GitHub package registry as Maven repo with many private libraries

I want to use the GitHub package registry as a Maven repository for a multi-git-repo private project. Say I have app1, app2, lib1, lib2, both apps require both apps each.

Currently, I have to declare a maven repositoy for each of the libs I’m using in the apps, e.g. like this:

build.gradle:

repositories {
    mavenCentral()
    maven {
        name = "GitHubPackages-lib1"
        url = "https://maven.pkg.github.com/OWNER/lib1"
        credentials {
            username = System.getenv("GITHUB_USERNAME")
            password = System.getenv("GITHUB_TOKEN")
        }
    }
    maven {
        name = "GitHubPackages-lib2"
        url = "https://maven.pkg.github.com/OWNER/lib2"
        credentials {
            username = System.getenv("GITHUB_USERNAME")
            password = System.getenv("GITHUB_TOKEN")
        }
    }
}

One can easily see that this will not scale well. 

With NPM packages, I get a much better developer experience. There, I can provide something like 

@OWNER:registry=https://npm.pkg.github.com

in my application’s .npmrc and will have access to all published NPM packages in all repositories of OWNER, where that user token has access to. Very convenient!

It would be really nice to have something similar for Maven packages as well.

I have read that I can publish multiple packages to one github repository, so maybe I could setup my own OWNER/mavenrepo and publish all libraries into that. But then the published packages would not be visible on the packages tab of the library, right?

8 Likes

I definitely support the idea of having one central maven repository for all projects. Would really be great.

Publishing to one repository from different other repositories (projects) didn’t work for me. I received a HTTP error 422 trying to do so.

1 Like

Hi,

You should be able to publish to another repository. 

However it has be in a different package name.

Package names have to be unique across repositories in an organization

You need another token to publish GITHUB_TOKEN will not work. So I had to set up another secret

I just came across this behavior, and I must agree that it is pretty awful. Maven has the scm tag (see docs here), so that could be used by Github in the same way the publishConfig is used in the land of npm. This can also be done via gradle.

Even without introspecting on the scm tag, Java packages are inherently namespaced (unlike Node packages), so publishing at least at an org / user level should be easily doable without worrying about namespace conflicts.

The current implementation is a pretty poor one for anyone using Java.

1 Like

We’re planning to fix this by removing the required repo scope and following guidance like you’ve suggested. That should make sharing packages much easier.

7 Likes

Great! Do you have an ETA for that?

2 Likes

I’m trying to figure out how to do this as well. The closest I could get to documentation wise was this: https://help.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-apache-maven-for-use-with-github-packages#publishing-a-package

Either way, how do I do this in a Gradle Groovy script?

I believe the current Maven implementation only takes into account the repository name for SNAPSHOT versions. If you’re using non-SNAPSHOT versions, you could probably get away with the following:

Note, * isn’t special, it could equaly well be ANYTHING. This is likely to stop working if/when using simply https://maven.pkg.github.com/OWNER is supported.

2 Likes

I just ran into the same HTTP 422 error when trying to create a “central” Maven repository in my organization. I want to publish packages from different source repositories into a single Maven repository. I am using Gradle for these tasks. It is rather annoying to manage multiple Maven repositories when using multiple packages. Also, for CI I have to invite a technical user to all the repositories.