Here are some ways for you to get involved in the community:
- Get involved with the KIARA/FIWARE community on the FI-Ware Jira by responding to questions and joining the debate.
- Create github tickets for bugs and new features and comment and vote on the ones that you are interested in.
- Github is for social coding: if you want to write code, we encourage contributions through pull requests from forks of this repository. If you want to contribute code this way, please reference an existing issue if there is one as well covering the specific issue you are addressing. Always submit pull requests to the "develop" branch.
- Watch for upcoming articles on KIARA by subscribing to the FIWARE blog
The Maven Central Repository (aka. MavenCentral) allows global distribution of Software artifacts for any size of project. Since 2002 this repository is hosted by Sonatype using their Nexus Professional product management platform.
For individual Projects the service is called OpenSource Software Repository Hosting (OSSRH). It uses the Maven repository format to:
- deploy development version (snapshots)
- stage a release
- promote a release to the public (the central repository)
- The public releases are also available in http://search.maven.org
- Directlink for 'org.fiware.kiara' group id artifacts: -> http://search.maven.org/#search|ga|1|g:org.fiware.kiara
KIARA is registered for the group id org.fiware.kiara.
The instructions how to register, set up projects and manage artifacts can be found in the OSSHR Guide.
The Sonatype Jira Account is required to get access to The Central Repository and upload artifacts. An account can be associated with multiple projects. To get access go to the Sonatype Jira Server and Sign Up for a new account. Afterwards send the username of your new account to a project administrator for your project. He has to add you to the contributors list.
All artifacts in the Central Repository have to be signed with a valid published GPG key. The following is a summary of the OSSRH instructions.
Install gpg (or the newer gpg2 release) with your OS package manager or download it from (http://www.gnupg.org/download).
- Linux - DEB:
sudo apt-get install gnupg2 - Linux - RPM:
yum install gnupg2 - OS X - Homebrew:
brew install gpg2
Create a Private Key Pair
$ gpg --gen-key- give default values when asked for type, size, time of validity and confirm the key data.
- give your full name, email and (optional) comment
- give a good pass phrase for your private key
You can list all your public keys:
$ gpg2 --list-keys
/home/jdoe/.gnupg/pubring.gpg
------------------------------
pub 1024D/C6EED57A 2010-01-13
uid John Doe (FIWARE) <[email protected]>
sub 2048g/D704745C 2010-01-13or secret keys:
$ gpg2 --list-secret-keys
/home/jdoe/.gnupg/secring.gpg
------------------------------
sec 1024D/C6EED57A 2010-01-13
uid John Doe (FIWARE) <[email protected]>
ssb 2048g/D704745C 2010-01-13To distribute your public key (make it available for other people) to verify files, it has to be published to a public key-server:
$ gpg2 --keyserver hkp://pool.sks-keyservers.net --send-keys C6EED57ANow other people can import the public key to their key-chain:
$ gpg2 --keyserver hkp://pool.sks-keyservers.net --recv-keys C6EED57ACreate the file ~/.gradle/gradle.properties and add the following settings:
signing.keyId= // key id of your GPG key e.g. 00B0AEF9
signing.password= // password for your GPG secret key
signing.secretKeyRingFile=/home/jdoe/.gnupg/secring.gpg
nexusUsername= // username of your Sonatype Jira user
nexusPassword= // password of your Sonatype Jira userAfter this you can install the artifacts to the local repository (mavenLocal) using:
$ ./gradlew installor upload release artifacts with:
$ ./gradlew uploadArchivesDepending on the version name it is uploaded as:
* snapshot release if version ends with -SNAPSHOT: e.g. version = '0.1.1-SNAPSHOT'
* staging release if not: e.g.version = '0.1.1'
After uploading to the staging area it is still only visible for authorized developers. See [promote-staged] on instructions how to promote a staged release to the public area.
Create the file ~/.m2/settins.xml and add the following settings:
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository>${user.home}/.m2/repository</localRepository>
<interactiveMode>true</interactiveMode>
<usePluginRegistry>false</usePluginRegistry>
<offline>false</offline>
<servers>
<server>
<id>ossrh</id>
<username>**YourNexusUsername**</username>
<password>**YourNexusPassword**</password>
</server>
</servers>
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg2</gpg.executable>
<gpg.passphrase>**YourPassphrase**</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>After this you can install the artifacts locally using:
$ mvn installand upload the release artifacts to staging area with:
$ mvn deploy -P releaseDepending on the version name it is uploaded as:
- snapshot release if
versionends with-SNAPSHOT: e.g.<version>0.1.1-SNAPSHOT</version>' - staging release if not: e.g.
<version>0.1.1</version>
If a release is staged in the staging area it can be promoted to the public area. See Releasing the deployment for detailed instructions.
- Login to https://oss.sonatype.org/
- Locate and examine the staging repository (staged releases are in state 'open')
- Evaluate the release in the Content-Tab.
- Press the
Closebutton above the list. This will trigger an evaluation against the requirements (all components bin, doc, src available and signed).- If it fails, the release is not valid and it can be removed with
Drop. This allows to fix the problem, upload a new release and rerun the verification. - If successful, it can be released using the
Releasebutton. This will move the artefact to the public area and sync it to the Central Repository.
- If it fails, the release is not valid and it can be removed with