davidjlynn
commented
1 year ago @yoheimuta let me know your thoughts on publishing this to Maven. A few accounts needed to publish, but is working quite well in protoc-gen-doc. Thanks
Closed davidjlynn closed 1 year ago
davidjlynn
commented
1 year ago @yoheimuta let me know your thoughts on publishing this to Maven. A few accounts needed to publish, but is working quite well in protoc-gen-doc. Thanks
yoheimuta
commented
1 year ago Thank you for your contribution! I just created a new project ticket for a start: https://issues.sonatype.org/browse/OSSRH-91014.
yoheimuta
commented
1 year ago I've done the following manual instruction:
Once a release is done, the aritfacts will appear in the staging repository here: https://s01.oss.sonatype.org/#stagingRepositories
This staging repository can be "closed" which will execute the checks.
If all checks pass (they have in my experiments) the "Release" workflow will become available.
Failed with the output like No public key: Key with id: (be36ba0dfd777453) was not able to be located on <a href="http://keyserver.ubuntu.com:11371/">http://keyserver.ubuntu.com:11371/</a>. Upload your public key and try the operation again.:
yoheimuta
commented
1 year ago @davidjlynn Do you have any idea why the above failure occurred during the signing process?
davidjlynn
commented
1 year ago Hi @yoheimuta Hopefully will be quite easy to solve. You have to upload your public key to ubuntu key server, this will allow other to identify if the files have been signed using your private key. There are instructions here from Maven Central: https://central.sonatype.org/publish/requirements/gpg/#distributing-your-public-key And here is a stack overflow with a summary: https://askubuntu.com/a/220188 Note that this is a one off process for uploading your public key, you do not need to do this every version upload.
yoheimuta
commented
1 year ago Hi @davidjlynn 👋 Thank you for the instruction!
We finally released the protoc-gen-protolint here: https://central.sonatype.com/artifact/io.github.yoheimuta/protoc-gen-protolint/0.43.2
This PR aims to give a method of publishing protoc-gen-protolint to maven central. This aims to address issue https://github.com/yoheimuta/protolint/issues/328.
Prerequisite
A maven central account is required, and this will have to be added to the repositories secrets, under these variables:
This guide can be used to apply for an account: https://central.sonatype.org/publish/publish-guide/#introduction I have previously done this for testing, and here is an example of the issue I opened: https://issues.sonatype.org/browse/OSSRH-50791
Also signing is done by GPG and requires 2 new secrets to be provided:
If a GPG key does not already exist, this guide can be followed: https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key The value needed for the GPG_SIGNING_KEY secret can be found by:
Implementation
I have used Gradle to publish to Maven, this allowed me to directly upload the artifacts which have been created in other build steps. I attempted to use Maven directly but Maven seemed to want to be more in charge of building and was not allowing the easy output of non-java libraries.
I have added some new steps to github actions which should publish the artifacts after they have been built.
Usage
With these changes, it should be possible to easily integrate this plugin in projects using google plugins, for example in the gradle plugin. I have included an example of the use in Gradle in the repository.
Notes
This is very hard to test as this is folded largely into the release and build process. These changes work in protoc-gen-doc, and I have done a best attempt at adapting these here to publish this repository. This is due particularly for the need for setup for the release process, and without access to the secrets it is hard to recreate this process in a fork.
Extra steps which would be needed in the release process
Once a release is done, the aritfacts will appear in the staging repository here: https://s01.oss.sonatype.org/#stagingRepositories This staging repository can be "closed" which will execute the checks. If all checks pass (they have in my experiments) the "Release" workflow will become available.
I have put these instructions in the CONTRIBUTING file.