Uploading Artifacts to Third‑Party Repositories Using Nexus API and GitLab Package Registry
This guide explains how to upload build artifacts to external repositories such as Nexus and GitLab's built‑in package registry, covering authentication methods, required API parameters, curl commands for uploading and downloading packages, and CI/CD pipeline examples for Java projects.
This article demonstrates how to publish build artifacts to third‑party repositories, using Nexus as an example and then showing how to use GitLab's built‑in package registry.
Upload to Nexus – By invoking the Nexus REST API, a CI job can rename the generated JAR, then use curl -X POST with multipart/form‑data to push the artifact to a local repository.
.pushartifact:
tags:
- build
stage: pushartifact
script:
|-
if [[ ${PROJECT_TYPE} == "java" ]];then
pkgName=`ls target/ | grep -e "jar$"`
cd target/
mv ${pkgName} ${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar
curl -X POST "http://192.168.1.200:8081/service/rest/v1/components?repository=mylocalrepo" \
-H "accept: application/json" \
-H "Content-Type: multipart/form-data" \
-F "raw.directory=/${CI_PROJECT_ROOT_NAMESPACE}/${CI_PROJECT_NAME}/${CI_COMMIT_SHA}/" \
-F "raw.asset1=@${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar;type=application/java-archive" \
-F "raw.asset1.filename=${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar" \
-u admin:admin123
else
echo "PROJECT_TYPE ERROR [java]"
fiUpload to GitLab Built‑in Repository – GitLab can act as a private or public package registry for various package types. Supported repository types are shown in the original images.
Generic Repository Authentication
User personal token (not linked to pipeline)
CI job token (${CI_JOB_TOKEN})
Deploy token created in project settings
Upload Package API
PUT /projects/:id/packages/generic/:package_name/:package_version/:file_name?status=:statusParameters:
id – Project ID (required)
package_name – Package name (required)
package_version – Package version (required)
file_name – File name (required)
status – Package status, optional values [default/hidden] (default shows in UI)
Example upload command:
curl --header "PRIVATE-TOKEN: apF1R9s9JJBYJzLF5mYd" \
--upload-file sonar-gitlab-plugin-4.1.0-SNAPSHOT.jar \
"http://192.168.1.200/api/v4/projects/33/packages/generic/devops03-maven-service/0.0.1/sonar-gitlab-plugin-4.1.0-SNAPSHOT.jar?status=default"Example response:
{
"message":"201 Created"
}If a package with the same name and version already exists, the new file is added as an additional version and can still be accessed via UI or API.
Download Package API
GET /projects/:id/packages/generic/:package_name/:package_version/:file_nameParameters are the same as for upload (id, package_name, package_version, file_name).
Example download command:
curl --header "PRIVATE-TOKEN:
" \
"http://192.168.1.200/api/v4/projects/33/packages/generic/devops03-maven-service/0.0.1/sonar-gitlab-plugin-4.1.0-SNAPSHOT.jar"GitLab CI/CD Example
.pushartforgitlab:
tags:
- build
stage: pushartifact
script:
|-
if [[ ${PROJECT_TYPE} == "java" ]]; then
newPkgName=${CI_PROJECT_NAME}-${CI_COMMIT_SHA}.jar
pkgName=`ls target/ | grep -e "jar$"`
cd target/
mv ${pkgName} ${newPkgName}
curl --header "JOB-TOKEN: ${CI_JOB_TOKEN}" \
--upload-file ${newPkgName} \
"http://192.168.1.200/api/v4/projects/${CI_PROJECT_ID}/packages/generic/${CI_PROJECT_NAME}/${CI_COMMIT_SHA}/${newPkgName}?status=default"
else
echo "PROJECT_TYPE ERROR [java]"
fiThe content originates from the "DevOps Practice Training Camp" (Issue 3) and includes promotional links to further DevOps learning resources.
DevOps Cloud Academy
Exploring industry DevOps practices and technical expertise.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.