It’s a treacherous path. Bring food and a sword.
I tried to follow the official OSSRH guide but I had so many issues… I hope this “guide of the guide” saves you time and frustration.
First things first
- Create a JIRA account on Sonatype’s environment.
- Create a ticket for the creation of your repo.
- Wait 2 business days.
While you wait…
Make sure you have a pom.xml
that complies with Sonatype’s requirements, namely:
- Project coordinates (
groupId
,artifactId
,version
) - Name, Description and URL
- License info
- Developer info
- Source control (repo) info
It will only get worse from here. You have been warned.
😨 😨 😨 😨 😨 😨 😨 scroll down if you’re brave 😨 😨 😨 😨 😨 😨 😨
Setting up the deployment path
When you get the reply to your Jira Ticket:
- Watch this video guide
- But keep an open tab with the complete guide, to copy-paste code snippets.
Problem (path to config) 🤔
I got a 401
after doing mvn deploy
.
To solve this, run mvn -X
and search for Reading user settings from
. That’s the folder where you need your settings.xml
to be.
Mine was [DEBUG] Reading user settings from /Users/USERNAME/.m2/settings.xml
Problem (ups) 😅
Missing: no sources jar found in folder
Add plugins for source and javadoc, copy-paste from this section.
Problem (signing code) 😵
Missing Signature (...) *.jar.asc' does not exist for
Check if you have GPG installed with gpg --version
. In my case it wasn’t. To install it, using homebrew, just do…
brew install gnupg
brew install gnupg2
PATH="/usr/local/opt/gnupg/libexec/gpgbin:$PATH"
- Follow these steps to generate a signature.
- Edit
settings.xml
again to include your GPG passphrase.
<settings>
<servers>
<server>
<id>ossrh</id>
<username>sonatype credentials</username>
<password>sonatype credentials</password>
</server>
</servers>
</settings>
- You must sign at least one file before being able to send the key to the server. You can use any file and delete it afterwards.
For some reason you have to use your passphrase at least once, to “unlock it” or some kind… make sure you are able to receive the key back from the server.
(Attempting to) Publish on Maven Central
mvn release:clean release:prepare
and press Enter to use the defaults
What is the release version for "GroupId:ArtifactId"?
What is SCM release tag or label for "GroupId:ArtifactId"?
What is the new development version for "GroupId:ArtifactId"?
TIP: more about preparing your code for maven releases here.
Problem (signing failed: Inappropriate ioctl for device) 😖
You need to add these two lines to your bash profile (~/.bash_profile
or ~/.zshrc
):
GPG_TTY=$(tty)
export GPG_TTY
Then restart your terminal.
Problem (signing failed: No such file or directory)
Add this code snippet to your pom.xml
, inside the maven-gpg-plugin
plugin:
<configuration>
<!-- Prevent `gpg` from using pinentry programs -->
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
Problem (accessing git) 😩
You can't push to git...
I had to edit my pom.xml
, according to this precious SO answer to look like this:
<scm>
<connection>scm:git:[email protected]/USER/REPO.git</connection>
<developerConnection>scm:git:[email protected]:USER/REPO.git</developerConnection>
<url>[email protected]/USER/REPO/tree/master</url>
</scm>
Problem (git credentials) 😡
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.5.3:prepare (default-cli): Unable to commit files
[ERROR] Provider message:
[ERROR] The git-push command failed.
[ERROR] Command output:
[ERROR] Permission denied (publickey).
It was my problem since I could not reach github from my machine (see below)
$ ssh -T [email protected]
Permission denied (publickey).
I had to add an SSH key to my account for my machine.
🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆 🏆
🎉 Done 🎉
Next time, you just need to
mvn release:clean release:prepare
mvn release:perform
git push