Versions Compared

Old Version 142

changes.mady.by.user Tim Donohue

Saved on

compared with

New Version 143

changes.mady.by.user Tim Donohue

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Write access to the DSpace GitHub repository hosted at https://github.com/DSpace/DSpace. (All Committers should already have this, obviously)
  2. Write access to the org.dspace groupId in the snapshot and staging repositories hosted at oss.sonatype.org.  If you don't already have this, you will need to:
    1. Sign up for a Sonatype JIRA account. This account will also serve as your login to the Sonatype OSS system. (If you already have a Sonatype account, you can skip this step)
    2. Ask a Committer with release privileges (e.g. a previous release manager) to request that your Sonatype account be given release privileges to the "org.dspace" GroupID. This request should be submitted via the Sonatype JIRA system in the Open Source Project Repository Hosting project.
    3. Once Sonatype gives you the proper authorization, you should be able to login to the Sonatype OSS system using the same login/password you setup in Sonatype JIRA. You should also have access to publish new releases to the "org.dspace" GroupID.
    4. NOTE: The full details of signing up and getting access to Sonatype are also posted online here: Sonatype Maven Repository Usage Guide
  3. You must generate and publish your own personal Code Signing Key (required by Sonatype). Here are two sites that give hints on how to do that:
    • Creating a Code Signing Key
    • How to Generate PGP Signatures with Maven (required for all Sonatype releases)
    • Make sure to publish your Key file to hkp://pgp.mit.edu, as this is the Key Server Sonatype uses for verification:
      • (e.g.) gpg --keyserver hkp://pgp.mit.edu --send-keys [yourKeyID]

        • [yourKeyId] can be found by running the following command and copying the alpha-numeric string after the "/" on the "pub" line 

          • gpg --list-keys

      • You can see if your key is already on that Key Server by visiting http://pgp.mit.edu and searching on your name
    • If you've previously created a Code Signing Key and now wish to run a Maven release from a new server/computer, you can simply request your Key file FROM hkp://pgp.mit.edu to (re-)install it:
      • gpg --keyserver hkp://pgp.mit.edu --recv-keys [yourKeyID]

Update Maven settings.xml

...