This is an example repository that demonstrates how a library can be automatically published to Maven Central using Travis CI.
This repository is published under the MIT license. Feel free to copy whatever is useful for you.
This repository is built on my experience with publishing libraries to Maven Central and Nathan Fischer's fantastic walkthrough "Complete guide to continuous deployment to maven central from Travis CI".
You need GnuPG 2.x for signing the artifacts and the Travis Client for encrypting secrets. If you don't have them on your local machine then you can use a VM. This repository supports Vagrant. With
vagrant up
you can start a VM with the necessary tools.
Artifacts that are uploaded to Maven Central must be signed. Therefore you need GPG keys. Create your GPG keys with
gpg --generate-key
Export your public and private key
gpg --export --armor someone@somewhere > deployment/signingkey.asc
gpg --export-secret-keys --armor someone@somewhere >> deployment/signingkey.asc
Travis needs to know your passphrase, and Sonatype credentials for deploying to Maven Central. These are secrets and therefore you must not store them as plaintext in your repository. Therefore Travis provides support for encrypting secrets. The ciphertexts can be stored in the repository. First you need to login to Travis
travis login --pro
and then encrypt the secrects and add them to you .travis.yml file
travis encrypt PASSPHRASE=... --pro --add
travis encrypt SONATYPE_USERNAME=... --pro --add
travis encrypt SONATYPE_PASSWORD=... --pro --add
You also need to encrupt the file with the GPG keys.
travis encrypt-file deployment/signingkey.asc deployment/signingkey.asc.enc --pro --add
Delete the unencrypted file afterwards
rm deployment/signingkey.asc
The flag --pro must not be used if your project is still built on
travis-ci.org (all new projects are built on travis-ci.com).