diff --git a/src/site/markdown/changelog.md b/src/site/markdown/changelog.md index 32c92168..d2e4de06 100644 --- a/src/site/markdown/changelog.md +++ b/src/site/markdown/changelog.md @@ -1,7 +1,12 @@ Changelog --------- -### 3.7.x +### 3.7.8 + +* Fixed null pointer exception when getting location of certain dependencies. + See [pull request 147](https://github.com/danielflower/multi-module-maven-release-plugin/pull/147) + +### 3.7.7 * No functional changes. Upgraded dependencies. diff --git a/src/site/markdown/deploy-to-ossrh.md.vm b/src/site/markdown/deploy-to-ossrh.md.vm index c428e385..e815d3bc 100644 --- a/src/site/markdown/deploy-to-ossrh.md.vm +++ b/src/site/markdown/deploy-to-ossrh.md.vm @@ -5,11 +5,11 @@ Deploying to OSSRH from GitHub Actions -------------------------------------- This page explains how to publish to (a.k.a. OSSRH) from GitHub Actions, assuming you already -can release to their manually. See their [Getting Started Guide](https://central.sonatype.org/publish/publish-guide/) if you do not -have an account already. +can release to there manually. See their [Getting Started Guide](https://central.sonatype.org/publish/publish-guide/) if +you do not have an account already. In order to publish directly to OSSRH from GitHub Actions, you will need OSSRH credentials, a PGP key for signing -artifacts, and the correct plugins set up. +artifacts, and the correct plugins configured. $H$H$H Plugin setup @@ -33,8 +33,7 @@ a release. The release profile can just have the `maven-gpg-plugin` (used to sign all the generated artifacts) and the -`nexus-staging-maven-plugin`. Note that both plugins will use secrets that are saved in `~/.m2/settings.xml` which -is created in the `release.yaml` file described below. +`nexus-staging-maven-plugin`. Note that both plugins will use secrets that will be managed by GitHub Actions. @@ -44,12 +43,6 @@ is created in the `release.yaml` file described below. org.apache.maven.plugins maven-gpg-plugin - - - --pinentry-mode - loopback - - sign-artifacts @@ -57,6 +50,9 @@ is created in the `release.yaml` file described below. sign + + bc + @@ -66,7 +62,7 @@ is created in the `release.yaml` file described below. true ossrh - https://oss.sonatype.org/ + https://s01.oss.sonatype.org/ true @@ -75,6 +71,8 @@ is created in the `release.yaml` file described below. +*Note:* check the `nexusUrl` configuration value is correct for your project. + You'll also need to enable the `maven-javadoc-plugin` and `maven-sources-plugin` as per OSSRH requirements. You can put these in your `release` profile or normal `build` section. @@ -84,8 +82,8 @@ Add the following secrets to your repository or organisation: * **OSSRH_USERNAME** - the username you use to log in to OSS Nexus * **OSSRH_TOKEN** - the password for your OSSRH user -* **OSSRH_GPG_SECRET_KEY** - your GPG key as described [here](https://gist.github.com/sualeh/ae78dc16123899d7942bc38baba5203c). -* **OSSRH_GPG_SECRET_KEY_PASSWORD** - the password for your GPG key +* **GPG_SECRET_KEY** - your GPG key as described [here](https://gist.github.com/sualeh/ae78dc16123899d7942bc38baba5203c). +* **GPG_SECRET_KEY_PASSPHRASE** - the password for your GPG key $H$H$H Set your SCM plugin URLs to use HTTPS @@ -99,7 +97,7 @@ Make sure HTTPS is used in your `scm` section as SSH URLs will not work during t $H$H$H Create a release workflow Create a file in your git repository at `.github/workflows/release.yaml` which has the following contents which will -first test and verify your package using Java 11, and then release to OSSRH: +first test and verify your package using Java 21, and then release to OSSRH: ```yaml name: Publish to Maven Central Repository @@ -109,33 +107,26 @@ jobs: publish: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Install gpg secret key - run: cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import - name: Set up Maven Central Repository - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: - java-version: '11' + java-version: '21' distribution: 'temurin' - - name: Set up maven settings - uses: s4u/maven-settings-action@v2.8.0 - with: - servers: | - [{ - "id": "ossrh", - "username": "${{ secrets.OSSRH_USERNAME }}", - "password": "${{ secrets.OSSRH_TOKEN }}" - }, - { - "id": "gpg.passphrase", - "passphrase": "${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }}", - "configuration": {} - }] + cache: 'maven' + server-id: ossrh + server-username: OSSRH_USERNAME + server-password: OSSRH_TOKEN - name: Verify package run: mvn --batch-mode verify - name: Release package + env: + OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} + OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} + MAVEN_GPG_KEY: ${{ secrets.GPG_SECRET_KEY }} + MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_SECRET_KEY_PASSPHRASE }} run: mvn --batch-mode -DskipTests=true releaser:release ```