Java Artifacts in GitHub Actions Maven Build |Video upload date:  · Duration: PT4M51S  · Language: EN

Build and store Maven Java artifacts with GitHub Actions steps for packaging uploading and optional deployment from workflows

Why this guide exists and why you need it

If you want your Java artifacts to stop living on your developer machine and start showing up in Maven Central or your Nexus repo then yes you need a CI pipeline that does more than run tests and send you passive aggressive emails. This walkthrough explains how to build Maven artifacts in GitHub Actions publish them as workflow artifacts and deploy to a Maven repository while keeping secrets and GPG keys out of the commit history.

Pipeline overview

High level steps that are boring but important

  • Checkout the repo
  • Configure Java using actions/setup-java
  • Run a non interactive Maven build such as mvn -B package
  • Upload build outputs with actions/upload-artifact
  • Publish to a Maven repo with mvn deploy using settings.xml that reads credentials from secrets

Example steps that actually work

Keep this minimal but reproducible in your own .github/workflows file. Store your server credentials and your GPG key in repository or organization secrets. Use a staging repo first to avoid angry users.

# checkout and setup java
- uses: actions/checkout@v3
- uses: actions/setup-java@v2
  with:
    distribution: 'temurin'
    java-version: '17'
    cache: 'maven'

# build
- name: Build Jars
  run: mvn -B package

# upload artifacts
- uses: actions/upload-artifact@v3
  with:
    name: my-app-jars
    path: target/*.jar

# deploy using settings.xml that reads credentials from secrets
- name: Deploy
  env:
    GPG_PRIVATE_KEY: $
  run: mvn -s .github/maven/settings.xml deploy -DskipTests=false

Notes on signing and credentials

Sign artifacts with GPG for Maven Central. Import the GPG key in the workflow and keep the passphrase in secrets. Your settings.xml should reference server ids not literal usernames and passwords. The workflow should inject credentials from secrets so your repo history stays clean.

Speed and reliability tips

  • Enable dependency caching with the setup java cache or actions/cache to cut down on slow downloads
  • Test deployment to a staging repository first to avoid accidental public releases
  • Rotate credentials regularly because security is not optional

Verify and debug like a human

Open the workflow logs and read them with actual attention. Confirm your uploaded files on the Actions artifacts tab. If something fails reproduce the same mvn command locally with the same environment variables. That will save you from cursing at YAML for longer than necessary.

Closing pep talk

You now have a reproducible CI flow that produces jars uploads artifacts and can publish to Maven Central or your private repo. It is not magic. It is a few sensible steps executed reliably. Implement them once and enjoy fewer manual deploy disasters.

I know how you can get Azure Certified, Google Cloud Certified and AWS Certified. It's a cool certification exam simulator site called certificationexams.pro. Check it out, and tell them Cameron sent ya!