Android Core

Guide to publish an aar to maven using gradle

In this post, I’d like to describe the steps necessary to publish an aar to maven repository. There are other guides that cover this topic and some of the information written here are derived from them, but in this guide I want to describe the process step by step, without covering in detail the gradle aspects but focusing on creating signing key and check the final result.

Steps

To publish an aar to maven central you need:
 

  1. Register an account and create a new ticket (https://issues.sonatype.org)
  2. Download (if you use OS X) GPGTools (http://www.gpgtools.org/)
  3. Modify project gradle files
  4. Create signing key
  5. Build, sign and publish your files to the Staging repository
  6. Check the result

The step 1 is very easy and you can follow this official guide, please notice that before you get the permission to upload your files usually you have to wait for two business days after you opened your ticket.

Modify project gradle files

In order to publish your aar, you have to add/modify some gradle files and create some property file. All the information and files here are copied from here and here, and I will not explain them, because they are already well explained in these blogs. The first file, you have to add to the project root, is maven_push.gradle, that I write it here for simplicity: :

apply plugin: 'maven'
apply plugin: 'signing'

def sonatypeRepositoryUrl
if (isReleaseBuild()) {
    println 'RELEASE BUILD
    sonatypeRepositoryUrl = hasProperty('RELEASE_REPOSITORY_URL') ? RELEASE_REPOSITORY_URL
            : "https://oss.sonatype.org/service/local/staging/deploy/maven2/"
} else {
    println 'SNAPSHOT BUILD'
    sonatypeRepositoryUrl = hasProperty('SNAPSHOT_REPOSITORY_URL') ? SNAPSHOT_REPOSITORY_URL
            : "https://oss.sonatype.org/content/repositories/snapshots/"

}

def getRepositoryUsername() {
    return hasProperty('nexusUsername') ? nexusUsername : ""
}

def getRepositoryPassword() {
    return hasProperty('nexusPassword') ? nexusPassword : ""
}

afterEvaluate { project ->
    uploadArchives {
        repositories {
            mavenDeployer {
                beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }

                pom.artifactId = POM_ARTIFACT_ID

                repository(url: sonatypeRepositoryUrl) {
                    authentication(userName: getRepositoryUsername(), password: getRepositoryPassword())
                }

                pom.project {
                    name POM_NAME
                    packaging POM_PACKAGING
                    description POM_DESCRIPTION
                    url POM_URL

                    scm {
                        url POM_SCM_URL
                        connection POM_SCM_CONNECTION
                        developerConnection POM_SCM_DEV_CONNECTION
                    }

                    licenses {
                        license {
                            name POM_LICENCE_NAME
                            url POM_LICENCE_URL
                            distribution POM_LICENCE_DIST
                        }
                    }

                    developers {
                        developer {
                            id POM_DEVELOPER_ID
                            name POM_DEVELOPER_NAME
                        }
                    }
                }
            }
        }
    }

    signing {
        required { isReleaseBuild() && gradle.taskGraph.hasTask("uploadArchives") }
        sign configurations.archives
    }

    task androidJavadocs(type: Javadoc) {
        source = android.sourceSets.main.allJava
        classpath += project.files(android.plugin.getRuntimeJarList().join(File.pathSeparator))
    }

    task androidJavadocsJar(type: Jar, dependsOn: androidJavadocs) {
        classifier = 'javadoc'
        //basename = artifact_id
        from androidJavadocs.destinationDir
    }

    task androidSourcesJar(type: Jar) {
        classifier = 'sources'
        //basename = artifact_id
        from android.sourceSets.main.allSource
    }

    artifacts {
        //archives packageReleaseJar
        archives androidSourcesJar
        archives androidJavadocsJar
    }
}

and then you have to add/modify gradle.properties:

VERSION_NAME=1.2
VERSION_CODE=1
GROUP=com.survivingwithandroid
POM_DESCRIPTION=Android Weather Lib
POM_URL=https://github.com/survivingwithandroid/WeatherLib
POM_SCM_URL=https://github.com/survivingwithandroid/WeatherLib
POM_SCM_CONNECTION=scm:git@github.com:survivingwithandroid/weatherlib.git
POM_SCM_DEV_CONNECTION=scm:git@github.com:survivingwithandroid/weatherlib.git
POM_LICENCE_NAME=The Apache Software License, Version 2.0
POM_LICENCE_URL=http://www.apache.org/licenses/LICENSE-2.0.txt
POM_LICENCE_DIST=repo
POM_DEVELOPER_ID=survivingwithandroid
POM_DEVELOPER_NAME=Francesco Azzola

