Skip to content

Commit

Permalink
Documentation updates
Browse files Browse the repository at this point in the history
  • Loading branch information
danielflower committed Dec 22, 2024
1 parent 3a25461 commit 5fa0e4a
Show file tree
Hide file tree
Showing 2 changed files with 31 additions and 35 deletions.
7 changes: 6 additions & 1 deletion src/site/markdown/changelog.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,12 @@
Changelog
---------

### 3.7.x
### 3.7.8

* Fixed null pointer exception when getting location of certain dependencies.
See [pull request 147](https://github.com/danielflower/multi-module-maven-release-plugin/pull/147)

### 3.7.7

* No functional changes. Upgraded dependencies.

Expand Down
59 changes: 25 additions & 34 deletions src/site/markdown/deploy-to-ossrh.md.vm
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ Deploying to OSSRH from GitHub Actions
--------------------------------------

This page explains how to publish to <https://oss.sonatype.org> (a.k.a. OSSRH) from GitHub Actions, assuming you already
can release to their manually. See their [Getting Started Guide](https://central.sonatype.org/publish/publish-guide/) if you do not
have an account already.
can release to there manually. See their [Getting Started Guide](https://central.sonatype.org/publish/publish-guide/) if
you do not have an account already.

In order to publish directly to OSSRH from GitHub Actions, you will need OSSRH credentials, a PGP key for signing
artifacts, and the correct plugins set up.
artifacts, and the correct plugins configured.

$H$H$H Plugin setup

Expand All @@ -33,8 +33,7 @@ a release.
</build>

The release profile can just have the `maven-gpg-plugin` (used to sign all the generated artifacts) and the
`nexus-staging-maven-plugin`. Note that both plugins will use secrets that are saved in `~/.m2/settings.xml` which
is created in the `release.yaml` file described below.
`nexus-staging-maven-plugin`. Note that both plugins will use secrets that will be managed by GitHub Actions.

<profiles>
<profile>
Expand All @@ -44,19 +43,16 @@ is created in the `release.yaml` file described below.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<configuration>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
<configuration>
<signer>bc</signer>
</configuration>
</execution>
</executions>
</plugin>
Expand All @@ -66,7 +62,7 @@ is created in the `release.yaml` file described below.
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://oss.sonatype.org/</nexusUrl>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
Expand All @@ -75,6 +71,8 @@ is created in the `release.yaml` file described below.
</profile>
</profiles>

*Note:* check the `nexusUrl` configuration value is correct for your project.

You'll also need to enable the `maven-javadoc-plugin` and `maven-sources-plugin` as per OSSRH requirements. You can
put these in your `release` profile or normal `build` section.

Expand All @@ -84,8 +82,8 @@ Add the following secrets to your repository or organisation:

* **OSSRH_USERNAME** - the username you use to log in to OSS Nexus
* **OSSRH_TOKEN** - the password for your OSSRH user
* **OSSRH_GPG_SECRET_KEY** - your GPG key as described [here](https://gist.github.com/sualeh/ae78dc16123899d7942bc38baba5203c).
* **OSSRH_GPG_SECRET_KEY_PASSWORD** - the password for your GPG key
* **GPG_SECRET_KEY** - your GPG key as described [here](https://gist.github.com/sualeh/ae78dc16123899d7942bc38baba5203c).
* **GPG_SECRET_KEY_PASSPHRASE** - the password for your GPG key

$H$H$H Set your SCM plugin URLs to use HTTPS

Expand All @@ -99,7 +97,7 @@ Make sure HTTPS is used in your `scm` section as SSH URLs will not work during t
$H$H$H Create a release workflow

Create a file in your git repository at `.github/workflows/release.yaml` which has the following contents which will
first test and verify your package using Java 11, and then release to OSSRH:
first test and verify your package using Java 21, and then release to OSSRH:

```yaml
name: Publish to Maven Central Repository
Expand All @@ -109,33 +107,26 @@ jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Install gpg secret key
run: cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import
- name: Set up Maven Central Repository
uses: actions/setup-java@v3
uses: actions/setup-java@v4
with:
java-version: '11'
java-version: '21'
distribution: 'temurin'
- name: Set up maven settings
uses: s4u/[email protected]
with:
servers: |
[{
"id": "ossrh",
"username": "${{ secrets.OSSRH_USERNAME }}",
"password": "${{ secrets.OSSRH_TOKEN }}"
},
{
"id": "gpg.passphrase",
"passphrase": "${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}",
"configuration": {}
}]
cache: 'maven'
server-id: ossrh
server-username: OSSRH_USERNAME
server-password: OSSRH_TOKEN
- name: Verify package
run: mvn --batch-mode verify
- name: Release package
env:
OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }}
MAVEN_GPG_KEY: ${{ secrets.GPG_SECRET_KEY }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_SECRET_KEY_PASSPHRASE }}
run: mvn --batch-mode -DskipTests=true releaser:release
```

Expand Down

0 comments on commit 5fa0e4a

Please sign in to comment.