Pushing

Toby Crawley edited this page Mar 8, 2016 · 2 revisions

Pushing is the process of uploading a jar to the Clojars repository so that others can use it.

leiningen 2.0.0

lein deploy clojars

This will prompt you for your username and password. It is also possible to have them read from an encrypted file.

leiningen 1.x

Add a deploy-repository for clojars to ~/.lein/init.clj:

(def settings
  {:deploy-repositories {"clojars-https" {:url "https://clojars.org/repo"
                                          :username "username"
                                          :password "password"}}})

Then you can deploy with

lein deploy clojars-https

Maven

Add clojars to the pom.xml:

<distributionManagement>
  <repository>
    <id>clojars</id>
    <name>Clojars repository</name>
    <url>https://clojars.org/repo</url>
  </repository>
</distributionManagement>

Add authentication info to settings.xml:

<settings>
  <servers>
    <server>
      <id>clojars</id>
      <username>username</username>
      <password>password</password>
    </server>
  </servers>
</settings>

Then you can deploy with

mvn deploy

It is possible to have encrypted credentials.

Boot 2.x

Boot has tasks defined in bootlaces for this purpose.

boot build-jar push-snapshot
boot build-jar push-release

This will prompt you for your username and password, but you can specify it as environment variables too.

Validations

When you deploy to clojars, the deployment must pass a set of validations before being finalized to the repository. If any validations fail, the deployment will be rejected with an appropriate error message and nothing will be written to the repository. The following things are validated:

  • a pom file was uploaded
  • the pom parses successfully (is readable)
  • the group, name, and version are of a valid format
  • the group, name, and version values in the pom match those in the url
  • this isn't a redeploy of a non-SNAPSHOT version
  • a jar was uploaded if the pom packaging is jar
  • the provided checksums match the artifacts
  • if any signature is uploaded, then every artifact has a signature