Pre release notes
Since griffin's parent pom is apache, our release process is inherited from apache parent pom(https://svn.apache.org/viewvc/maven/pom/tags/apache-18/pom.xml?view=markup).
<profile> <id>apache-release</id> <build> <plugins> <!-- Create a source-release artifact that contains the fully buildable project directory source structure. This is the artifact which is the official subject of any release vote. --> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-assembly-plugin</artifactId> <dependencies> <dependency> <groupId>org.apache.apache.resources</groupId> <artifactId>apache-source-release-assembly-descriptor</artifactId> <version>1.0.6</version> </dependency> </dependencies> <executions> <execution> <id>source-release-assembly</id> <phase>package</phase> <goals> <goal>single</goal> </goals> <configuration> <runOnlyAtExecutionRoot>true</runOnlyAtExecutionRoot> <descriptorRefs> <descriptorRef>${sourceReleaseAssemblyDescriptor}</descriptorRef> </descriptorRefs> <tarLongFileMode>gnu</tarLongFileMode> </configuration> </execution> </executions> </plugin> <!-- We want to deploy the artifact to a staging location for perusal --> <plugin> <inherited>true</inherited> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-deploy-plugin</artifactId> <configuration> <updateReleaseInfo>true</updateReleaseInfo> </configuration> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> <executions> <execution> <id>attach-sources</id> <goals> <goal>jar-no-fork</goal> </goals> </execution> </executions> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-javadoc-plugin</artifactId> <executions> <execution> <id>attach-javadocs</id> <goals> <goal>jar</goal> </goals> </execution> </executions> </plugin> <!-- We want to sign the artifact, the POM, and all attached artifacts --> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-gpg-plugin</artifactId> <executions> <execution> <id>sign-release-artifacts</id> <goals> <goal>sign</goal> </goals> </execution> </executions> </plugin> </plugins> </build> </profile>
Apache release process is different from local release as it needs to do gpg check.
So you need to have created a PGP (or GPG) key pair, which will be used in signing the release artifacts. For more information on using the Maven GPG plugin, see this introduction from Sonatype and the Maven GPG Plugin usage page. You may also want to run gpg-agent in order to avoid being prompted multiple times for the GPG key passphrase when performing a release.
Update maven Settings.xml File to authenticate
<?xml version="1.0" encoding="UTF-8"?> <settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd" xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <servers> <server> <id>apache.snapshots.https</id> <username>USERNAME</username> <password>PASSWORD</password> </server> <server> <id>apache.releases.https</id> <username>USERNAME</username> <password>PASSWORD</password> </server> </servers> </settings>