Notice that at line 3 the group must be equal to the value used when you registered your project. Almost done! The last two steps are adding another gradle.properties file for each module you want to publish and modify build.gradle for the same module:

POM_NAME=Android Weather Library
POM_ARTIFACT_ID=weatherlib
POM_PACKAGING=aar

and add at the end of build.gradle this line:

apply from: '../maven_push.gradle'

Create signing key

This is an important step, because your files must be signed before publish them to maven. In OS X you should download PGP Tools that simplify your life. The information here are derived from this link ‘ How to generate PGP Signatures With Manven‘. The first step is creating your signing key running from command line:

gpg –gen-keys

the figure below shows all the steps necessary to create the key:

Schermata 2014-05-01 alle 21.22.22[4]

at the end you have your key to use to sign your artifacts. Now you can list the generated keys using:

gpg –list-keys

and the result is shown below:

Schermata 2014-05-01 alle 21.24.50[4]

Now you have to publish your key so that other developers, that download your artifacts, can verify the signature:

Schermata 2014-05-01 alle 21.31.13[4]

notice that the key id must be the same showed in the keys list.

Build, sign and publish your file to the Staging repository

Now you have the key and you can build and sign your artifacts. Before doing it you should add some information so the Android studio can find the right key to use. Following this blog post, we can add a properties file, called gradle.properties with this content:

signing.keyId=xxxxxxx
signing.password=your_password
signing.secretKeyRingFile=file_location 
nexusUsername=YourSonatypeJiraUsername
nexusPassword=YourSonatypeJiraPassword

In OS X, this file should be added under /Users/your_login. Notice that to fill the secretKeyRingFile value you can use:

gpg –list-secret-keys

Schermata 2014-05-01 alle 21.43.53[4]

Now we can run the gradle task using the gradle console in Android studio:

%GRADLE_HOME%/bin/gradle uploadArchives

At the end, if every things worked correctly we get:

Schermata 2014-05-01 alle 21.46.06[5]

Check the result

The last step is checking the final result to verify we published our files. Let’s open our browser and go to:

https://oss.sonatype.org/content/repositories/snapshots/

and start looking for your project following your package structure (i.e com/survivingwithandroid/weatherlib) and check if the files are there:

Schermata 2014-05-03 alle 19.22.18

Now you can check the repository creating a new project in Android studio and add the dependency to the new aar you just published. Once you created your project you should modify build.gradle at the root project in this way:

allprojects {
repositories {
    mavenCentral()
    maven {
        url 'https://oss.sonatype.org/content/groups/public'
    }
}

then in the build.gradle (at the module level) you add the new dependency:

compile 'com.survivingwithandroid:weatherlib:1.2-SNAPSHOT'

…if every things is correct the new project will compile.

Resource:

  1. http://gmariotti.blogspot.co.uk/2013/09/publish-aar-file-to-maven-central-with.html?utm_source=Android+Weekly&utm_campaign=dfb0bc628f-Android_Weekly_71&utm_medium=email&utm_term=0_4eb677ad19-dfb0bc628f-337257141
  2. http://chris.banes.me/2013/08/27/pushing-aars-to-maven-central/
  3. https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide
  4. https://docs.sonatype.org/display/Repository/How+To+Generate+PGP+Signatures+With+Maven
Reference: Guide to publish an aar to maven using gradle from our JCG partner Francesco Azzola at the Surviving w/ Android blog.

Francesco Azzola

He's a senior software engineer with more than 15 yrs old experience in JEE architecture. He's SCEA certified (Sun Certified Enterprise Architect), SCWCD, SCJP. He is an android enthusiast and he has worked for long time in the mobile development field.
Subscribe
Notify of
guest

This site uses Akismet to reduce spam. Learn how your comment data is processed.

0 Comments
Inline Feedbacks
View all comments
Back to top button