Publish your artifact to the Maven Central Repository using GitHub Actions

Hi there fellow keyboard pusher! So, you’ve created something awesome and now want to share it with the world. Grab a cup of coffee or tea, and let’s dig into a step-by-step guide on how to get your artifact easily available for others to use.

1. Create a Sonatype Account: First step is to create a Maven Central Sonatype Account.

Sonatype Account

2. Your project’s pom.xml: Add a release profile to your project’s pom.xml file. This profile defines the necessary configurations for publishing to Maven Central. Here's a sample snippet:

<profiles>
  <profile>
   <id>release</id>
   <build>
    <plugins>
     <plugin>
      <groupId>org.sonatype.central</groupId>
      <artifactId>central-publishing-maven-plugin</artifactId>
      <version>0.4.0</version>
      <extensions>true</extensions>
      <configuration>
       <publishingServerId>central</publishingServerId>
       <tokenAuth>true</tokenAuth>
       <autoPublish>true</autoPublish>
      </configuration>
     </plugin>
     <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-source-plugin</artifactId>
      <version>3.3.0</version>
      <executions>
       <execution>
        <id>attach-sources</id>
        <phase>verify</phase>
        <goals>
         <goal>jar-no-fork</goal>
        </goals>
       </execution>
      </executions>
     </plugin>
     <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-javadoc-plugin</artifactId>
      <version>3.6.3</version>
      <executions>
       <execution>
        <id>attach-javadoc</id>
        <goals>
         <goal>jar</goal>
        </goals>
       </execution>
      </executions>
      <configuration>
       <stylesheet>java</stylesheet>
       <doclint>none</doclint>
      </configuration>
     </plugin>
     <plugin>
      <groupId>org.apache.maven.plugins</groupId>
      <artifactId>maven-gpg-plugin</artifactId>
      <version>3.1.0</version>
      <executions>
       <execution>
        <id>sign-artifacts</id>
        <phase>verify</phase>
        <goals>
         <goal>sign</goal>
        </goals>
       </execution>
      </executions>
      <configuration>
       <gpgArguments>
        <arg>--pinentry-mode</arg>
        <arg>loopback</arg>
       </gpgArguments>
      </configuration>
     </plugin>
    </plugins>
   </build>
  </profile>
 </profiles>

3. Set Up GitHub Action Workflow: Create a new GitHub Action workflow file named maven-publish.yml or choose the workflow “Publish Java Package with Maven” in GitHub Actions. End result should be this file:

name: Publish package to the Maven Central Repository
on:
  release:
    types: [created]
jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - name: Set up Maven Central Repository
        uses: actions/setup-java@v4
        with:
          java-version: '21'
          distribution: 'temurin'
          server-id: central
          server-username: MAVEN_USERNAME
          server-password: MAVEN_PASSWORD
          gpg-private-key: ${{ secrets.GPG_SIGNING_KEY }}
          gpg-passphrase: MAVEN_GPG_PASSPHRASE
      - name: Set version
        run: mvn versions:set -DnewVersion=${{ github.event.release.tag_name }}
      - name: Publish package
        run: mvn -P release --batch-mode deploy -DskipTests
        env:
          MAVEN_USERNAME: ${{ secrets.CENTRAL_TOKEN_USERNAME }}
          MAVEN_PASSWORD: ${{ secrets.CENTRAL_TOKEN_PASSWORD }}
          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_SIGNING_KEY_PASSWORD }}

GitHub Action Workflow

4. Log into Central Sonatype Account: Access your Central Sonatype account here.

Sonatype Menu

5. Register a Namespace: Within your Central Sonatype account, register a namespace to be allowed to publish your artifact.

6. Generating a key pair and sign your artifact with GPG: Follow this GPG guide to ensure your artifact is signed.

$ gpg --list-keys
/home/mylocaluser/.gnupg/pubring.kbx
---------------------------------
pub   rsa3072 2021-06-23 [SC] [expires: 2023-06-23]
      CA925CD6C9E8D064FF05B4728190C4130ABA0F98
uid           [ultimate] Central Repo Test <central@example.com>
sub   rsa3072 2021-06-23 [E] [expires: 2023-06-23]

7. Generate a Central Token: This user token will be used in your settings.xml and GitHub Action secrets for authentication.

Sonatype Generate User Token

8. Add GitHub Secrets: In your GitHub repository settings, navigate to Secrets and add the following secrets:

• CENTRAL_TOKEN_USERNAME: The username from the generated user token in step 7
• CENTRAL_TOKEN_PASSWORD: The password from the generated user token in step 7
• GPG_SIGNING_KEY: The exported private key generated in step 6
• GPG_SIGNING_KEY_PASSWORD: The password you set for your private key in step 6

GitHub Secrets

9. Create a release: Now you can create a release from your GitHub repository

GitHub Release

10. Published: After a while a new artifact should be created and published to Maven Central Repository

Sonatype publish

Well done, fellow keyboard pusher! You’ve now mastered the art of publishing your artifact. Remember, behind every great artifact is a great coder, and sharing is caring.