Publishing to Maven central (troubleshoot included)

Publish to maven central is a bad time

It’s a treacherous path. Bring food and a sword.

I tried to follow the official OSSRH guide but I had so many issues… I hope this “guide of the guide” saves you time and frustration.

First things first

  1. Create a JIRA account on Sonatype’s environment.
  2. Create a ticket for the creation of your repo.
  3. Wait 2 business days.

While you wait…

Make sure you have a pom.xml that complies with Sonatype’s requirements, namely:

  • Project coordinates (groupId, artifactId, version)
  • Name, Description and URL
  • License info
  • Developer info
  • Source control (repo) info

It will only get worse from here. You have been warned.

😨 😨 😨 😨 😨 😨 😨 scroll down if you’re brave 😨 😨 😨 😨 😨 😨 😨

Setting up the deployment path

When you get the reply to your Jira Ticket:

Problem (path to config) 🤔

I got a 401 after doing mvn deploy.

To solve this, run mvn -X and search for Reading user settings from. That’s the folder where you need your settings.xml to be.

Mine was [DEBUG] Reading user settings from /Users/USERNAME/.m2/settings.xml

Problem (ups) 😅

Missing: no sources jar found in folder

Add plugins for source and javadoc, copy-paste from this section.

Problem (signing code) 😵

Missing Signature (...) *.jar.asc' does not exist for

Check if you have GPG installed with gpg --version. In my case it wasn’t. To install it, using homebrew, just do…

brew install gnupg
brew install gnupg2
  • Follow these steps to generate a signature.
  • Edit settings.xml again to include your GPG passphrase.
      <username>sonatype credentials</username>
      <password>sonatype credentials</password>
  • You must sign at least one file before being able to send the key to the server. You can use any file and delete it afterwards.

For some reason you have to use your passphrase at least once, to “unlock it” or some kind… make sure you are able to receive the key back from the server.

(Attempting to) Publish on Maven Central

mvn release:clean release:prepare

and press Enter to use the defaults

What is the release version for "GroupId:ArtifactId"?
What is SCM release tag or label for "GroupId:ArtifactId"?
What is the new development version for "GroupId:ArtifactId"?

TIP: more about preparing your code for maven releases here.

Problem (signing failed: Inappropriate ioctl for device) 😖

You need to add these two lines to your bash profile (~/.bash_profile or ~/.zshrc):

export GPG_TTY

Then restart your terminal.

Problem (signing failed: No such file or directory)

Add this code snippet to your pom.xml, inside the maven-gpg-plugin plugin:

  <!-- Prevent `gpg` from using pinentry programs -->

Problem (accessing git) 😩

You can't push to git...

I had to edit my pom.xml, according to this precious SO answer to look like this:

    <connection>scm:git:[email protected]/USER/REPO.git</connection>
    <developerConnection>scm:git:[email protected]:USER/REPO.git</developerConnection>
    <url>[email protected]/USER/REPO/tree/master</url>

Problem (git credentials) 😡

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli): Unable to commit files
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] Permission denied (publickey).

It was my problem since I could not reach github from my machine (see below)

$ ssh -T [email protected]
Permission denied (publickey).

I had to add an SSH key to my account for my machine.

🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆

🎉 Done 🎉

Next time, you just need to

mvn release:clean release:prepare
mvn release:perform
git push