Skip to content

📦 GitHub Action for automatically publishing to Maven central

License

Notifications You must be signed in to change notification settings

WasiqB/maven-publish-action

Use this GitHub action with your project
Add this Action to an existing workflow or create a new one
View on Marketplace

Repository files navigation

Maven Publish Action

GitHub Action for automatically publishing to Maven Central

Features

  • Executes the Maven deploy lifecycle phase
  • Provides Maven with your GPG key and passphrase so your artifacts can be signed using maven-gpg-plugin
  • Provides Maven with your Nexus credentials so it can deploy and release your project to Maven Central

It will also use the deploy Maven profile if you've defined one (in case you want to perform certain steps only when deploying).

Setup

Deployment

It's recommended to publish using the Nexus Staging Maven Plugin, which greatly simplifies the process. You can follow this guide for a simple configuration.

Make sure your project is correctly configured for deployment before continuing with the next step.

Secrets

In your project's GitHub repository, go to Settings → Secrets. On this page, set the following variables:

  • NEXUS_USERNAME: Username (not email!) for your Nexus repository manager account
  • NEXUS_PASSWORD: Password for your Nexus account (or, even better, use the auth token instead)

Signing your artifact using GPG is optional, but recommended. If you choose to use GPG, add the following secrets:

  • GPG_PRIVATE_KEY: GPG private key for signing the published artifacts:
    • Run gpg --list-secret-keys and copy the ID of the key you'd like to use
    • Export the key with gpg -a --export-secret-keys KEY_ID (and replace KEY_ID with the ID you copied)
  • GPG_PASSPHRASE: Passphrase for the GPG key

If you sign your artifacts, make sure the maven-gpg-plugin is configured as described here.

Workflow file

Create a GitHub workflow file (e.g. .github/workflows/release.yml) in your repository. Use the following configuration, which tells GitHub to use the Maven Publish Action when running your CI pipeline. The steps are self-explanatory:

name: Release

on:
  push:
    branches:
      - main

jobs:
  release:
    runs-on: ubuntu-latest
    steps:
      - name: Check out Git repository
        uses: actions/checkout@v4

      - name: Install Java and Maven
        uses: actions/setup-java@v3
        with:
          java-version: 17
          distribution: 'temurin'
          cache: 'maven'

      - name: Release Maven package
        uses: WasiqB/maven-publish-action@v1
        with:
          gpg_private_key: ${{ secrets.gpg_private_key }}
          gpg_passphrase: ${{ secrets.gpg_passphrase }}
          nexus_username: ${{ secrets.nexus_username }}
          nexus_password: ${{ secrets.nexus_password }}

The action will now run every time you push to master.

Configuration

Following are the supported options which you can use with this GitHub Actions:

Option Name Description Required? Default
gpg_private_key GPG private key for signing the published artifacts null
gpg_passphrase Passphrase for the GPG key null
nexus_username Username (not email!) for your Nexus repository manager account null
nexus_password Password for your Nexus account null
server_id Nexus server ID as specified in your project's nexus-staging-maven-plugin and distributionManagement configurations ossrh
directory Directory of the Maven project which should be deployed root-dir
settings_path Directory path for Maven settings file null
maven_goals_phases Maven goals and build phases to execute clean deploy
maven_args Additional arguments to pass to the Maven command ``
maven_profiles Active Maven profiles deploy