Publish Artifacts to Maven Central
Using the remote repositories feature, you can publish Maven artifacts from a Space Packages repository to Maven Central.
Configure publishing of artifacts to a Space Packages repository according to the following guides:
Perform initial setup of your OSSRH repository:
Create a JIRA ticket for creating a new repository for your project. For example, like this one.
For details, refer to the official Sonatype documentation.
The artifacts published to Maven Central must be signed with PGP. To generate a signing key:
Download the GPG tool.
Generate a key by running:
gpg --gen-key
For example:
PS C:\Program Files (x86)\GNU\GnuPG> .\gpg.exe --gen-key
{...}
Configure signing for the project:
GradleMavenThere is a number of ways to configure signing depending on your environment. For the details, refer to the official Gradle documentation. For example, this is how you can configure signing for your local builds:
Include the signing plugin into
build.gradle
:plugins { id 'signing' }
Specify what to sign. For example, you can configure Gradle to sign all published artifacts. To do this, add to
build.gradle
:signing { sign publishing.publications }
Add the signing key data to your local
gradle.properties
. For example:signing.keyId=24875D73 signing.password=pwd1234 signing.secretKeyRingFile=C:/Users/John.Doe/AppData/Roaming/gnupg/secring.gpg
Where
keyId
is the public key ID that you can get withgpg -K
.password
is the passphrase you used when creating the key.secretKeyRingFile
is the absolute path to the private key.
To build a signed artifact, run:
gradle sign
To publish a signed artifact, run:
gradle publish
There is a number of ways to configure signing depending on your environment. For the details, refer to the official Maven documentation. For example, this is how you can configure signing for your local builds:
Include the Apache Maven GPG plugin into
pom.xml
:<project> ... <build> <plugins> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-gpg-plugin</artifactId> <version>1.6</version> <executions> <execution> <id>sign-artifacts</id> <phase>verify</phase> <goals> <goal>sign</goal> </goals> </execution> </executions> </plugin> </plugins> </build> ... </project>
Add the signing key data to your local
settings.xml
. For example:<settings> [...] <servers> [...] <server> <id>gpg.passphrase</id> <passphrase>pwd1234</passphrase> </server> </servers> </settings>
Where
passphrase
is the passphrase you used when creating the key. Note that this will work only in case you have a single (default) signing key. For more information on configuring the Maven GPG plugin, refer to the official documentation.To publish a signed artifact, run:
mvn deploy
In Space, open the repository where you published the signed artifacts.
Configure a remote repository:
In repository settings, open the Remote Repositories tab and click New remote repository.
Specify remote repository settings:
URL: the URL you got from Sonatype during the initial setup. Typically, it's
https://s01.oss.sonatype.org/content/repositories/snapshots/
for SNAPSHOT artifact versions orhttps://s01.oss.sonatype.org/service/local/staging/deploy/maven2/
for release versions. Learn more.In Authentication, select Basic and specify Username and Password you used to register in Sonatype JIRA.
Nexus Staging Profile: the profile you got during the initial setup. Space automatically connects to Sonatype Nexus using your credentials and shows you the list of available staging profiles.
Click Create.
Publish the required artifact to the remote repository (Maven Central):
In the package menu, choose Publish to remote repository.
In the list, select the mirror created on previous step and click Publish.
Thanks for your feedback!