Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added Jreleaser #174

Merged
merged 25 commits into from
Dec 5, 2024
Merged

Added Jreleaser #174

merged 25 commits into from
Dec 5, 2024

Conversation

mburkert3
Copy link
Collaborator

@mburkert3 mburkert3 commented Nov 13, 2024
edited
Loading

Added JReleaser so we can publish directly to maven central

It relates to the following issue #s:

BNR-1226

cc @bhamail / @DarthHater / @guillermo-varela / @shaikhu

@paul-botsco-2-0 paul-botsco-2-0 bot added the 😧 commits missing verification Some commits are not signed - this must be resolved label Nov 13, 2024
@paul-botsco-2-0
Copy link

Thanks for the contribution. Unfortunately some of your commits don't meet our standards. All commits must be signed and have author information set.

The commits to review are:

See Signed Commits.

@paul-botsco-2-0 paul-botsco-2-0 bot added the 🧐 cla not signed The CLA needs to be signed label Nov 13, 2024
@paul-botsco-2-0
Copy link

Thanks for the contribution. Before we can merge this, we need @mburkert3, @mburkert3 to sign the Contributor License Agreement

@paul-botsco-2-0 paul-botsco-2-0 bot added 😍 cla signed The CLA is signed and removed 🧐 cla not signed The CLA needs to be signed labels Nov 13, 2024
shaikhu
shaikhu reviewed Nov 15, 2024
View reviewed changes
@shaikhu
Copy link
Contributor

shaikhu commented Nov 15, 2024
edited
Loading

Question. JReleaser is for releasing to central right? The existing logic handles publishing to the gradle plugin portal?

guillermo-varela
guillermo-varela reviewed Nov 19, 2024
View reviewed changes
build.gradle Outdated
Comment on lines 156 to 161
// Configure signing
signing {
useInMemoryPgpKeys(System.getenv('GPG_SIGNING_KEY'), System.getenv('GPG_PASSPHRASE'))
sign publishing.publications.maven

}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would this attempt to sign the compiled binary in local development as well?

bhamail
bhamail approved these changes Dec 3, 2024
View reviewed changes
Copy link
Contributor

@bhamail bhamail left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1, Looks good to me. Just curious to make sure the Base84 decode of the GPG key is handled somewhere, as the secret is base64 encoded.

build.gradle Outdated
}
}
}
}

// Configure signing
signing {
useInMemoryPgpKeys(System.getenv('GPG_SIGNING_KEY'), System.getenv('GPG_PASSPHRASE'))
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will this handle decoding the base64 encoded PGP signing key?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe the useInMemoryPGPKeys should handle that

@paul-botsco-2-0
Copy link

Thanks for the contribution. Unfortunately some of your commits don't meet our standards. All commits must be signed and have author information set.

The commits to review are:

See Signed Commits.

@paul-botsco-2-0
Copy link

Thanks for the contribution. Unfortunately some of your commits don't meet our standards. All commits must be signed and have author information set.

The commits to review are:

See Signed Commits.

bhamail
bhamail approved these changes Dec 5, 2024
View reviewed changes
Copy link
Contributor

@bhamail bhamail left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

build.gradle
if (System.getenv('RELEASE_BUILD') == 'true') {
signing {
def final encodedKey = System.getenv('GPG_SIGNING_KEY')
def final signingKey = new String(encodedKey.decodeBase64())
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1

@bhamail bhamail merged commit 3d1c858 into sonatype-nexus-community:main Dec 5, 2024
16 of 17 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bhamail bhamail bhamail approved these changes

@guillermo-varela guillermo-varela Awaiting requested review from guillermo-varela

@shaikhu shaikhu Awaiting requested review from shaikhu

Assignees
No one assigned
Labels
😧 commits missing verification Some commits are not signed - this must be resolved 😍 cla signed The CLA is signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mburkert3 @shaikhu @bhamail @guillermo-varela