Deploy to Maven Central #23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Deploy to Maven Central | |
| on: | |
| workflow_dispatch: | |
| release: | |
| types: [created] | |
| jobs: | |
| deploy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Import GPG Key | |
| run: | | |
| echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| KEY_ID=$(gpg --list-secret-keys --with-colons | awk -F: '/^sec:/ { print $5 }') | |
| echo "Using GPG key: $KEY_ID" | |
| echo "GPG_KEY_ID=$KEY_ID" >> $GITHUB_ENV | |
| echo "use-agent" >> ~/.gnupg/gpg.conf | |
| echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf | |
| echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf | |
| echo RELOADAGENT | gpg-connect-agent | |
| shell: bash | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # - name: Set up GPG | |
| # run: | | |
| # echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| # echo "$GPG_OWNERTRUST" | gpg --batch --import-ownertrust | |
| # env: | |
| # GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| # GPG_OWNERTRUST: ${{ secrets.GPG_OWNERTRUST }} | |
| # - name: Verify GPG Key | |
| # run: gpg --list-secret-keys --keyid-format LONG | |
| - name: Debug GPG Key Import | |
| run: | | |
| echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| gpg --list-secret-keys --keyid-format LONG || echo "No secret keys found" | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| - name: Set Default GPG Key and Verify | |
| run: | | |
| echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| gpg --default-key ${{ secrets.GPG_KEY_ID }} --list-secret-keys --keyid-format LONG | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| - name: Set GPG_TTY | |
| run: echo "GPG_TTY=$(tty)" >> $GITHUB_ENV | |
| - name: Set up Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| cache: 'maven' | |
| server-id: central | |
| server-username: ${{ secrets.CENTRAL_USERNAME }} | |
| server-password: ${{ secrets.CENTRAL_PASSWORD }} | |
| gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} | |
| gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }} | |
| - name: Build and Deploy | |
| # run: mvn clean deploy -Psign-artifacts | |
| run: | | |
| mvn clean deploy -Psign-artifacts \ | |
| -Dgpg.passphrase="$GPG_PASSPHRASE" \ | |
| -Dgpg.keyname="$GPG_KEY_ID" | |
| env: | |
| GPG_TTY: $(tty) | |
| MAVEN_USERNAME: ${{ secrets.CENTRAL_USERNAME }} | |
| MAVEN_PASSWORD: ${{ secrets.CENTRAL_PASSWORD }} | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} |