Pre‐requisites for publishing releases - LibrePDF/OpenPDF GitHub Wiki

Full documentation from Central Portal: https://central.sonatype.org/register/central-portal/

If you find any errors in this description, feel free in updating this page.

Prerequisites

To be able to deploy the new artifacts to maven central, you need a JIRA account at Sonatype. And with that you can publish the artifacts on Central Portal. As the artifacts need to be PGP signed, you also need a working infrastructure for doing this with PGP/GPG.

First, make sure you have a JIRA account

This step is only needed once.

If you don't already have a Sonatype JIRA login, then register to create a new account. You will need then to create an access token to upload files to the Central Portal Repository.

Currently, @asturio, @andreasrosdal, @tlxtellef1 and @bengolder1 are the only users authorized to publish new releases. If you'd like to help us publish releases, let us know. This repository wouldn't exist without the generous help of newcomers. New contributors are welcome. :)

Configuring maven

After you have an user at sonatype you should create an access token (username/password, no the same as your login), so maven can use this to upload files to Central Portal. Your token can be added to your .m2/settings.xml:

    <servers>
        <server>
            <!-- For Maven Central Portal -->
            <id>central</id>
            <username>My-Token-Username</username>
            <password>My-Token-Password</password>
        </server>
    </servers>

Second, create and publish your public PGP/GPG key

Official documentation.

This step is only needed once, and every time you create a new GPG key.

  1. install gpg2 and make sure it is on your PATH

  2. If you don't already have a key, create a key with:

    gpg2 --gen-key

    Use your email and full name and a secure passphrase.

  3. Get the ID for your public key.

    gpg2 --list-keys

    Will show you a list of your keys and their IDs. For example, my key ID is 3806A4CD.

  4. Upload your public key to a keyserver. For example:

    gpg2 --keyserver hkp://pool.sks-keyservers.net --send-keys 3806A4CD

    ... where 3806A4CD is the ID of your public key. It will take 5-30 minutes for the key to become available on the server.

  5. Create a local settings file so that the maven gpg plugin can use your key to sign files. For example, make a file at ~/.m2/settings.xml with similar contents to this example and replace the example JIRA login information and gpg passphrase with your JIRA login and gpg passphrase.

1: Backup-User, is not active.

OpenPDF is a Java library for creating and editing PDF files with a LGPL and MPL open source license.

⚠️ **GitHub.com Fallback** ⚠️