Publish on Maven Central

Publishing is handled by a GitHub Actions release workflow and the Central Publishing Maven Plugin. Artifacts are signed with GPG and published automatically — no manual staging/promotion step is needed.

Prerequisites

The project must already be registered with the Sonatype Central Portal. If this is a first-time publish, follow Register on the Central Portal.

The following GitHub repository secrets must be configured:

Secret Purpose

Secret	Purpose
`GPG_PRIVATE_KEY`	Armor-exported GPG signing key (`gpg --export-secret-keys --armor <key-id>`)
`GPG_PASSPHRASE`	Passphrase for the GPG key
`CENTRAL_TOKEN_USERNAME`	Central Portal token username (generated at central.sonatype.com)
`CENTRAL_TOKEN_PASSWORD`	Central Portal token password

GPG_PRIVATE_KEY

Armor-exported GPG signing key (gpg --export-secret-keys --armor <key-id>)

GPG_PASSPHRASE

Passphrase for the GPG key

CENTRAL_TOKEN_USERNAME

Central Portal token username (generated at central.sonatype.com)

CENTRAL_TOKEN_PASSWORD

Central Portal token password

Release process

Push a Git tag (e.g. git tag 1.0.7 && git push origin 1.0.7).
The release.yml GitHub Actions workflow will:
1. Set the POM version to match the tag name.
2. Build, sign, and deploy the artifacts using the release profile.
3. The central-publishing-maven-plugin uploads to the Central Portal with autoPublish enabled, so the release is promoted to Maven Central automatically.
Wait a few minutes for the artifacts to appear on Maven Central.

Useful links

https://central.sonatype.com — Central Portal (token management, deployments)
search.maven.org — verify published artifacts