Setup Sonatype publishing
All checks were successful
Build & Release / release-library (push) Successful in 2m8s
All checks were successful
Build & Release / release-library (push) Successful in 2m8s
This commit is contained in:
232
publish.gradle
Normal file
232
publish.gradle
Normal file
@@ -0,0 +1,232 @@
|
||||
/**
|
||||
Copyright (c) 2024 John Ahlroos
|
||||
|
||||
Creative Commons Attribution-NoDerivatives 4.0 International Public License
|
||||
|
||||
By exercising the Licensed Rights (defined below), You accept and agree
|
||||
to be bound by the terms and conditions of this Creative Commons
|
||||
Attribution-NoDerivatives 4.0 International Public License ("Public
|
||||
License"). To the extent this Public License may be interpreted as a
|
||||
contract, You are granted the Licensed Rights in consideration of Your
|
||||
acceptance of these terms and conditions, and the Licensor grants You
|
||||
such rights in consideration of benefits the Licensor receives from
|
||||
making the Licensed Material available under these terms and
|
||||
conditions.
|
||||
|
||||
Refer to LICENSE file or https://creativecommons.org/licenses/by-nd/4.0 for full license.
|
||||
*/
|
||||
import com.google.common.hash.HashCode
|
||||
import com.google.common.hash.Hashing
|
||||
import com.google.common.io.Files
|
||||
import java.nio.charset.StandardCharsets
|
||||
|
||||
buildscript {
|
||||
repositories {
|
||||
mavenCentral()
|
||||
}
|
||||
dependencies {
|
||||
classpath 'com.google.guava:guava:33.3.1-jre'
|
||||
}
|
||||
}
|
||||
|
||||
ext {
|
||||
hasSignatureKey = findProperty("DEVSOAP_GPG_KEY_BASE64") != null
|
||||
sonatypeToken = findProperty("SONATYPE_TOKEN") as String
|
||||
signingKeyBase64 = (findProperty("DEVSOAP_GPG_KEY_BASE64") as String)?.getBytes(StandardCharsets.UTF_8)
|
||||
signingKey = hasSignatureKey ? new String(Base64.decoder.decode(signingKeyBase64)) : ""
|
||||
signingPassword = hasSignatureKey ? findProperty("DEVSOAP_GPG_PASSWORD") : ""
|
||||
}
|
||||
|
||||
signing {
|
||||
if (hasSignatureKey) {
|
||||
useInMemoryPgpKeys(signingKey, signingPassword)
|
||||
}
|
||||
}
|
||||
|
||||
publishing {
|
||||
publications {
|
||||
mavenJava(MavenPublication) {
|
||||
from components.java
|
||||
pom {
|
||||
groupId = 'com.devsoap'
|
||||
name = 'assertj-json'
|
||||
description = 'Fluent JSON API for AssertJ'
|
||||
url = 'https://code.devsoap.com/john/assertj-json'
|
||||
|
||||
licenses {
|
||||
license {
|
||||
name = 'CC BY-ND 4.0'
|
||||
url = 'https://creativecommons.org/licenses/by-nd/4.0/'
|
||||
}
|
||||
}
|
||||
|
||||
scm {
|
||||
url = 'https://code.devsoap.com/john/assertj-json'
|
||||
connection = 'scm:git://code.devsoap.com/john/assertj-json.git'
|
||||
developerConnection = 'scm:git://code.devsoap.com/john/assertj-json.git'
|
||||
}
|
||||
|
||||
developers {
|
||||
developer {
|
||||
id = 'john'
|
||||
name = 'John Ahlroos'
|
||||
email = 'john@devsoap.com'
|
||||
organizationUrl = 'https://devsoap.com'
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates a ZIP archive compatible for uploading to Sonatype Maven Portal
|
||||
*/
|
||||
tasks.register('generateMavenCentralBundle', Zip) {
|
||||
group 'publishing'
|
||||
dependsOn tasks.withType(Sign)
|
||||
|
||||
def workdir = "${project.group.replace('.', '/')}/${project.name}/$version"
|
||||
|
||||
from jar.outputs.files into workdir
|
||||
from javadocJar.outputs.files into workdir
|
||||
from sourcesJar.outputs.files into workdir
|
||||
|
||||
from generateChecksumsMd5.outputs.files into workdir
|
||||
from generateChecksumsSha256.outputs.files into workdir
|
||||
from generateChecksumsSha1.outputs.files into workdir
|
||||
|
||||
from (generatePomFileForMavenJavaPublication.outputs.files) {
|
||||
include "pom-default.xml"
|
||||
rename { "${project.name}-${project.version}.pom"}
|
||||
}
|
||||
|
||||
if (hasSignatureKey) {
|
||||
from (signFiles.outputs.files) {
|
||||
exclude "pom-default.xml.asc"
|
||||
}
|
||||
from (signFiles.outputs.files) {
|
||||
include "pom-default.xml.asc"
|
||||
rename { "${project.name}-${project.version}.pom.asc"}
|
||||
}
|
||||
}
|
||||
|
||||
archiveBaseName = "maven-central-bundle"
|
||||
destinationDirectory = layout.buildDirectory.dir('sonatype')
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates MD5 checksums for all artifacts
|
||||
*/
|
||||
tasks.register('generateChecksumsMd5') {
|
