Publishing
Overview
The Latte public repository accepts artifacts through an authenticated publish API. Rather than handing build tools long-lived S3/R2 credentials, Latte uses the OAuth tokens from latte login when calling the API.
You enable this by adding the latte() process to your project’s publishWorkflow. Projects created with latte init already include it.
Prerequisite: log in
Before publishing, you must first login:
$ latte login
If no access token is stored when you publish, the build fails with:
You are not logged in to the Latte repository. Run [latte login] before publishing.
See Authentication for details.
The latte() publish process
Add latte() to your publishWorkflow block:
publishWorkflow {
latte()
}
latte() is a publish-only process — it does not fetch artifacts. Fetching from the public repository is handled by the url or s3 processes. See Workflows for the full list of processes.
How it works
For each publication, the latte() process:
- Loads your stored access and refresh tokens.
- POSTs to
https://api.lattejava.org/api/v1/publish/{group}with the tokens to request a presigned URL for the artifact. - The API responds with a presigned URL.
- If the API returns refreshed tokens (via the
X-Refresh-Tokenresponse header), Latte writes them back to your configuration file so the next publish uses the new tokens. - Uploads the artifact bytes to the presigned URL.
On success, you’ll see messages like this for the artifacts being published:
Published [my-lib-0.1.0.jar] to the Latte repository [org/example/my-lib/0.1.0/my-lib-0.1.0.jar]
Authorization
To publish to a group you must be an active owner or contributor of a verified group. You’ll receive an error message if any part of the process failed.
Releasing
When you run a release, the release target publishes through this same publishWorkflow, so a successful latte login is a prerequisite for releasing to the Latte public repository.