Jump to: navigation, search

Difference between revisions of "RAP/Maven Central"

< RAP
(New page: == Contributing RAP Bundles to Maven Central Repository == The Sonatype OSSRH (OSS Repository Hosting Service) provides a Maven repository hosting service for open source projects and can...)
 
(6 intermediate revisions by the same user not shown)
Line 4: Line 4:
 
[https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide This guide] explains the steps to do so.
 
[https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide This guide] explains the steps to do so.
  
The person who uploads bundles has to have a Sonatype user account.
+
Note that a configuration for org.eclipse.rap has already been created, see [https://issues.sonatype.org/browse/OSSRH-3818 OSSRH-3818], so there is no need to open a JIRA ticket anymore, unless to request publish rights for additional committers. Currently, Beyhan Veliev, Ralf Sternberg and Markus Knauer have publish rights.
  
A configuration for org.eclipse.rap has already been created, see [https://issues.sonatype.org/browse/OSSRH-3818 OSSRH-3818], so there is no need to open a JIRA ticket anymore, unless to request publish rights for additional committers.
+
== Preconditions ==
  
== Signing ==
+
=== Sonatype account ===
 +
 
 +
The person who uploads bundles has to have a Sonatype user account.
 +
The userid and password has to be in the Maven settings.xml file as described in the guide mentioned above.
 +
See also the [http://maven.apache.org/settings.html Maven settings reference].
 +
 
 +
=== Signing key ===
  
 
Jars have to be signed using PGP, this is different from the jarsigner signatures by Eclipse.
 
Jars have to be signed using PGP, this is different from the jarsigner signatures by Eclipse.
Thus, the person who signs and uploads the bundles has to create a PGP key.
+
Thus, the person who signs and uploads the bundles has to create a PGP key and upload it to a key server.
 
This process is explained in [https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven this tutorial].
 
This process is explained in [https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven this tutorial].
  
The userid and passord has to be in the Maven settings.xml file as described in the guide mentioned above. See also the [http://maven.apache.org/settings.html Maven settings reference].
+
== Preparation ==
  
== Which bundles? ==
+
=== Collecting bundles ===
  
 +
Create a directory and copy the release (or milestone) versions of the bundles, including source bundles.
 
For RAP 1.5, we upload these three bundles:
 
For RAP 1.5, we upload these three bundles:
  
Line 24: Line 31:
 
* org.eclipse.rap.jface
 
* org.eclipse.rap.jface
  
== Preparation ==
+
=== POM files ===
  
* Copy the release versions of the bundles, including source bundles.
+
For every bundle (except the source bundles), create a pom file with the same name as the jar file, replacing the extension .jar against .pom.
* Create a POM file for every bundle (not for the source bundles). The pom files should have the same name as the jar file, but with the extension .pom instead of .jar.
+
The pom files from the last published version may serve as a template.
  
== Signing and uploading ==
+
==== Version Numbers ====
  
The following shell script can be used for uploading:
+
Instead of reproducing our build qualifiers, we agreed to use only the human-readable version number in maven. For example, 1.5.0 for a release, or 2.0.0-M1 for a milestone, etc. These numbers go into the version element in the pom files.
 +
 
 +
==== Dependencies ====
 +
 
 +
The dependencies have no meaning at deployment time, so I'm not sure if these elements are needed at all.
 +
 
 +
== Uploading to a staging repository ==
 +
 
 +
When everything looks good, the following shell script can be used to sign and upload the artifacts to a staging repository:
 
  #!/bin/bash
 
  #!/bin/bash
 
   
 
   
Line 45: Line 60:
 
     -DpomFile=${id}_${version}.pom -Dfile=${id}.source_${version}.jar -Dclassifier=sources  
 
     -DpomFile=${id}_${version}.pom -Dfile=${id}.source_${version}.jar -Dclassifier=sources  
 
  done
 
  done
 +
 +
echo "Done. Now go to https://oss.sonatype.org/ -> Staging Repositories, and close the new repository."
 +
 +
When all files are uploaded, the staging repository have to be ''closed'' in the web interface.
 +
The staging repository can then be checked.
 +
 +
== Publishing ==
 +
 +
When everything is good to go, press ''Release''.
 +
The artifacts will be copied into the Release repository, which is automatically synced to Maven Central every few hours.
 +
Note that '''once published we cannot modify or delete artifacts from Maven Central'''!
 +
 +
[[Category:RAP]]

Revision as of 16:10, 12 July 2012

Contributing RAP Bundles to Maven Central Repository

The Sonatype OSSRH (OSS Repository Hosting Service) provides a Maven repository hosting service for open source projects and can be used to distribute artifacts to the Maven Central Repository. This guide explains the steps to do so.

Note that a configuration for org.eclipse.rap has already been created, see OSSRH-3818, so there is no need to open a JIRA ticket anymore, unless to request publish rights for additional committers. Currently, Beyhan Veliev, Ralf Sternberg and Markus Knauer have publish rights.

Preconditions

Sonatype account

The person who uploads bundles has to have a Sonatype user account. The userid and password has to be in the Maven settings.xml file as described in the guide mentioned above. See also the Maven settings reference.

Signing key

Jars have to be signed using PGP, this is different from the jarsigner signatures by Eclipse. Thus, the person who signs and uploads the bundles has to create a PGP key and upload it to a key server. This process is explained in this tutorial.

Preparation

Collecting bundles

Create a directory and copy the release (or milestone) versions of the bundles, including source bundles. For RAP 1.5, we upload these three bundles:

  • org.eclipse.rap.rwt
  • org.eclipse.rap.rwt.osgi
  • org.eclipse.rap.jface

POM files

For every bundle (except the source bundles), create a pom file with the same name as the jar file, replacing the extension .jar against .pom. The pom files from the last published version may serve as a template.

Version Numbers

Instead of reproducing our build qualifiers, we agreed to use only the human-readable version number in maven. For example, 1.5.0 for a release, or 2.0.0-M1 for a milestone, etc. These numbers go into the version element in the pom files.

Dependencies

The dependencies have no meaning at deployment time, so I'm not sure if these elements are needed at all.

Uploading to a staging repository

When everything looks good, the following shell script can be used to sign and upload the artifacts to a staging repository:

#!/bin/bash

URL=https://oss.sonatype.org/service/local/staging/deploy/maven2/
REPO=sonatype-nexus-staging

version=1.5.0.20120612-1458

for id in org.eclipse.rap.rwt org.eclipse.rap.rwt.osgi org.eclipse.rap.jface; do
  mvn gpg:sign-and-deploy-file -Durl=${URL} -DrepositoryId=${REPO} \
    -DpomFile=${id}_${version}.pom -Dfile=${id}_${version}.jar 
  mvn gpg:sign-and-deploy-file -Durl=${URL} -DrepositoryId=${REPO} \
    -DpomFile=${id}_${version}.pom -Dfile=${id}.source_${version}.jar -Dclassifier=sources 
done

echo "Done. Now go to https://oss.sonatype.org/ -> Staging Repositories, and close the new repository."

When all files are uploaded, the staging repository have to be closed in the web interface. The staging repository can then be checked.

Publishing

When everything is good to go, press Release. The artifacts will be copied into the Release repository, which is automatically synced to Maven Central every few hours. Note that once published we cannot modify or delete artifacts from Maven Central!