrhUsername = 'dummy'
}
if (!project.hasProperty('openSourceRepoPass')) {
ext.openSourceRepoPass = 'dummy'
}

bintray {
user = project.property('openSourceRepoUser')
key = project.property('openSourceRepoPass')
publications = ['artifacts', 'shadow']
pkg {
userOrg = 'sky-uk'
repo = 'oss-maven'
name = project.name
licenses = ['BSD 3-Clause']
vcsUrl = 'https://github.com/sky-uk/cqlmigrate.git'
version {
name = scmVersion.version
released = new Date()
vcsTag = scmVersion.version
}
}
if (!project.hasProperty('ossrhPassword')) {
ext.ossrhPassword = 'dummy'
}

shadowJar {
Expand Down Expand Up @@ -187,3 +170,77 @@ publishing {
}
}

artifacts {
archives javadocJar, sourcesJar, shadowJar
}

tasks.withType(Sign) {
onlyIf { gradle.taskGraph.hasTask(":uploadArchives") }
}

signing {
sign configurations.archives
}

uploadArchives {
repositories {
mavenDeployer {
beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }

repository(url: "https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/") {
authentication(userName: ossrhUsername, password: ossrhPassword)
}

snapshotRepository(url: "https://s01.oss.sonatype.org/content/repositories/snapshots/") {
authentication(userName: ossrhUsername, password: ossrhPassword)
}

pom.project {
name 'cqlmigrate'
packaging 'jar'
description 'cqlmigrate is a library for performing schema migrations on a cassandra cluster'
url 'https://github.com/sky-uk/cqlmigrate'

scm {
connection 'scm:git:git@github.com:sky-uk/cqlmigrate.git'
developerConnection 'scm:git:git@github.com:sky-uk/cqlmigrate.git'
url 'https://github.com/sky-uk/cqlmigrate.git'
}

licenses {
license {
name 'BSD 3-clause "New" or "Revised" license'
url 'https://opensource.org/licenses/BSD-3-Clause'
}
}

developers {
developer {
id 'adamdougal'
name 'Adam Dougal'
}
developer {
id 'chuckydev'
name 'Charlie McNeill'
}
developer {
id 'tjuszczyk'
name 'Tomasz Juszczyk'
}
developer {
id 'michaelmcfadyensky'
name 'Michael McFadyen'
}
developer {
id 'davidh87'
name 'David Heath'
}
developer {
id 'alangibson01'
name 'Alan Gibson'
}
}
}
}
}
}

0 comments on commit 5e2cada

Please sign in to comment.