Closed charlesverdad closed 2 years ago
Thanks for reporting @charlesverdad we'll add this to the roadmap and try and get it addressed soon!
Publishing to Maven Central is the best way to go, but it's also a PITA filled with credentials and keys. Beware. I suggest doing it via Gradle called as part of a Github action.
Someone in the core team will have to provision the group id via Sonatype:
A GPG key to sign the artifacts will have to be created, then made available as GH Secrets. It'd go something like this:
gpg --gen-key
to create a key. Create a GH Secret called ORG_GRADLE_PROJECT_SIGNINGPASSWORD and put the passphrase used in this command as the value.gpg --list-key
to find key id. Create a GH Secret called ORG_GRADLE_PROJECT_SIGNINGKEYID to this key. Let's call it ABCDEFG for now.gpg --export-secret-keys --armor ABCDEFG | perl -p -e 's/\n/\\n/'
and use it's value for the last GH Secret called ORG_GRADLE_PROJECT_SIGNINGKEYThen Gradle needs to be updated to be able to properly create a javadoc jar, a sources jar, a proper pom files and sign it all via a GPG key. I created a dummy project to show how how this would be done: https://github.com/quidryan/euler/blob/main/build.gradle
I can make a PR to this repo, once all the GH Secrets are created with the necessary changes.
Then we would create a some GH Actions to do the release (./gradlew final publishToSonatype closeAndReleaseSonatypeStagingRepository
). We could probably use some Actions to some CI builds too. I'll start to model what the release action would look like, while the Nexus coordinate is provisioned.
I can optionally create all the keys and accounts, then save them hand them off to the pyroscope-io team and pretend I never saw them. I'm also available to pair via video on this while some from the pyroscope-io team performs the operations.
This is complete: Docs Maven repo
It would be great if the Pyroscope java agent is published in the maven repo.
It took a while to figure out how I can create a workaround and download the pyroscope.jar file from github and into our complicated build scripts. If Pyroscope-java is in maven then I can just add it to our list of dependencies and I don't have to worry about modifying our build pipeline.
I'm sure this feature would help others quickly adopt / try out pyroscope too.