arch-toolkit

Arch Toolkit · Artifact Publishing

Objective

Describe the release workflow, credentials, and validation steps for safely publishing multiplatform artifacts.

Installation

You need access tokens and signing keys configured as environment variables or Gradle properties:

ORG_GRADLE_PROJECT_signingKeyId=<key-id>
ORG_GRADLE_PROJECT_signingKey=<ascii-armored-key>
ORG_GRADLE_PROJECT_signingPassword=<passphrase>
ORG_GRADLE_PROJECT_sonatypeUsername=<username>
ORG_GRADLE_PROJECT_sonatypePassword=<password>

Import the provided .gpg keys in the repository root if you have access:

gpg --import public_key_matheus.gpg
gpg --allow-secret-key-import --import public_key_matheus_secret.gpg

Usage Examples

1. Update versions in gradle/libs.versions.toml and affected module build.gradle.kts files.
2. Run the verification suite:

   ./gradlew clean check
   

3. Stage artifacts locally:

   ./gradlew publishToMavenLocal
   

4. Publish to Sonatype and close the staging repository:

   ./gradlew publishAllPublicationsToSonatypeRepository closeAndReleaseSonatypeStagingRepository
   

5. Verify that new versions are visible on Maven Central.

License

Artifacts inherit the Apache License 2.0. Ensure third-party dependencies comply with the same or compatible licenses.

Additional Resources

• Overview
• Contribution Guide
• Roadmap

This site is open source. Improve this page.