Skip to content

chore: Simplify GPG key import process in GitHub Actions workflow #23

chore: Simplify GPG key import process in GitHub Actions workflow

chore: Simplify GPG key import process in GitHub Actions workflow #23

Workflow file for this run

name: Publish to Maven Central and GitHub Packages
on:
push:
branches:
- main
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up JDK 17
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
server-id: ossrh # Maven Central settings server id
server-username: ${{ secrets.OSSRH_USERNAME }}
server-password: ${{ secrets.OSSRH_PASSWORD }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
- name: Cache Maven dependencies
uses: actions/cache@v3
with:
path: ~/.m2/repository
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: |
${{ runner.os }}-m2-
- name: Setup Maven settings
run: |
mkdir -p ~/.m2
echo "<settings>
<servers>
<server>
<id>ossrh</id>
<username>${{ secrets.OSSRH_USERNAME }}</username>
<password>${{ secrets.OSSRH_PASSWORD }}</password>
</server>
<server>
<id>github</id>
<username>${{ secrets.GITHUB_ACTOR }}</username>
<password>${{ secrets.GITHUB_TOKEN }}</password>
</server>
</servers>
<profiles>
<profile>
<id>ossrh</id>
<repositories>
<repository>
<id>ossrh</id>
<url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
</repository>
</repositories>
</profile>
<profile>
<id>github</id>
<repositories>
<repository>
<id>github</id>
<url>https://maven.pkg.github.com/crawlab-team/crawlab-java-sdk</url>
</repository>
</repositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>ossrh</activeProfile>
<activeProfile>github</activeProfile>
</activeProfiles>
</settings>" > ~/.m2/settings.xml
- name: Import GPG key
run: |
echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --import
env:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
- name: Set up GPG
run: |
# Ensure directory exists
mkdir -p ~/.gnupg/
# Configure GPG
echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf
# Set permissions
chmod 700 ~/.gnupg
chmod 600 ~/.gnupg/*
- name: Set GPG_TTY
run: export GPG_TTY=$(tty)
- name: Reload gpg-agent
run: gpg-connect-agent reloadagent /bye
- name: Build and Test
run: mvn clean test
- name: Build and Publish to Maven Central and GitHub Packages
run: mvn clean deploy -P ossrh,github -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }}