-
Notifications
You must be signed in to change notification settings - Fork 585
79 lines (70 loc) · 3 KB
/
maven-deploy.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
## For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path
name: Maven Deploy
on:
push:
tags:
- 'v[0-9]+.[0-9]+.[0-9]+'
jobs:
build:
runs-on: ubuntu-latest
env:
SONATYPE_USER: ${{secrets.SONATYPE_USER}}
SONATYPE_PASSWORD: ${{secrets.SONATYPE_PASSWORD}}
GPG_KEY_NAME: ${{secrets.GPG_KEY_NAME}}
GPG_PASSPHRASE: ${{secrets.GPG_PASSPHRASE}}
MAVEN_OPTS: "--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
REF_NAME: ${{ github.ref_name }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
with:
go-version: 'stable'
- name: Set VERSION variable from tag
run: |
VERSION=${{ env.REF_NAME }}
echo "VERSION=${VERSION:1}" >> $GITHUB_ENV
- name: 'Configure GPG signing'
env:
GPG_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
# https://github.com/keybase/keybase-issues/issues/2798
export GPG_TTY=$(tty)
# Import gpg keys and warm the passphrase to avoid the gpg
# passphrase prompt when initating a deploy
# `--pinentry-mode=loopback` could be needed to ensure we
# suppress the gpg prompt
echo $GPG_KEY | base64 --decode > signing-key
gpg --passphrase $GPG_PASSPHRASE --batch --import signing-key
shred signing-key
- name: Configure GIT
run: |
git config --global user.email "[email protected]"
git config --global user.name "envoy-bot"
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
server-id: ossrh
server-username: ${ env.SONATYPE_USER }
server-password: ${ env.SONATYPE_PASSWORD }
gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
gpg-passphrase: ${ env.GPG_PASSPHRASE }
- name: Update version in pom
working-directory: ${{ github.workspace }}/java
run: ./mvnw -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
- name: Publish to Maven Packages Apache Maven
working-directory: ${{ github.workspace }}/java
run: |
./mvnw -B -s settings.xml clean deploy \
-Darguments="-s settings.xml" \
-DreleaseVersion=${{ env.VERSION }} \
-DdevelopmentVersion=${{ env.VERSION }}-SNAPSHOT \
-DscmCommentPrefix="java release: "
env:
MAVEN_USERNAME: ${{ env.SONATYPE_USER }}
MAVEN_CENTRAL_TOKEN: ${{ env.SONATYPE_PASSWORD }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}