in which secrets are kept



Back when Leiningen was first launched it coincided with the launch of Clojars, the public community repository for Clojure projects. This worked out really well for Clojure as far as the timing was concerned—it allowed the ecosystem to grow quickly.


But Clojars doesn't work for everything; some situations call for libraries to be shared on a team without making them public. For cases like this it's necessary to publish to private repositories. This has been a really common question with Leiningen that hasn't had a good answer until recently; some folks bite the bullet and run lein install on every development machine while others set up shared static-file repositories maintained mostly by hand. At work we've nginx'd up a directory that gets deployed to from our Hudson (soon to be Jenkins) jobs.

But the 1.5.0 release of Leiningen has added the deploy task along with a deploy guide. Now you can deploy to private repositories like instances of Archiva and Nexus. Just configure your :repositories in project.clj with the URL and credentials for uploading:

  :repositories {"snapshots" {:url ""
                              :username "milgrim" :password "locative.1"}
                 "releases" ""}

If you're shy about checking passwords into project.clj, you can put them in ~/.lein/init.clj as mentioned in the deploy guide. Note that the naming is significant; if you are deploying a SNAPSHOT version, it will go to the "snapshots" repository, while stable versions will go to the "releases" repository. Hopefully this is useful for teams collaborating on multiple projects in private.

Update: Don't store your repository credentials in plaintext on your drive. Leiningen 2 features transparent GPG support if you store them in ~/.lein/credentials.clj.gpg, which you should use instead.

« older | 2011-04-01T03:03:55Z | newer »