tell gradle about the gpg key and sonatype credentials, e.g. through ~/.gradle/gradle.properties:
sonatypeUsername=
sonatypePassword=
signing.keyId=
signing.password=
signing.secretKeyRingFile=/Users//.gnupg/secring.gpg
set version in build.gradle to the release version and commit
execute gradle clean uploadArchives to uploaded the signed artifacts to the sonatype repository