【记录】2021使用gradle发布到mavenCentral

背景：之前自己弄的一些基础库，示例代码 都是在github托管，个别会发布到jcenter上，最近看打开github 实在是太慢了就 想着迁移到 码云 上托管吧，同时也该 重新搞搞自己的基础库，方便快速写demo，同时发布到mavenCentral 上 (因为jcenter 不维护了)

发布过程记录如下：（参考： Android库发布到Maven Central全攻略、 发布Android库到MavenCentral教程）
基本按上面的参考文章去做就好，只不过有些点，文章没提到，或者时间隔得久了，某些步骤有变

一、注册
1、Maven Central是由sonatype运营的，https://issues.sonatype.org注册账号
2、创建问题，按上面的文章进行操作就好，直到问题状态为关闭状态

image.png

期间的交流如下

image.png

image.png

二、创建GPG秘钥
1、因为gradle 上传 的时候用到，我们就先来创建GPG秘钥好了，我是只用了命令行去操作的，gpg --full-gen-key
2、加密方式选择RSA and RSA，长度输入4096，过期时间直接回车不用管，然后输入一个user ID并且提供一个邮箱，我直接用的我sonatype的用户名和邮箱。最后一步输入'O'，表示OK
3、之后会弹出一个对话框，让输入密码。后面gradle用到

image.png

三、Gradle准备

//publish-mavencentral.gradle
apply plugin: 'maven-publish'
apply plugin: 'signing'

task androidSourcesJar(type: Jar) {
    archiveClassifier.set("sources")
    from android.sourceSets.main.java.source

    exclude "**/R.class"
    exclude "**/BuildConfig.class"
}

Properties properties = new Properties()
InputStream inputStream = project.rootProject.file('local.properties').newDataInputStream() ;
properties.load( inputStream )

ext {
    PUBLISH_GROUP_ID = 'com.gitee.zaiqiang231'
    PUBLISH_ARTIFACT_ID = 'base-lib'
    PUBLISH_VERSION = '1.1.5'
}

ext["signing.keyId"] = ''
ext["signing.password"] = ''
ext["signing.secretKeyRingFile"] = ''
ext["ossrhUsername"] = ''
ext["ossrhPassword"] = ''

File secretPropsFile = project.rootProject.file('local.properties')
if (secretPropsFile.exists()) {
    println "Found secret props file, loading props"
    Properties p = new Properties()
    p.load(new FileInputStream(secretPropsFile))
    p.each { name, value ->
        ext[name] = value
    }
} else {
    println "No props file, loading env vars"
}
publishing {
    publications {
        release(MavenPublication) {
            // The coordinates of the library, being set from variables that
            // we'll set up in a moment
            groupId PUBLISH_GROUP_ID
            artifactId PUBLISH_ARTIFACT_ID
            version PUBLISH_VERSION

            // Two artifacts, the `aar` and the sources
            artifact("$buildDir/outputs/aar/${project.getName()}-release.aar")
            artifact androidSourcesJar

            // Self-explanatory metadata for the most part
            pom {
                name = PUBLISH_ARTIFACT_ID
                description = 'base lib'
                // If your project has a dedicated site, use its URL here
                url = 'https://gitee.com/zaiqiang231'
                licenses {
                    license {
                        //协议类型，一般默认Apache License2.0的话不用改：
                        name = 'The Apache License, Version 2.0'
                        url = 'http://www.apache.org/licenses/LICENSE-2.0.txt'
                    }
                }
                developers {
                    developer {
                        id = 'zaiqiang'
                        name = 'zaiqiang'
                        email = '[email protected]'
                    }
                }
                // Version control info, if you're using GitHub, follow the format as seen here
                scm {
                    //修改成你的Git地址：
                    connection = 'scm:git:gitee.com/zaiqiang231/BaseLib.git'
                    developerConnection = 'scm:git:ssh://gitee.com/zaiqiang231/BaseLib.git'
                    //分支地址：
                    url = 'https://gitee.com/zaiqiang231/BaseLib/tree/master'
                }
                // A slightly hacky fix so that your POM will include any transitive dependencies
                // that your library builds upon
                withXml {
                    def dependenciesNode = asNode().appendNode('dependencies')

