Skip to content

Latest commit

 

History

History
86 lines (78 loc) · 3.09 KB

RELEASING.md

File metadata and controls

86 lines (78 loc) · 3.09 KB

How To Release

Due to Maven Central's very particular requirements, the release process is a bit elaborate and requires a good deal of local configuration. This guide should walk you through it. It won't do anyone outside of KeepSafe any good, but the workflow is representative of just about any project deploying via Sonatype.

We currently deploy to both Maven Central (via Sonatype's OSS Nexus instance) and to plugins.gradle.org.

Prerequisites

  1. A published GPG code-signing key
  2. A Sonatype Nexus OSS account with permission to publish in com.getkeepsafe
  3. A plugins.gradle.org account with permission to publish in com.getkeepsafe
  4. Permission to push directly to https://github.com/KeepSafe/dexcount-gradle-plugin

Setup

  1. Add your GPG key to your github profile - this is required for github to know that your commits and tags are "verified".
  2. Configure your code-signing key in ~/.gradle.properties:
    signing.keyId=<key ID of your GPG signing key>
    signing.password=<your key's passphrase>
    signing.secretKeyRingFile=/path/to/your/secring.gpg
  3. Configure your Sonatype credentials in ~/.gradle.properties:
    SONATYPE_NEXUS_USERNAME=<nexus username>
    SONATYPE_NEXUS_PASSWORD=<nexus password>
  4. Configure git with your codesigning key; make sure it's the same as the one you use to sign binaries (i.e. it's the same one you added to gradle.properties):
    # Do this for the dexcount repo only
    git config user.email "[email protected]"
    git config user.signingKey "your-key-id"
  5. Add your plugins.gradle.org credentials to ~/.gradle/gradle.properties:
    gradle.publish.key=<the key>
    gradle.publish.secret=<the secret>

Pushing a build

  1. Edit gradle.properties, remove '-SNAPSHOT' from the VERSION property
  2. Edit readme so that Gradle examples point to the new version
  3. Edit changelog, add relevant changes, note the date and new version (follow the existing pattern)
  4. Verify that the everything works:
    ./gradlew clean check
  5. Make a signed commit:
    git commit -S -m "Release version X.Y.Z"
  6. Make a signed tag ()check existing tags for message format):
    git tag -s -a X.Y.Z
  7. Upload binaries to Sonatype:
    ./gradlew uploadArchives
  8. Go to oss.sonatype.org, log in with your credentials
  9. Click "Staging Repositories"
  10. Find the "comgetkeepsafe" repo, usually at the bottom of the list
  11. "Close" the repository (select it then click the "close" button up top), the text field doesn't matter so put whatever you want in it
  12. Wait until that's done
  13. "Release" the repository, leave the checkbox checked. Hooray, we're in Maven Central now!
  14. Upload binaries to Gradle's plugin portal:
    ./gradlew publishPlugins
  15. Edit gradle.properties, bump the version number and add '-SNAPSHOT'
  16. Make a signed commit:
    git commit -S -m "Prepare next development version"
  17. Push all of our work to Github to make it official:
    git push --tags origin master