This template helps developers get started with publishing the Java SDK to Maven Central package repository.
The user will need the following:
- A Maven Central account and token credentials generated on the Account page that allow uploading packages to the Central Maven Repository
- Generated GPG key pair that is used for signing artifacts during the publishing process
This repository contains the following:
- A
README
that contains the instructions - A GitHub Action workflow to publish the Java SDK to Maven Central package repository.
-
Create a new target Java SDK Repo by clicking the Use this template button at the top of this repository.
-
Set
MAVEN_USERMANE
andMAVEN_PASSWORD
action secrets in the target SDK repo with the values generated from the Account page of the Maven Central Portal. (see Appendix A for more information) -
Set
GPG_PRIVATE_KEY
andGPG_PASSPHRASE
action secrets in the target SDK repo (see Appendix B for detailed instructions) -
If you already have a Control Repo:
-
Update your
LIBLAB_GITHUB_TOKEN
actions secret to a new token that has access to all your existing SDK repos, as well as this new one. -
Update your config file with the field values required for publishing:
groupId
with the value of your approved Central Repository namespacegithubRepoName
with the name of the target SDK repohomepage
with the valid public URL of the SDK homepage
-
-
Run the GitHub Action
Generate SDKs using liblab
in the Control Repo that builds the SDK, and raises a PR against this target SDK Repo. This will be triggered automatically when you commit and push the update to the liblab config file. -
Review and merge the PR.
-
Create a release in the target SDK Repo.
-
The GitHub Action
Publish to Maven Central Repository
in the target SDK Repo will be triggered by the release, and deploy the package to Maven Central Repository. -
Package will immediately appear on the Deployments page under
PUBLISHING
status. After the validation process has been successfully finished, deployment will transition toPUBLISHED
status, and the package will become available on Maven Central Repository.
Publishing action automates publishing packages via the Central Portal, which is, as of March 12th, 2024, the default publishing server for Maven packages. We do not support automatic publishing through the Legacy OSSRH.
The Central Portal Account Documentation explains how to create an account that is required for claiming namespaces and managing package deployments.
Namespace is the crucial prerequisite for publishing a package to the Central Repository as it is the groupId
of the package. The Central Portal Namespace Documentation provides detailed instructions for claiming a namespace.
One should note that the namespace verification process is not instant. For own domain namespaces (e.g. com.liblab
), additional step is required from the user, which involves setting up the verification key as a DNS record in order for the domain name to be verified by the Central Repository. For GitHub namespaces (namespace in the form of io.github.githuborgname
), though, verification process is automatic if the user is registered using the GitHub SSO.
Credentials for MAVEN_USERNAME
and MAVEN_PASSWORD
action secrets can be generated from the Account page.
The Central Repository requires all artifacts to be signed with GPG. This section explains how to generate your own key pair, distribute it to the key server and obtain the private key.
-
Install GnuPG
(available throughbrew install gnupg
) -
Initialize the key generation prompt by running:
gpg --gen-key
-
Input all necessary data and choose the passphrase
-
Copy the key id - 40 character long value printed out in the second row by the command:
gpg --list-secret-keys
-
Send the key to the key server (in our case
openpgp
) by running:
gpg --keyserver keys.openpgp.org --send-keys ${key-id}
-
Export the private key to the file by running:
gpg --export-secret-keys ${key-id} --armour > key.asc
-
Copy the contents of the
key.asc
file and paste it in theGPG_PRIVATE_KEY
action secret -
Add chosen passphrase to the
GPG_PASSPHRASE
action secret