||||
group 'signatures'
|
||||
Provider<Directory> outputDir
|
||||
def function = Hashing.md5()
|
||||
def algorithm = 'md5'
|
||||
configure {
|
||||
inputs.files jar.outputs.files
|
||||
inputs.files sourcesJar.outputs.files
|
||||
inputs.files javadocJar.outputs.files
|
||||
inputs.files generatePomFileForMavenJavaPublication.outputs.files
|
||||
outputs.dir(outputDir = layout.buildDirectory.dir("sonatype/checksums/${algorithm}"))
|
||||
}
|
||||
doLast {
|
||||
inputs.files.forEach {file ->
|
||||
def filename = file.name.startsWith("pom-default") ? "${project.name}-${project.version}.pom" : file.name
|
||||
HashCode hashCode = Files.asByteSource(file).hash(function)
|
||||
Files.write(hashCode.toString().getBytes(StandardCharsets.UTF_8), new File(outputDir.get().asFile, "${filename}.${algorithm}"))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates SHA1 checksums for all artifacts
|
||||
*/
|
||||
tasks.register('generateChecksumsSha1') {
|
||||
group 'signatures'
|
||||
Provider<Directory> outputDir
|
||||
def function = Hashing.sha1()
|
||||
def algorithm = 'sha1'
|
||||
configure {
|
||||
inputs.files jar.outputs.files
|
||||
inputs.files sourcesJar.outputs.files
|
||||
inputs.files javadocJar.outputs.files
|
||||
inputs.files generatePomFileForMavenJavaPublication.outputs.files
|
||||
outputs.dir(outputDir = layout.buildDirectory.dir("sonatype/checksums/${algorithm}"))
|
||||
}
|
||||
doLast {
|
||||
inputs.files.forEach {file ->
|
||||
def filename = file.name.startsWith("pom-default") ? "${project.name}-${project.version}.pom" : file.name
|
||||
HashCode hashCode = Files.asByteSource(file).hash(function)
|
||||
Files.write(hashCode.toString().getBytes(StandardCharsets.UTF_8), new File(outputDir.get().asFile, "${filename}.${algorithm}"))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Creates SHA256 checksums for all artifacts
|
||||
*/
|
||||
tasks.register('generateChecksumsSha256') {
|
||||
group 'signatures'
|
||||
Provider<Directory> outputDir
|
||||
def function = Hashing.sha256()
|
||||
def algorithm = 'sha256'
|
||||
configure {
|
||||
inputs.files jar.outputs.files
|
||||
inputs.files sourcesJar.outputs.files
|
||||
inputs.files javadocJar.outputs.files
|
||||
inputs.files generatePomFileForMavenJavaPublication.outputs.files
|
||||
outputs.dir(outputDir = layout.buildDirectory.dir("sonatype/checksums/${algorithm}"))
|
||||
}
|
||||
doLast {
|
||||
inputs.files.forEach {file ->
|
||||
def filename = file.name.startsWith("pom-default") ? "${project.name}-${project.version}.pom" : file.name
|
||||
HashCode hashCode = Files.asByteSource(file).hash(function)
|
||||
Files.write(hashCode.toString().getBytes(StandardCharsets.UTF_8), new File(outputDir.get().asFile, "${filename}.${algorithm}"))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Uploads the ZIP bundle to Maven Central via the Maven Central Portal API
|
||||
*/
|
||||
tasks.register('publishToMavenCentral', Exec) {
|
||||
group 'publishing'
|
||||
dependsOn(generateMavenCentralBundle)
|
||||
executable "curl"
|
||||
standardOutput = new ByteArrayOutputStream()
|
||||
doFirst {
|
||||
args = [
|
||||
"--request", "POST",
|
||||
"--header", "Authorization: Bearer $sonatypeToken",
|
||||
"--form", "bundle=@${generateMavenCentralBundle.outputs.files.first()}",
|
||||
"https://central.sonatype.com/api/v1/publisher/upload?name=${project.group}.${project.name}:${project.version}&publishingType=USER_MANAGED"
|
||||
]
|
||||
}
|
||||
doLast {
|
||||
println standardOutput.toString()
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Generates GPG signatures for all files
|
||||
*/
|
||||
tasks.register('signFiles', Sign) {
|
||||
group 'signatures'
|
||||
dependsOn jar, sourcesJar, javadocJar, generatePomFileForMavenJavaPublication
|
||||
inputs.file project.file('build/publications/mavenJava/pom-default.xml')
|
||||
inputs.files jar.outputs.files.singleFile, sourcesJar.outputs.files.singleFile, javadocJar.outputs.files.singleFile
|
||||
inputs.files.each {sign it }
|
||||
}
|
||||
|
||||
/**
|
||||
* Remove extra Version field in GPG signatures generated by GNU GPG
|
||||
*/
|
||||
tasks.withType(Sign).configureEach {
|
||||
onlyIf { hasSignatureKey }
|
||||
doLast {
|
||||
signatureFiles.each {file ->
|
||||
file.text = file.readLines().findAll { !it.startsWith("Version")}.join("\n")
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user