Deploy Configuration settings for Maven Central

Some Gerrit artifacts (e.g. the Gerrit WAR file, the Gerrit Plugin API and the Gerrit Extension API) are published on Maven Central in the repository.

To be able to publish artifacts to Maven Central some preparations must be done:

  • Create a Sonatype account as described in the Sonatype OSS Maven Repository Usage Guide.

    Sonatype is the company that runs Maven Central and you need a Sonatype account for uploading artifacts to Maven Central.

  • Configure your Sonatype user and password in ~/.m2/settings.xml:

  • Request permissions to upload artifacts to the repository on Maven Central:

    Ask for this permission by adding a comment on the OSSRH-7392 Jira ticket at Sonatype.

    The request needs to be approved by someone who already has this permission by commenting on the same issue.

  • Generate and publish a PGP key

    Generate and publish a PGP key as described in How To Generate PGP Signatures With Maven.

    Please be aware that after publishing your public key it may take a while until it is visible to the Sonatype server.

    The PGP key is needed to be able to sign the artifacts before the upload to Maven Central.

    The PGP passphrase can be put in ~/.m2/settings.xml:


    It can also be included in the key chain on OS X.

Deploy Configuration in Maven settings.xml

Gerrit Subproject Artifacts are stored on Google Cloud Storage. Via the API Console the Gerrit maintainers have access to the Gerrit Code Review project. This projects host several buckets for storing Gerrit artifacts:

  • gerrit-api:

    Bucket to store the Gerrit Extension API Jar and the Gerrit Plugin API Jar.

  • gerrit-maven:

    Bucket to store Gerrit Subproject Artifacts (e.g. gwtjsonrpc etc.).

To upload artifacts to a bucket the user must authenticate with a username and password. The username and password need to be retrieved from the API Console:

  • Go to the Gerrit Code Review project

  • In the menu on the left select Google Cloud Storage > Interoperable Access

  • Use the Access Key as username

  • Click under Secret on the Show button to find the password

To make the username and password known to Maven, they must be configured in the ~/.m2/settings.xml file.

  <settings xmlns=""

Gerrit Subprojects

  • You will need to have the following in the pom.xml to make it deployable to the gerrit-maven storage bucket:

      <name>Gerrit Maven Repository</name>
  • Add this to the pom.xml to enable the wagon provider: