This template helps developers get started with publishing the Java SDK to Maven Central package repository.
The user will need the following:
- A Maven Central account and token credentials generated on the Account page that allow uploading packages to the Central Maven Repository
- Generated GPG key pair that is used for signing artifacts during the publishing process
This repository contains the following:
- A
READMEthat contains the instructions - A GitHub Action workflow to publish the Java SDK to Maven Central package repository.
-
Create a new target Java SDK Repo by clicking the Use this template button at the top of this repository.
-
Set
MAVEN_USERMANEandMAVEN_PASSWORDaction secrets in the target SDK repo with the values generated from the Account page of the Maven Central Portal. (see Appendix A for more information) -
Set
GPG_PRIVATE_KEYandGPG_PASSPHRASEaction secrets in the target SDK repo (see Appendix B for detailed instructions) -
If you already have a Control Repo:
-
Update your
LIBLAB_GITHUB_TOKENactions secret to a new token that has access to all your existing SDK repos, as well as this new one. -
Update your config file with the field values required for publishing:
groupIdwith the value of your approved Central Repository namespacegithubRepoNamewith the name of the target SDK repohomepagewith the valid public URL of the SDK homepage
-
-
Run the GitHub Action
Generate SDKs using liblabin the Control Repo that builds the SDK, and raises a PR against this target SDK Repo. This will be triggered automatically when you commit and push the update to the liblab config file. -
Review and merge the PR.
-
Create a release in the target SDK Repo.
-
The GitHub Action
Publish to Maven Central Repositoryin the target SDK Repo will be triggered by the release, and deploy the package to Maven Central Repository. -
Package will immediately appear on the Deployments page under
PUBLISHINGstatus. After the validation process has been successfully finished, deployment will transition toPUBLISHEDstatus, and the package will become available on Maven Central Repository.
Publishing action automates publishing packages via the Central Portal, which is, as of March 12th, 2024, the default publishing server for Maven packages. We do not support automatic publishing through the Legacy OSSRH.
The Central Portal Account Documentation explains how to create an account that is required for claiming namespaces and managing package deployments.
Namespace is the crucial prerequisite for publishing a package to the Central Repository as it is the groupId of the package. The Central Portal Namespace Documentation provides detailed instructions for claiming a namespace.
One should note that the namespace verification process is not instant. For own domain namespaces (e.g. com.liblab), additional step is required from the user, which involves setting up the verification key as a DNS record in order for the domain name to be verified by the Central Repository. For GitHub namespaces (namespace in the form of io.github.githuborgname), though, verification process is automatic if the user is registered using the GitHub SSO.
Credentials for MAVEN_USERNAME and MAVEN_PASSWORD action secrets can be generated from the Account page.
The Central Repository requires all artifacts to be signed with GPG. This section explains how to generate your own key pair, distribute it to the key server and obtain the private key.
-
Install GnuPG
(available throughbrew install gnupg) -
Initialize the key generation prompt by running:
gpg --gen-key -
Input all necessary data and choose the passphrase
-
Copy the key id - 40 character long value printed out in the second row by the command:
gpg --list-secret-keys -
Send the key to the key server (in our case
openpgp) by running:
gpg --keyserver keys.openpgp.org --send-keys ${key-id} -
Export the private key to the file by running:
gpg --export-secret-keys ${key-id} --armour > key.asc -
Copy the contents of the
key.ascfile and paste it in theGPG_PRIVATE_KEYaction secret -
Add chosen passphrase to the
GPG_PASSPHRASEaction secret