...
| Code Block |
|---|
| language | bash |
|---|
| title | Upload to SVN |
|---|
|
# Checkout the SVN folder containing the KEYS file
svn co https://dist.apache.org/repos/dist/dev/incubator/streampipes
# Export the key in ascii format and append it to the file
( gpg --list-sigs $USER@apache.org
gpg --export --armor $USER@apache.org ) >> KEYS
# Commit to SVN
svn ci -m "Added gpg key for $USER" |
...
| Code Block |
|---|
| language | bash |
|---|
| title | Upload to release SVN |
|---|
|
svn co https://dist.apache.org/repos/dist/release/incubator/streampipes
# ... Same as above
( gpg --list-sigs $USER@apache.org
gpg --export --armor $USER@apache.org ) >> KEYS
# Commit to SVN
svn ci -m "Added gpg key for $USER" |
...
- Install an SVN client
- Checkout the following directories:
- Export your GPG public key and paste the output to the KEYS file in both directories:
- gpg --list-keys (and find your key id)
- gpg --list-sigs YOUR_KEY_ID && gpg --armor --export YOUR_KEY_ID
- Commit your changes to SVN
...
| Code Block |
|---|
| language | xml |
|---|
| title | Apache Repo Settings |
|---|
|
<?xml version="1.0" encoding="UTF-8"?>
<settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd" xmlns="http://maven.apache.org/SETTINGS/1.1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<servers>
<!-- Apache Repo Settings -->
<server>
<id>apache.snapshots.https</id>
<username>{user-id}</username>
<password>{user-pass}</password>
</server>
<server>
<id>apache.releases.https</id>
<username>{user-id}</username>
<password>{user-pass}</password>
</server>
</servers>
</settings> |
| Warning |
|---|
For security reasons, please refrain from adding your password in plain text here!
Maven provides a secure way to input passwords through encryption.
To understand how this works, refer to the information box below. |
| Expand |
|---|
| title | Secure password handling in maven |
|---|
|
- Run
mvn --encrypt-master-password
Maven will ask you to prompt a master password that is used to encrypt all passwords handled/used by Maven.
Once done, it prints the encrypted master password. Please copy the entire password (including braces!!).
- Create a
settings-security.xml
Create the file ${user.home}/.m2/settings-security.xml with the following content:
<settingsSecurity>
<master>[your-password-with-braces]</master>
</settingsSecurity>
- Encrypt your Apache password
Run mvn --encrypt-password
Enter your password
Copy the returned password (again including braces) and add it to the settings.xml as displayed above
|
This tells maven to use above credentials as soon as a repository with the id apache.snapshots.https or apache.releases.https is being used. For a release all you need is the releases repo, but it is good to have the other in place as it enables you to also deploy SNAPSHOTs from your system. There repos are defined in the apache parent pom and is identical for all Apache projects.
...
| Code Block |
|---|
| language | xml |
|---|
| title | Maven GPG Settings |
|---|
|
<profile>
<id>apache-release</id>
<properties>
<gpg.keyname>5C60D6B9</gpg.keyname><!-- Your GPG Keyname here -->
<!-- Use an agent: Prevents being asked for the password during the build -->
<gpg.useagent>true</gpg.useagent>
<gpg.passphrase>topsecret-password</gpg.passphrase>
</properties>
</profile> |
| Warning |
|---|
Please don't provide the passphrase here as plain text.
Instead encrypt it via Maven as shown above. |