deps(maven): bump com.diffplug.spotless:spotless-maven-plugin from 3.4.0 to 3.5.1 #27
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Snapshot | |
| permissions: | |
| contents: read | |
| packages: write | |
| statuses: write | |
| checks: write | |
| on: | |
| push: | |
| branches: | |
| - main | |
| pull_request: | |
| jobs: | |
| # P-02: verify done via the reusable workflow_call in ci.yml (3-OS matrix). | |
| # The deploy step is a SEPARATE job below — never inside the reusable workflow_call. | |
| verify: | |
| uses: ./.github/workflows/ci.yml | |
| secrets: inherit | |
| snapshot-deploy: | |
| needs: verify | |
| if: github.event_name != 'pull_request' && github.ref == 'refs/heads/main' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v6 | |
| - uses: actions/setup-java@v5 | |
| with: | |
| java-version: '17' | |
| distribution: temurin | |
| cache: maven | |
| # Phase 5 peer-review fix: setup-java materializes ~/.m2/settings.xml with a <server> | |
| # entry whose id matches the pom's <distributionManagement><repository><id>github</id>. | |
| # Without this, 'mvn deploy -P github,sign' would fail with 401 Unauthorized when | |
| # uploading to maven.pkg.github.com. | |
| server-id: github | |
| server-username: GITHUB_ACTOR | |
| server-password: GITHUB_TOKEN | |
| gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} | |
| gpg-passphrase: MAVEN_GPG_PASSPHRASE | |
| - name: Publish snapshot to GitHub Packages | |
| run: mvn -B -ntp -Dstyle.color=always deploy -P github,sign -DskipTests=true | |
| env: | |
| GITHUB_ACTOR: ${{ github.actor }} | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} |