已经好几个小时了,我一直在尝试在 Maven Central 上发布/发布签名的工件。
最终发布后,我没有通过“签名验证”测试。经过一番研究,我发现即使我的文件有签名,我的出版物也没有签名。
所以在添加这一行之后:sign publishing.publications.release在执行以下任务时出现此错误:publishReleasePublicationToMavenCentralRepository :
Cannot perform signing task ':xxx:signReleasePublication' because it has no configured signatory
Gradle 包装器:7.1.1。
build.gradle(库级别):
apply plugin: 'com.android.library'
apply plugin: 'kotlin-android'
apply plugin: 'kotlin-android-extensions'
apply plugin: 'signing'
apply plugin: 'maven-publish'
repositories {
mavenCentral()
google()
jcenter()
maven { url "https://jitpack.io" }
}
android {
compileSdkVersion 30
buildToolsVersion "29.0.3"
defaultConfig {
minSdkVersion 21
targetSdkVersion 30
versionCode 9
versionName "1.1.4"
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
consumerProguardFiles 'consumer-rules.pro'
}
buildTypes {
release {
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
}
}
compileOptions {
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
}
kotlinOptions {
jvmTarget = "1.8"
}
}
Properties properties = new Properties()
properties.load(project.rootProject.file('local.properties').newDataInputStream())
// Because the components are created only during the afterEvaluate phase, you must
// configure your publications using the afterEvaluate() lifecycle method.
afterEvaluate {
publishing {
publications {
release(MavenPublication) {
groupId = 'xxxx'
artifactId = 'xxx'
version = '1.1.4'
from components.release
signing {
useInMemoryPgpKeys(
properties.getProperty('signing.keyId'),
properties.getProperty('signing.secretKeyRingFile'),
properties.getProperty('signing.password')
)
sign publishing.publications.release //It's after adding this specific line that I got the error of no configured signatory
sign configurations.archives
}
pom {
//I also tried to put the signing block here but nothing changes
name = 'xxx'
description = 'xxx'
url = 'xxx
licenses {
license {
name = 'MIT License'
url = 'https://opensource.org/licenses/MIT'
}
}
developers {
developer {
id = 'xxx'
name = 'xxx'
email = 'xxx'
}
}
scm {
connection = 'scm:git:git://github.com/xxx'
developerConnection = 'scm:git:ssh://github.com/xxx'
url = 'https://github.com/xxx'
}
}
}
}
repositories {
maven {
// change URLs to point to your repos, e.g. http://my.org/repo
//def releasesRepoUrl = layout.buildDirectory.dir('repos/releases')
//def snapshotsRepoUrl = layout.buildDirectory.dir('repos/snapshots')
url = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/")
credentials {
username = properties.getProperty('ossrhUsername')
password = properties.getProperty('ossrhPassword')
}
}
}
}
}
编辑:这是我的
gradle.properties位于 ~/.gradle/ 下:mavenCentralUsername=xxx
mavenCentralPassword=xxx
signing.keyId=xxx
signing.password=xxx
signing.secretKeyRingFile=xxx
ossrhUsername=xxx
ossrhPassword=xxx
最佳答案
我终于能够使用我签名的工件发布和发布我的存储库了!
什么问题:
我正在使用 useInMemoryPgpKeys (我不应该)
我从未分发过我的gpg key到任何服务器
所以为此我做了以下事情:
gpg --keyserver keys.openpgp.org --send-keys yourKey
keyserver.ubuntu.com
keys.openpgp.org
pgp.mit.edu
openpgp因为ubuntu没用(当我关闭 Nexus 上的存储库时,我收到一条错误消息,说它没有在任何服务器上找到 key )。要知道您的 key ,只需运行:
gpg --list-keys
CA925CD6C9E8D064FF05B4728190C4130ABA0F98所以这是我最终的 build.gradle:Properties properties = new Properties()
properties.load(project.rootProject.file('local.properties').newDataInputStream())
// Because the components are created only during the afterEvaluate phase, you must
// configure your publications using the afterEvaluate() lifecycle method.
afterEvaluate {
publishing {
publications {
release(MavenPublication) {
groupId = 'xxx'
artifactId = 'xxx'
version = mVersionName
pom {
signing {
sign publishing.publications.release
sign configurations.archives
}
name = 'WeLoop'
description = 'xxx'
url = 'xxx'
licenses {
license {
name = 'MIT License'
url = 'https://opensource.org/licenses/MIT'
}
}
developers {
developer {
id = 'xxx'
name = 'xxx'
email = 'xxx'
}
}
scm {
connection = 'scm:git:git://github.com/xxx.git'
developerConnection = 'scm:git:ssh://github.com/xxx'
url = 'https://github.com/xxx'
}
}
}
}
repositories {
maven {
url = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/")
credentials {
username = properties.getProperty('mavenCentralUsername')
password = properties.getProperty('mavenCentralPassword')
}
}
}
}
}
~/.gradle/gradle.properties :mavenCentralUsername=xxx
mavenCentralPassword=xxx
signing.keyId=xxx
signing.password=xxx
signing.secretKeyRingFile=/xxx/secring.gpg
关于android - Gradle 签署 Android 库出版物 : Cannot perform signing task because it has no configured signatory,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/68447837/