I'm trying to publish my Android library to https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/ and each time the task fails because it failed to PUT one of the files with a 401 Unauthorized error.
The problem is, it's a different file each time. This is a list of different files which the task has failed on over 16 tries:
caimito-2.0.1-sources.jar.asc
caimito-2.0.2.module.asc
caimito-2.0.2-sources.jar.asc.md5
caimito-2.0.2.module.asc.sha1
caimito-2.0.2.pom.asc
caimito-2.0.2.module.md5
caimito-2.0.2-sources.jar.sha1
caimito-2.0.2-sources.jar
caimito-2.0.2.aar.asc.md5
I've managed to get my library published, because at some point the file that was omitted was an MD5 which sonatype didn't require for me to create a release. This is obviously not an ideal situation though, and I would like to figure out what's going on.
These are my build files:
plugins {
id("com.android.library")
id("org.jetbrains.kotlin.android")
}
android {
namespace = "dev.gravitycode.caimito"
compileSdk = 34
defaultConfig {
minSdk = 26
// targetSdk = 34
testOptions.targetSdk = 34
lint.targetSdk = 34
testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
}
buildTypes {
release {
isMinifyEnabled = false
proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
"proguard-rules.pro"
)
}
}
publishing {
singleVariant("release") {
withSourcesJar()
// withJavadocJar()
}
}
compileOptions {
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8
}
composeOptions {
kotlinCompilerExtensionVersion = "1.5.10"
}
buildFeatures {
buildConfig = true
compose = true
}
kotlinOptions {
jvmTarget = "1.8"
}
}
dependencies {
// AndroidX
implementation("androidx.core:core-ktx:1.12.0")
implementation("androidx.appcompat:appcompat:1.6.1")
// Material Design
implementation("com.google.android.material:material:1.11.0")
// Google Guava
implementation("com.google.guava:guava:33.0.0-android")
// Jetbrains Annotations
implementation("org.jetbrains:annotations:24.1.0")
// Data Store
implementation("androidx.datastore:datastore-preferences:1.0.0")
// Compose
implementation("androidx.activity:activity-compose:1.8.2")
implementation("androidx.lifecycle:lifecycle-runtime-compose:2.7.0")
implementation(platform("androidx.compose:compose-bom:2024.03.00"))
implementation("androidx.compose.ui:ui")
implementation("androidx.compose.ui:ui-graphics")
implementation("androidx.compose.ui:ui-tooling-preview")
implementation("androidx.compose.material3:material3")
debugImplementation("androidx.compose.ui:ui-tooling")
testImplementation("junit:junit:4.13.2")
androidTestImplementation("androidx.test.ext:junit:1.1.5")
androidTestImplementation("androidx.test.espresso:espresso-core:3.5.1")
}
apply(from = "../publish-package.gradle")
publish-package.gradle
apply plugin: 'maven-publish'
apply plugin: 'signing'
afterEvaluate {
publishing {
publications {
release(MavenPublication) {
groupId = 'dev.gravitycode.caimito'
artifactId = 'caimito'
version = '2.0.2'
// Specify the components to publish
from components.release
pom {
name = 'caimito'
description = 'A small library of helpful classes for working with Android'
url = 'https://github.com/abuicke/caimito'
licenses {
license {
name = 'MIT License'
url = 'https://opensource.org/licenses/MIT'
}
}
developers {
developer {
id = 'adambuicke'
name = 'Adam Buicke'
email = 'buickea@gmail.com'
}
}
scm {
connection = 'scm:git:github.com/abuicke/caimito.git'
developerConnection = 'scm:git:ssh://github.com/abuicke/caimito.git'
url = 'https://github.com/abuicke/caimito'
}
}
}
}
// Repository configuration
repositories {
maven {
url = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/")
credentials {
username = project.findProperty("ossrhUsername")
password = project.findProperty("ossrhPassword")
}
}
}
}
// Signing configuration (if required)
signing {
sign publishing.publications.release
}
}
Could this be a problem with Sonatype, Gradle or my configuration?
After contacting Sonatype support I found the solution is to use your user token for the username and password:
// Repository configuration
repositories {
maven {
url = uri("https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/")
credentials {
/**
* Regular username and password fails with gradle. Requires user token to work.
*
* NOTE: The user token may change frequently, so always
* check the most up to date user token has been applied.
* */
username = project.findProperty("ossrhUserTokenUsername")//project.findProperty("ossrhUsername")
password = project.findProperty("ossrhUserTokenPassword")//project.findProperty("ossrhPassword")
}
}
}
This can be found by clicking your username in the top right, selecting "Profile" from the drop-down menu and selecting "User Token" from the drop-down menu within that window.