These are quick notes on using Maven to release artifacts to Sonatype.
To release a snapshot to Sonatype OSS Snapshots repository:
mvn clean deploy
Releases are deployed to Sonatype OSSRH Staging and then manually synced to Central.
To release with automated versioning and SCM integration:
mvn release:clean release:prepare
mvn release:perform
To release manually:
mvn versions:set -DnewVersion=1.2.3
mvn clean deploy -P release
Sonatype uploads are authenticated and require credentials.
GPG signing requires a passphrase to unlock the signing key.
Both of these secrets can be stored in ~/.m2/settings.xml.
<settings>
<servers>
<server>
<id>ossrh</id>
<username>jira-username</username>
<password>jira-password</password>
</server>
</servers>
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.passphrase>gpg-password</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>