                    project.configurations.implementation.allDependencies.each {
                        println "--- dependency ${it.group} ${it.name} ${it.version}"
                        if(it.group != null && it.group.length() > 0){
                            println "添加 dependency ${it.group} ${it.name} ${it.version}"
                            def dependencyNode = dependenciesNode.appendNode('dependency')
                            dependencyNode.appendNode('groupId', it.group)
                            dependencyNode.appendNode('artifactId', it.name)
                            dependencyNode.appendNode('version', it.version)
                        }
                    }
                }
            }
        }
    }
    repositories {
        // The repository to publish to, Sonatype/MavenCentral
        maven {
            // This is an arbitrary name, you may also use "mavencentral" or
            // any other name that's descriptive for you
            name = "baselib"

            def releasesRepoUrl = "https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/"
            def snapshotsRepoUrl = "https://s01.oss.sonatype.org/content/repositories/snapshots/"
            // You only need this if you want to publish snapshots, otherwise just set the URL
            // to the release repo directly
            url = version.endsWith('SNAPSHOT') ? snapshotsRepoUrl : releasesRepoUrl

            // The username and password we've fetched earlier
            credentials {
                username ossrhUsername
                password ossrhPassword
            }
        }
    }
}
signing {
    sign publishing.publications
}

//local.properties
signing.keyId=刚才获取的秘钥后8位，gpg --list-keys。可以查看刚刚建立的密钥
signing.password=秘钥密码
signing.secretKeyRingFile=/Users/wuyanqiang/secring.gpg
ossrhUsername=账号
ossrhPassword=密码

四、上传
1、上传 gpg （这一步应该是 要的，一开始gradle 和这个key 没有上传总是报 403 拒绝，后面上传完这个key 和 改了上面gradle里面的地址就成功了，我也不纠结了，主要是这个上传key 找了几个文章才解决了）命令操作如下：
上传gpg https://www.jianshu.com/p/c898c9082872

wuyanqiangdeMacBook-Pro:~ wuyanqiang$ gpg --keyserver keys.gnupg.net --send-keys DBCC9EBB38B960432204AC3E1617D07237F53108

gpg: sending key 1617D07237F53108 to hkp://hkps.pool.sks-keyservers.net

wuyanqiangdeMacBook-Pro:~ wuyanqiang$ gpg --keyserver keyserver.ubuntu.com --send-keys DBCC9EBB38B960432204AC3E1617D07237F53108

gpg: sending key 1617D07237F53108 to hkp://keyserver.ubuntu.com

2、gradle 上传操作：
任务：assemble
任务：publishReleasePublicationToBaselibRepository
执行完毕后，进入https://oss.sonatype.org/ ，使用你的sonatype帐号和密码登录。
进入左侧的Staging Repositories 就能看到你上传的东西了

3、先close， 再release。就算是发布成功了，第一次发布，回到之前建立的jira issue 回复一下，应该就能加快同步了

到此 所有操作完毕

更新：
补充遇到的一个问题：发布后，依赖已发布的库，发现库内的子依赖 没有成功，遇到一个 依赖错误

image.png

image.png

发现其中有个依赖 有问题，排查发现是 api fileTree(dir: 'libs', include: ['*.jar']) 导致的，遍历依赖时会有一个空依赖, 在上面的gradle 追加一段 过滤

withXml {
                    def dependenciesNode = asNode().appendNode('dependencies')

                    project.configurations.implementation.allDependencies.each {
                        println "--- dependency ${it.group} ${it.name} ${it.version}"
                        if(it.group != null && it.group.length() > 0){
                            println "添加 dependency ${it.group} ${it.name} ${it.version}"
                            def dependencyNode = dependenciesNode.appendNode('dependency')
                            dependencyNode.appendNode('groupId', it.group)
                            dependencyNode.appendNode('artifactId', it.name)
                            dependencyNode.appendNode('version', it.version)
                        }
                    }
                }