Follow steps 2 and 3 here to create an account on Sonatype: https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide
https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven
If you don't have gpg
installed: brew install gpg
Create a key by running gpg --gen-key
and make sure to save your passphrase.
To get your keyId, run gpg --list-keys
and you should get output similar to this:
/Users/YOUR_USERNAME/.gnupg/pubring.gpg
------------------------------------
pub 2048R/ABCD1234 YYYY-MM-DD
uid Your Name <your.email@domain.com>
sub 2048R/EFAB5678 YYYY-MM-DD
Grab your keyId (the piece after the "2048/"
, in this example, ABCD1234
) and run gpg --keyserver hkp://pool.sks-keyservers.net --send-keys YOUR_KEY_ID
Create a file (if it doesn't already exist at ~/.gradle/gradle.properties
and add in the following lines:
# info from oss.sonatype.org. I recommend going to "https://oss.sonatype.org/" and clicking on your username at the top right, clicking Profile, and choosing "User Token" from the dropdown. You can substitue your actual username/password for those values generated.
NEXUS_USERNAME=YOUR_USER_NAME
NEXUS_PASSWORD=YOUR_PASSWORD
signing.keyId=YOUR_KEY_ID
signing.password=YOUR_GPG_PASSPHRASE
signing.secretKeyRingFile=/Users/YOUR_USERNAME/.gnupg/secring.gpg
Add this to your module's build.gradle
to make it produce a .jar in addition to a .aar. The last line is a helpful script to simplify sending the packaged files to Maven.
android.libraryVariants.all { variant ->
def name = variant.buildType.name
if (!name.equals(com.android.builder.BuilderConstants.DEBUG)) {
def task = project.tasks.create "jar${name.capitalize()}", Jar
task.dependsOn variant.javaCompile
task.from variant.javaCompile.destinationDir
artifacts.add('archives', task);
}
}
apply from: 'https://raw.github.com/chrisbanes/gradle-mvn-push/master/gradle-mvn-push.gradle'
Run the following command to build and upload: ./gradlew clean build signArchives uploadArchives
.
You may also want to add something like this to your build.gradle
so that archives are always signed. I haven't tried this though.
uploadArchives.repositories.mavenDeployer.beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }
Once the archives are pushed, log back on to oss.sonatype.org and click on "Staging Repositories". Select your uploaded archive and click "Close" (I'm not entirely sure at the moment why it must be closed first). Once this is done (you may need to refresh the tab), select it again and click "Release".
Go back to the initial Jira issue that you created and comment that you're done uploading to Sonatype. They should approve it and then it will be synced with Maven Central.