Clojars 介绍
Clojars 是一个为开源 Clojure 类库打造的仓库,截止2017年9月17日,大概有19831个项目发布在上面。整个网站也是用 Clojure 编写的。
发布 Clojure library
1. 注册 clojars
前往 clojars 注册
2. lein 部署
$ lein deploy clojars
# lein deploy [repository name], here the repo name is clojars.
如果不想加上 clojars 参数,则需要在当前项目下的 project.clj 添加如下内容
{:deploy-repositories [["releases" :clojars]
["snapshots" :clojars]]}
这里注意一点:
这里使用 :deploy-repositories 而非 :repositories,原因是 :repositories 除了用于部署还会作为依赖源被项目使用。所以,如若必要,还是职责单一点好。这样,也可以加入 :user profile (~/.lein/profiles.clj) 供所有本地项目发布使用。
这个时候可以执行
$ lein deploy
No credentials found for snapshots(did you mean `lein deploy clojars`?)
#这里应该是 leiningen 的 bug,提示信息 `lein deploy clojars` 显得很奇怪,可以忽略之。
See `lein help deploying` for how to configure credentials to avoid prompts.
Username: username
Password: password
如上,这时会弹出用户名和密码输入框。为了节省时间,避免每次输入,最好把用户凭证 (credentials) 以文件的形式存放到用户范围的目录下,即~/.lein/credentials.clj,并做加密处理。
3. 设置全局的 credentials map
首先,把如下的 credentials map 写入 ~/.lein/credentials.clj
{#"https://clojars.org/repo"
{:username "username_on_clojars" :password "password_on_clojars"}}
其次,使用 gpg 加密该文件
$ gpg --default-recipient-self -e \
~/.lein/credentials.clj > ~/.lein/credentials.clj.gpg
加密后,即可删除原文件 ~/.lein/credentials.clj。然后在:deploy-repositories map 中指定 :creds :gpg
{:deploy-repositories [["releases" :clojars
:creds :gpg]]
["snapshots" :clojars
:creds :gpg]]}
完成上述,lein deploy 的时候即可解密 ~/.lein/credentials.clj.gpg,从中获取对应仓库的username和password(注:为了便于索引查找,credentials 使用正则表达式 #"https://clojars.org/repo" 作为 key)
Error: gpg agent timeout
有时候,deploy 时会出现 gpg agent 超时的错误
$ lein deploy
gpg: problem with the agent: Timeout
gpg: decryption failed: No secret key
Could not decrypt credentials from /Users/qianyan/.lein/credentials.clj.gpg
nil
See `lein help gpg` for how to install gpg.
仔细搜索文档会发现下面这句很重要的话
Due to a bug in gpg you currently need to use gpg-agent and have already unlocked your key before Leiningen launches, but with gpg-agent you only have to enter your passphrase periodically; it will keep it cached for a given period.
大意是,leiningen 需要用到 gpg-agent,而且在 lein deploy 之前,就应该解锁密钥。
不实际操作的话,还是很难弄懂这句话具体的指代。我们不妨思考一下。
1. 看看后台是否有个进程叫做 gpg-agent?
$ ps -ef |grep gpg
501 87095 1 0 8:27PM ?? 0:00.00 gpg-agent --daemon
嗯,还真有!
2. gpg 直接解密 credentials.clj.gpg
$ gpg --decrypt ~/.lein/credentials.clj.gpg
You need a passphrase to unlock the secret key for
user: "Yan Qian (lambeta) "
2048-bit RSA key, ID E13DFD8A, created 2016-05-14 (main key ID 3C5030FF)
# 接下来,漫无止境的等待中...
这奇怪的等待让我不安,所以我使出了杀手锏 kill -9,直接把 gpg-agent 干掉。
3. 重新 gpg --decrypt
$ gpg --decrypt ~/.lein/credentials.clj.gpg
You need a passphrase to unlock the secret key for
user: "Yan Qian (lambeta) "
2048-bit RSA key, ID E13DFD8A, created 2016-05-14 (main key ID 3C5030FF)
# **这里要输入 passphrase**
gpg: encrypted with 2048-bit RSA key, ID E13DFD8A, created 2016-05-14
"Yan Qian (lambeta) "
{ #"https://clojars.org/repo" {:username "username_on_clojars" :password "password_on_clojars"}}
终于可以输入 passphrase 了,解密完成。这大概就是上面引文所说的 unlock your key before Leiningen launches.
4. 重新部署
$ lein deploy
Created /Users/qianyan/Projects/clojure-pr/clj-moco/target/clj-moco-0.1.0-SNAPSHOT.jar
Wrote /Users/qianyan/Projects/clojure-pr/clj-moco/pom.xml
Retrieving clj-moco/clj-moco/0.1.0-SNAPSHOT/maven-metadata.xml
from https://clojars.org/repo/
Sending clj-moco/clj-moco/0.1.0-SNAPSHOT/clj-moco-0.1.0-20170917.122837-4.jar (10k)
to https://clojars.org/repo/
Sending clj-moco/clj-moco/0.1.0-SNAPSHOT/clj-moco-0.1.0-20170917.122837-4.pom (3k)
to https://clojars.org/repo/
Retrieving clj-moco/clj-moco/maven-metadata.xml
from https://clojars.org/repo/
Sending clj-moco/clj-moco/0.1.0-SNAPSHOT/maven-metadata.xml (1k)
to https://clojars.org/repo/
Sending clj-moco/clj-moco/maven-metadata.xml (1k)
to https://clojars.org/repo/
没有出现 gpg-agent timeout 的错误,部署完成。
注意
--default-recipient-self
Use the default key as default recipient if option --recipient is not used and don’t ask if this is a valid one. The default key is the first one from the secret keyring or the one set with --default-key.
参考链接
[1] Leiningen Deployment
[2] GPG: How to change the configuration