maven-central-publish

Comprehensive guide and toolkit for publishing Java artifacts to Maven Central using the modern Central Portal (central.sonatype.com) workflow.

Safety Notice

This listing is from the official public ClawHub registry. Review SKILL.md and referenced scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "maven-central-publish" with this command: npx skills add MISAKIGA/maven-central-publish

Maven Central Publish Skill

This skill provides a standardized workflow for publishing Java/Kotlin libraries to the Maven Central Repository using the modern Central Portal (via central-publishing-maven-plugin).

📋 Prerequisites

  1. Central Portal Account: Sign up at central.sonatype.com.
  2. Namespace Verified: You must have verified your groupId (e.g., io.github.username or com.yourdomain) in the portal.
  3. User Token: Generated from the Central Portal (My Account -> Generate User Token).

🛠️ Environment Setup

1. Install Tools

Ensure maven, gnupg, and openjdk-17+ are installed.

# Ubuntu/Debian
apt-get install -y maven gnupg openjdk-17-jdk

2. GPG Configuration (Critical)

Maven requires GPG signing. For automated/headless environments, Loopback Pinentry is required.

# 1. Generate Key (if none exists)
gpg --gen-key

# 2. Configure Loopback (Prevent UI prompts)
mkdir -p ~/.gnupg
echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf
echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf
gpg-connect-agent reloadagent /bye

# 3. Publish Key
gpg --list-keys # Get your Key ID (last 8 chars or full hex)
gpg --keyserver keyserver.ubuntu.com --send-keys <KEY_ID>

3. Maven Settings (~/.m2/settings.xml)

Configure your Central Portal credentials.

<settings>
  <servers>
    <server>
      <id>central</id>
      <username>USER_TOKEN_USERNAME</username>
      <password>USER_TOKEN_PASSWORD</password>
    </server>
  </servers>
  <profiles>
    <profile>
      <id>release</id>
      <activation>
        <activeByDefault>false</activeByDefault>
      </activation>
      <properties>
        <gpg.executable>gpg</gpg.executable>
        <gpg.passphrase>YOUR_GPG_PASSPHRASE</gpg.passphrase>
      </properties>
    </profile>
  </profiles>
</settings>

📦 Project Configuration (pom.xml)

Your project MUST meet the Quality Requirements:

  1. Coordinates: groupId, artifactId, version.
  2. Metadata: name, description, url, licenses, developers, scm.
  3. Plugins: Javadoc, Source, GPG, and Central Publishing.

Recommended Plugin Configuration

Add this to your <build><plugins> section:

<!-- 1. Source Plugin -->
<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-source-plugin</artifactId>
    <version>3.3.0</version>
    <executions>
        <execution>
            <id>attach-sources</id>
            <goals><goal>jar-no-fork</goal></goals>
        </execution>
    </executions>
</plugin>

<!-- 2. Javadoc Plugin -->
<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-javadoc-plugin</artifactId>
    <version>3.6.3</version>
    <configuration>
        <doclint>none</doclint> <!-- Prevent strict checks failing build -->
        <failOnError>false</failOnError>
    </configuration>
    <executions>
        <execution>
            <id>attach-javadocs</id>
            <goals><goal>jar</goal></goals>
        </execution>
    </executions>
</plugin>

<!-- 3. GPG Plugin (Best Practice: wrap in 'release' profile) -->
<plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-gpg-plugin</artifactId>
    <version>3.1.0</version>
    <configuration>
        <gpgArguments>
            <arg>--pinentry-mode</arg>
            <arg>loopback</arg>
        </gpgArguments>
    </configuration>
    <executions>
        <execution>
            <id>sign-artifacts</id>
            <phase>verify</phase>
            <goals><goal>sign</goal></goals>
        </execution>
    </executions>
</plugin>

<!-- 4. Central Publishing Plugin (The Magic Sauce) -->
<plugin>
    <groupId>org.sonatype.central</groupId>
    <artifactId>central-publishing-maven-plugin</artifactId>
    <version>0.7.0</version>
    <extensions>true</extensions>
    <configuration>
        <publishingServerId>central</publishingServerId>
        <!-- autoPublish: set to true to skip manual button click in portal -->
        <autoPublish>false</autoPublish> 
    </configuration>
</plugin>

🚀 Deployment

Run the deploy command with the release profile active:

mvn clean deploy -P release

Success Indicators:

  • [INFO] Uploaded bundle successfully...
  • [INFO] Deployment ... has been validated.

If autoPublish is false (recommended for first time), log in to central.sonatype.com, review the deployment, and click Publish.

❓ Troubleshooting

ErrorCauseFix
401 UnauthorizedInvalid User Token in settings.xmlGenerate new token in Central Portal. Ensure server ID matches.
GPG signing failedNo pinentry / wrong passphraseUse pinentry-mode loopback config; Check gpg-agent.
Javadoc generation failedStrict HTML checksAdd <doclint>none</doclint> to javadoc plugin config.
Invalid coordinatesGroupId mismatchEnsure pom.xml groupId matches verified namespace in Portal.

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open Registry RecordOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Automation

Agent Guardian

Agent体验守护系统。解决AI助手常见体验问题:长时间无响应、任务卡死、中英文混用、状态不透明。包含看门狗监控、智能状态汇报、即时状态查询、语言一致性过滤、消息队列追踪。适用于所有渠道(QQ/微信/Telegram/飞书/Discord等)。当用户抱怨"等太久没回复"、"回复中英文混着"、"不知道在干什么"时使...

Registry SourceRecently Updated
080
fanxinyun1991
Automation

Proactive Agent V2

Transform AI agents from task-followers into proactive partners that anticipate needs and continuously improve. Now with WAL Protocol, Working Buffer, Autono...

Registry SourceRecently Updated
080
eathon
Automation

Palaia

Local, crash-safe persistent memory for OpenClaw agents. Replaces built-in memory-core with semantic search, projects, and scope-based access control. After...

Registry SourceRecently Updated
1381
iret77