migrating to new publish pipeline

Author: Samuel Abramov

.github/workflows/gradle.yml

@@ -22,3 +22,25 @@ jobs:
         run: chmod +x gradlew
       - name: Build with Gradle
         run: ./gradlew build
+
+  publish:
+    if: github.ref == 'refs/heads/main' && github.event_name == 'push'
+    needs: build
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v5
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '21'
+          distribution: 'adopt'
+      - name: Grant execute permission for gradlew
+        run: chmod +x gradlew
+      - name: Publish to Maven Central
+        env:
+          MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
+          MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+          ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SIGNING_KEY }}
+          ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SIGNING_PASSWORD }}
+        run: ./gradlew publishAllPublicationsToNmcpMavenJavaRepository

PUBLISHING.md

@@ -0,0 +1,88 @@
+# Publishing to Maven Central
+
+This document describes the new publishing process for EDUX library to Maven Central using the new Central Portal API.
+
+## Background
+
+As of November 2024, OSSRH (OSS Repository Hosting) reached end of life and was shut down. We have migrated from the legacy OSSRH staging API to the new Central Portal publishing method.
+
+**Official Statement:** https://central.sonatype.org/pages/ossrh-eol/
+
+## New Publishing Method
+
+We now use the `com.gradleup.nmcp` Gradle plugin, which provides integration with the new Maven Central Portal API.
+
+### Configuration
+
+The publishing configuration is in `lib/build.gradle`:
+
+```gradle
+plugins {
+    // ... other plugins
+    id 'com.gradleup.nmcp' version '0.0.8'
+}
+
+nmcp {
+    publish("mavenJava") {
+        username = System.getenv("MAVEN_CENTRAL_USERNAME")
+        password = System.getenv("MAVEN_CENTRAL_PASSWORD")
+        publicationType = "USER_MANAGED"  // Manual release control
+    }
+}
+```
+
+### Required Secrets
+
+The following GitHub secrets must be configured:
+
+1. **MAVEN_CENTRAL_USERNAME**: Username from Central Portal token
+2. **MAVEN_CENTRAL_PASSWORD**: Password from Central Portal token  
+3. **SIGNING_KEY**: GPG private key for artifact signing
+4. **SIGNING_PASSWORD**: GPG key passphrase
+
+### Central Portal Token Generation
+
+1. Go to https://central.sonatype.com/account
+2. Generate a user token
+3. Use the generated username/password for `MAVEN_CENTRAL_USERNAME` and `MAVEN_CENTRAL_PASSWORD`
+
+### Publishing Process
+
+#### Automated (GitHub Actions)
+- Automatic publishing occurs on pushes to `main` branch
+- GitHub Action runs: `./gradlew publishAllPublicationsToNmcpMavenJavaRepository`
+- With `USER_MANAGED` setting, releases require manual approval on Central Portal
+
+#### Manual Publishing
+```bash
+# Publish to Central Portal
+./gradlew publishAllPublicationsToNmcpMavenJavaRepository
+
+# Check available tasks
+./gradlew tasks --all | grep nmcp
+```
+
+### Publication Type Options
+
+- **USER_MANAGED**: Artifacts are uploaded but require manual release approval in Central Portal
+- **AUTOMATIC**: Artifacts are automatically published after validation
+
+### Verification
+
+After publishing with `USER_MANAGED`:
+1. Log into https://central.sonatype.com/
+2. Navigate to deployments
+3. Review and approve the deployment for public release
+
+### Migration Changes
+
+- ✅ Removed legacy OSSRH repository configuration
+- ✅ Added `com.gradleup.nmcp` plugin
+- ✅ Updated GitHub Actions workflow
+- ✅ Fixed JUnit test dependencies (unrelated but needed for build)
+
+### Troubleshooting
+
+- Ensure all required secrets are configured in GitHub repository settings
+- Verify GPG signing key is properly formatted (include `-----BEGIN PGP PRIVATE KEY BLOCK-----` headers)
+- Check Central Portal deployment status at https://central.sonatype.com/

example/build.gradle

@@ -4,7 +4,7 @@ plugins {
 }
 
 group = 'io.github.samyssmile'
-version = '1.0.7'
+version = '2.0.0'
 
 java {
     toolchain {

lib/build.gradle

@@ -4,6 +4,7 @@ plugins {
     id 'signing'
     id "me.champeau.jmh" version "0.7.2"
     id 'com.github.ben-manes.versions' version '0.51.0'
+    id 'com.gradleup.nmcp' version '0.0.8'
 }
 
 group = 'io.github.samyssmile'
@@ -43,10 +44,10 @@ dependencies {
     implementation 'org.apache.logging.log4j:log4j-slf4j-impl:3.0.0-beta2'
 
     // Test dependencies
-    testImplementation 'org.junit.jupiter:junit-jupiter-api:5.11.3'
+    testImplementation platform('org.junit:junit-bom:5.11.3')
+    testImplementation 'org.junit.jupiter:junit-jupiter'
     testImplementation 'org.mockito:mockito-core:5.11.3'
     testImplementation 'org.mockito:mockito-junit-jupiter:5.14.2'
-    testImplementation 'org.junit.jupiter:junit-jupiter:5.11.3'
 }
 
 tasks.withType(Test) {
@@ -96,21 +97,22 @@ publishing {
             }
         }
     }
-    repositories {
-        maven {
-            name = "sonatype"
-            url = version.endsWith('SNAPSHOT') ? 'https://s01.oss.sonatype.org/content/repositories/snapshots/' : 'https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/'
-            credentials {
-                username = System.getenv("OSSRH_USERNAME")
-                password = System.getenv("OSSRH_PASSWORD")
-            }
-        }
-    }
 }
 
 signing {
+    required { gradle.taskGraph.hasTask("publish") }
+    useGpgCmd()
     sign publishing.publications.mavenJava
 }
 
+nmcp {
+    publish("mavenJava") {
+        username = System.getenv("MAVEN_CENTRAL_USERNAME")
+        password = System.getenv("MAVEN_CENTRAL_PASSWORD")
+        // Use USER_MANAGED for manual publishing control, or AUTOMATIC for auto-publish
+        publicationType = "USER_MANAGED"
+    }
+}
+