diff --git a/.github/workflows/jar-publish.yaml b/.github/workflows/jar-publish.yaml index 9d72640530..672a6816db 100644 --- a/.github/workflows/jar-publish.yaml +++ b/.github/workflows/jar-publish.yaml @@ -11,8 +11,8 @@ on: # global env vars, available in all jobs and steps env: MAVEN_OPTS: '-Xmx4g' - DS_ARTIFACTORY_USERNAME: ${{ secrets.DS_ARTIFACTORY_USERNAME }} - DS_ARTIFACTORY_PASSWORD: ${{ secrets.DS_ARTIFACTORY_PASSWORD }} + ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} + ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} jobs: @@ -32,44 +32,42 @@ jobs: cache: maven - name: Setup Maven + env: + OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} + OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} run: | mkdir -p ~/.m2 cat < ~/.m2/settings.xml - stargate-central - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} - - - stargate-snapshots - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} - - - artifactory - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} + ossrh + ${OSSRH_USERNAME} + ${OSSRH_TOKEN} artifactory-snapshots - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} + ${ARTIFACTORY_USERNAME} + ${ARTIFACTORY_PASSWORD} artifactory-releases - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} + ${ARTIFACTORY_USERNAME} + ${ARTIFACTORY_PASSWORD} EOF + - id: install-secret-key + name: Install gpg secret key + run: | + cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import + - name: Build run: | JAVA_HOME=$JAVA_21 ./mvnw -B -ntp clean package - name: Publish JAR run: | - JAVA_HOME=$JAVA_21 ./mvnw -B -ntp clean deploy -DskipTests \ No newline at end of file + JAVA_HOME=$JAVA_21 ./mvnw -B -ntp -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} clean deploy -DskipTests \ No newline at end of file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index dbb17f6fc8..0b836a2238 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,8 +25,8 @@ on: # global env vars, available in all jobs and steps env: MAVEN_OPTS: '-Xmx4g' - DS_ARTIFACTORY_USERNAME: ${{ secrets.DS_ARTIFACTORY_USERNAME }} - DS_ARTIFACTORY_PASSWORD: ${{ secrets.DS_ARTIFACTORY_PASSWORD }} + ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }} + ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }} jobs: @@ -84,40 +84,38 @@ jobs: cache: maven - name: Setup Maven + env: + OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} + OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} run: | mkdir -p ~/.m2 cat < ~/.m2/settings.xml - stargate-central - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} - - - stargate-snapshots - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} - - - artifactory - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} + ossrh + ${OSSRH_USERNAME} + ${OSSRH_TOKEN} artifactory-snapshots - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} + ${ARTIFACTORY_USERNAME} + ${ARTIFACTORY_PASSWORD} artifactory-releases - ${DS_ARTIFACTORY_USERNAME} - ${DS_ARTIFACTORY_PASSWORD} + ${ARTIFACTORY_USERNAME} + ${ARTIFACTORY_PASSWORD} EOF + - id: install-secret-key + name: Install gpg secret key + run: | + cat <(echo -e "${{ secrets.OSSRH_GPG_SECRET_KEY }}") | gpg --batch --import + # only set version here - name: Install run: | @@ -128,8 +126,9 @@ jobs: ./mvnw -B -ntp clean package - name: Publish JAR + if: ${{ !inputs.skipPublish }} run: | - ./mvnw -B -ntp clean deploy -DskipTests + ./mvnw -B -ntp clean -Dgpg.passphrase=${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} deploy -DskipTests # publishes the docker image to docker hub publish-image-dockerhub: diff --git a/pom.xml b/pom.xml index 459d45e3ff..f6afa1f5ff 100644 --- a/pom.xml +++ b/pom.xml @@ -332,5 +332,89 @@ true + + deploy + + + ossrh + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + + + + + + org.apache.maven.plugins + maven-source-plugin + 3.2.1 + + + attach-sources + + jar-no-fork + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.8.0 + + + attach-javadocs + + jar + + + + + -Xdoclint:none + false + true + + + apiNote + a + API note: + + + + + + org.apache.maven.plugins + maven-gpg-plugin + 3.2.4 + + + sign-artifacts + verify + + sign + + + + + + + --pinentry-mode + loopback + + ${project.basedir}/target + + + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.7.0 + true + + ossrh + https://oss.sonatype.org/ + true + + + + +