Due to Sonatype's strict validation rules, the publishing requirement must be satisfied by every artifact which wants to be published to Sonatype.
For Java and Android library projects, the publishing configurations are very similar, but the configurations of creating publication are quite different, this gradle plugin is used to simplify the engineering complexity of publishing artifacts to Sonatype, developers don't need to write boilerplate publishing DSL for each project to satisfy Sonatype validation rules.
This plugin not only support publishing artifacts to Sonatype, but also support publishing artifacts to private Nexus repository.
For more information, see References
plugins {
kotlin("jvm")
id("io.johnsonlee.sonatype-publish-plugin") version "1.6.1"
}
group = "<your-group-id>"
version = "1.0.0"Then, execute publish tasks:
./gradlew publishToMavenLocal -x signMavenJavaPublicationTo publish artifacts to remote maven repository, additional configurations are quired.
-
OSSRH_USERNAMEThe account id of Sonatype, searching from project properties by default, otherwise searching from system env
-
OSSRH_PASSWORDthe account password of Sonatype, searching from project properties by default, otherwise searching from system env
-
OSSRH_PACKAGE_GROUPThe package group of Sonatype, e.g.
io.johnsonlee, searching from project properties by default, otherwise searching from system env
-
NEXUS_URLThe endpoint of Nexus service, e.g. http://nexus.johnsonlee.io/, searching from project properties by default, otherwise searching from system env
-
NEXUS_USERNAMEThe account id of Nexus, searching from project properties by default, otherwise searching from system env
-
NEXUS_PASSWORDThe account password of Nexus, searching from project properties by default, otherwise searching from system env
-
signing.keyIdThe GPG key id (short format). In this example, the GPG key id is
71567BD2$ gpg --list-secret-keys --keyid-format=short /Users/johnsonlee/.gnupg/secring.gpg ------------------------------------ sec 4096R/71567BD2 2021-03-10 [expires: 2031-03-10] uid Johnson ssb 4096R/4BA89E7A 2021-03-10 -
signing.passwordThe password of GPG key
-
signing.secretKeyRingFileThe secret key ring file, e.g. /Users/johnsonlee/.gnupg/secring.gpg
The best practice is putting the properties above into
~/.gradle/gradle.propertiesOSSRH_USERNAME=johnsonlee OSSRH_PASSWORD=********* OSSRH_PACKAGE_GROUP=io.johnsonlee signing.keyId=71567BD2 signing.password=********* signing.secretKeyRingFile=/Users/johnsonlee/.gnupg/secring.gpg
The following git configurations are be used for generating maven POM file, please skip if already done.
-
user.namegit config user.name <username>
-
user.emailgit config user.email <email-address>
-
remote.origin.url(optional)The
remote.origin.urlis available by default unless the git repository is created locallygit remote add origin git@github.com:<username>/<repository>
-
project.groupThe
groupIdof the publication, only the root project need to configured, subproejcts will inherit from the root project -
project.versionThe
versionof the publication, only the root project need to configured, subproejcts will inherit from the root project
The artifactId of the publication is the project.name by default
Add a license file (LICENSE, LICENSE.txt, LICENSE.md or LICENSE.rst) into project, then the license type will be recognized automatically.
For more information on repository licenses, see "Supported Licenses"
./gradlew initializeSonatypeStagingRepository publishToSonatype./gradlew closeAndReleaseRepository./gradlew clean publishFor Android projects, using -x to disable publication tasks for debug variants:
./gradlew clean publish -x publishDebugPublicationToMavenRepositoryAfter release complete, the artifacts will be synced to Maven Central automatically