Versions Compared

Old Version 4

changes.mady.by.user Jarek Gawor

Saved on

compared with

New Version 5

changes.mady.by.user Jarek Gawor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Download gnupg2
  • Generate your PGP Key (refer: http://www.apache.org/dev/openpgp.html) so that maven-release-plugin can sign your built artifacts when do release:perform
    • How To Avoid SHA-1
    • How To Generate a Strong Key
  • Update Maven's settings.xml with following:
    Code Block
    xml
    xml
    <settings>
  ...
  <profiles>
    <profile>
      <id>apache-release</id>
      <properties>
        <gpg.passphrase> <!-- YOUR KEY PASSPHRASE --> </gpg.passphrase>
      </properties>
    </profile>
  </profiles>
  ...
</settings>
  • Meanwhile, append your public key to https://svn.apache.org/repos/asf/geronimo/KEYS and people.apache.orghttps:/www/wwwdist.apache.org/repos/dist/release/geronimo/KEYS so that user can verify the artifacts you released.
    • gpg --gen-key
      • RSA and RSA (default), 4096
    • gpg --list-sigs "xxxxxx" && gpg --armor --export "xxxxxx" > xxxxxx.key
      • "cat" your public key to above KEYS file

...