Here I’m going to walk through the real life example of the process for publishing an open source library in Maven Central.
When I tried to figure out how to do that first time I couldn’t find one source that contains all related aspects. I had to spent a lot of time on that and made many mistakes.
This is an attempt to collect all findings in one place.
Since this is going to be a huge topic I’ll keep it as a live document with many updates. We all can make mistakes, miss something and be wrong. So please correct me if you find something wrong/missing here. Thanks!
I’m assuming that you already have your project/library somewhere in
GitHub and you already have selected the license for your library.
That’s the plan:
- Create a virtual machine where you can setup everything you need
- Create a Sonatype OSS account
- Create a ticket
- Pick up a right groupId
- Prepare pom.xml
- Prepare Maven settings.xml
- Generate gpg key
Create and configure Virtual Machine
I prefer using VirtualBox and Ubuntu for that but it’s up to you.
Once you’re done with creating a Virtual Machine you need to
- Install and configure
- Clone your library repository
- Install Java
- Install and configure Maven
We will need to do extra configurations for Maven later
Create Sonatype OSS account
Create an account in Sonatype OSS Repository Hosting Service JIRA - http://issues.sonatype.org/.
That service allows you to publish your library to Maven Central.
Once it’s created create a ticket here https://issues.sonatype.org/projects/OSSRH
IssueType: New Project
Summary, Description: Briefly describe what your library is about. Literally one sentence for each.
Group Id: It should be the domain that you own, I personally use
io.lenar. That allows me to publish more than one library without having to create additional tickets, for example
Project url: My example - https://github.com/LenarBad/app-props
SCM url: My example - https://github.com/LenarBad/app-props.git
Initially when you write your code for a Maven project your
pom.xml looks pretty compact but when you go to oprn source it becomes huge.
For example the pom.xml file of one of my projects
io.lenar:app-props at the start point was about 15-20 lines - only the info that is required - groupId, artifactId, version and a couple of dependencies.
When I decided to go open source it turned into this
10 times bigger.
Prepare Maven settings.xml
Replace your-sonatype-username, your-sonatype-password, your-github-email, github-password and your-gpg-passphrase with your values.
Generate pgp key
sudo apt-get install gnupg
Then generate a key
Set required parameters RSA and RSA/2048/Expiration - Never/Name/Email/passphrase
Verify that you successfuly created a key
You should have something like this
pub 2048R/123ABCDF 2019-04-20 [expires: 2020-10-11] uid John Smith <firstname.lastname@example.org> sub 2048R/456FDCBA 2019-04-20 [expires: 2020-10-11]
Then you have to upload your key
gpg --keyserver hkp://pool.sks-keyservers.net --send-keys 123ABCDF
Publish to Maven Central
To release your library you should execute 3 maven commands
If you did everything right then you can use your library as a dependency in any Maven/Gradle project
Next time when you need to publish another project to Maven Central with Sonatype OSS just configure you
pom.xml and publish with Maven deploy and release commands.
PS: Please feel free to fingerpoint at any mistakes you notice and suggest improvements that need to be done