Maven Central is the de-facto repository for hosting software artifacts that compile to the JVM. It is one of the world’s largest and oldest archives of software libraries. In this post, I’ll describe the process of releasing a new artifact in Maven Central following a step-by-step approach.

Excerpt of 1% of the whole graph of Maven artifacts — © Excerpt of 1% of the Maven Dependency Graph of software artifacts. Source.

Create a JIRA ticket in Sonatype

First, you need to create a JIRA account and submit a ticket there requesting for a project namespace in Sonatype (aka, GroupId):

A staging repository is already configured for the requested GroupId, you need to find someone with a deployer role that comments on the ticket to verify your request. Below is an example of a ticket that I created requesting a repository for the namespace se.kth.castor

The ticked review is a manual process, it normally takes less than 2 business days.

Configuring the POM

After the approval of the ticket, you need to add additional information to the POM of the Maven project or module to be deployed. Follow the steps below exactly as they are.

Choose appropriate coordinates as explained here:


1
2
3
<groupId>com.example.applications</groupId>
<artifactId>example-application</artifactId>
<version>1.4.7</version>

Add your project name, description, and URL:


1
2
3
<name>Example Application</name>
<description>Describe your Application</description>
<url>http://www.example.com/example-application</url>

Add licence information:


1
2
3
4
5
6
<licenses>
  <license>
     <name>The Apache License, Version 2.0</name>
    <url>http://www.apache.org/licenses/LICENSE-2.0.txt</url>
  </license>
</licenses>

Add information about developer/s :


1
2
3
4
5
6
7
8
<developers>
  <developer>
    <name>Manfred Moser</name>
    <email>manfred@sonatype.com</email>
    <organization>Sonatype</organization>
    <organizationUrl>http://www.sonatype.com</organizationUrl>
  </developer>
</developers>

Add SCM information, the following example uses GitHub:


1
2
3
4
5
<scm>
  <connection>scm:git:git://github.com/simpligility/ossrh-demo.git</connection>
  <developerConnection>scm:git:ssh://github.com:simpligility/ossrh-demo.git</developerConnection>
  <url>http://github.com/simpligility/ossrh-demo/tree/master</url>
</scm>

Add distribution management and authentication to Sonatype via the nexus-staging-maven-plugin:


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<distributionManagement>
  <snapshotRepository>
     <id>ossrh</id>
     <url>https://oss.sonatype.org/content/repositories/snapshots</url>
  </snapshotRepository>
</distributionManagement>
<build>
  <plugins>
     <plugin>
       <groupId>org.sonatype.plugins</groupId>
       <artifactId>nexus-staging-maven-plugin</artifactId>
       <version>1.6.7</version>
       <extensions>true</extensions>
       <configuration>
         <serverId>ossrh</serverId>
         <nexusUrl>https://oss.sonatype.org/</nexusUrl>
         <autoReleaseAfterClose>true</autoReleaseAfterClose>
       </configuration>
     </plugin>
     ...
  </plugins>
</build>

Add javadoc and sources attachments using the maven-javadoc-plugin and maven-source-plugin :


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
<build>
  <plugins>
     <plugin>
        <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-source-plugin</artifactId>
          <version>2.2.1</version>
          <executions>
            <execution>
              <id>attach-sources</id>
              <goals>
                <goal>jar-no-fork</goal>
              </goals>
            </execution>
          </executions>
        </plugin>
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-javadoc-plugin</artifactId>
          <version>2.9.1</version>
          <executions>
            <execution>
              <id>attach-javadocs</id>
              <goals>
                <goal>jar</goal>
              </goals>
            </execution>
          </executions>
     </plugin>
  </plugins>
</build>

Add GPG signed components using the maven-gpg-plugin:


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
<build>
  <plugins>
     <plugin>
        <groupId>org.apache.maven.plugins</groupId>
        <artifactId>maven-gpg-plugin</artifactId>
        <version>1.5</version>
        <executions>
           <execution>
              <id>sign-artifacts</id>
              <phase>verify</phase>
              <goals>
                <goal>sign</goal>
              </goals>
           </execution>
        </executions>
     </plugin>
  </plugins>
</build>

Follow these instructions to encrypt your artifact with gpg2 and distribute your public key to a key server (e.g., http://keys.gnupg.net). Do not forget to choose a passphrase to protect your secret key. Then add your gpg credentials with your passphrase to your Mavensettings.xml file locally and use the Sonatype Nexus repository manager as the server :


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
<settings>
  <profiles>
     <profile>
       <id>ossrh</id>
         <activation>
          <activeByDefault>true</activeByDefault>
          </activation>
          <properties>
            <gpg.executable>gpg2</gpg.executable>
            <gpg.passphrase>the_pass_phrase</gpg.passphrase>
          </properties>
        </profile>
      </profiles>
</settings>

<servers>
  <server> 
    <id>ossrh</id>
    <username>the_user_name</username>
    <password>the_password</password>
  </server>
</servers>r

Add nexus-staging-maven-plugin with the following configurations:


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
<build>
  <plugins>
     <plugin>
        <groupId>org.sonatype.plugins</groupId>
        <artifactId>nexus-staging-maven-plugin</artifactId>
        <version>1.6.7</version>
        <extensions>true</extensions>
        <configuration>
           <serverId>ossrh</serverId>
           <nexusUrl>https://oss.sonatype.org/</nexusUrl>
           <autoReleaseAfterClose>true</autoReleaseAfterClose>
        </configuration>
     </plugin>
  </plugins>
</build>

Release to Maven Central

Finally, run a deployment to OSSRH and an automated release to the Central Repository with the following command:


1
mvn clean deploy

After this, Central sync will be activated for your namespace. After you successfully deploy, your component will be published to Maven Central, typically within 10 minutes, though updates to search.maven.org can take up to two hours.

If you have any issue, let me know in the comments below. Happy deploying