-
Notifications
You must be signed in to change notification settings - Fork 35
133 lines (117 loc) · 5.03 KB
/
publish-and-release-to-maven-central.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: Publish package to the Maven Central Repository
on:
push:
branches:
- 'master'
jobs:
build:
if: "contains(github.event.head_commit.message, 'EXECUTE PUBLISH JOB')"
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
#Run JDK configuration
- name: Set up JDK 8
uses: actions/setup-java@v2
with:
java-version: '8'
distribution: 'adopt'
#Gradle cache configuration
- name: Cache Gradle packages
uses: actions/cache@v2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
#Authorizing gradlew files
- name: Grant execute permission for gradlew
run: chmod +x gradlew
#Build project
- name: Build with Gradle
run: ./gradlew build
publish:
needs: build
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
#Run JDK configuration
- name: Set up JDK 8
uses: actions/setup-java@v2
with:
java-version: '8'
distribution: 'adopt'
#Gradle cache configuration
- name: Cache Gradle packages
uses: actions/cache@v2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
#Authorize gradlew files
- name: Grant execute permission for gradlew
run: chmod +x gradlew
#Decode the secret key
- name: Decode
run: |
trap 'rm ~/.gradle/private.pgp' EXIT
echo "$SIGNING_SECRET_KEY_RING_FILE" > ~/.gradle/private.pgp
gpg --quiet --import --no-tty --batch --yes ~/.gradle/private.pgp
gpg --quiet --keyring secring.gpg --export-secret-keys --batch --pinentry-mode=loopback --passphrase "$OSSRH_GPG_SECRET_KEY_PASSWORD" > ~/.gnupg/secring.gpg
env:
SIGNING_SECRET_KEY_RING_FILE: ${{ secrets.LEDGER_INFRA_SIGNING_SECRET_KEY_RING_FILE }}
OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.LEDGER_INFRA_OSSRH_GPG_SECRET_KEY_PASSWORD }}
#Modify gradle.build to accept env variables
- name: Modify gradle.build
run: |
sed -i 's/username findProperty('\''ossrhUsername'\'')?: '\'''\''/username findProperty("ossrhUsername")?: System.getenv("OSSRH_USERNAME")/g' "build.gradle"
sed -i 's/password findProperty('\''ossrhPassword'\'')?: '\'''\''/password findProperty("ossrhPassword")?: System.getenv("OSSRH_PASSWORD")/g' "build.gradle"
#Publish project
- name: Publish
run: ./gradlew publish -PmySecureRepositoryUsername="$OSSRH_USERNAME" -PmySecureRepositoryPassword="$OSSRH_PASSWORD" -Psigning.keyId="$SIGNING_KEY_ID" -Psigning.password="$OSSRH_GPG_SECRET_KEY_PASSWORD" -Psigning.secretKeyRingFile=$(echo ~/.gnupg/secring.gpg)
env:
OSSRH_USERNAME: ${{ secrets.LEDGER_INFRA_OSSRH_USERNAME }}
OSSRH_PASSWORD: ${{ secrets.LEDGER_INFRA_OSSRH_PASSWORD }}
SIGNING_KEY_ID: ${{ secrets.LEDGER_INFRA_SIGNING_KEY_ID }}
OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.LEDGER_INFRA_OSSRH_GPG_SECRET_KEY_PASSWORD }}
release:
needs: publish
if: "contains(github.event.head_commit.message, 'EXECUTE RELEASE JOB')"
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
#Run JDK configuration
- name: Set up JDK 8
uses: actions/setup-java@v2
with:
java-version: '8'
distribution: 'adopt'
#Gradle cache configuration
- name: Cache Gradle packages
uses: actions/cache@v2
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
restore-keys: ${{ runner.os }}-gradle
#Authorize gradlew files
- name: Grant execute permission for gradlew
run: chmod +x gradlew
#Modify gradle.build to inject nexus-staging plugin if not present
- name: Modify gradle.build
run: |
if ! grep -q "gradle-nexus-staging-plugin" "build.gradle"; then
# Inject plugin
awk '/classpath / && !x {print "classpath \"io.codearte.gradle.nexus:gradle-nexus-staging-plugin:0.30.0\""; x=1} 1' "build.gradle" > tmp && mv tmp "build.gradle"
# Inject plugin code
echo "apply plugin: 'io.codearte.nexus-staging'
nexusStaging {
serverUrl = \"https://oss.sonatype.org/service/local/\"
username = findProperty(\"ossrhUsername\") ?: System.getenv(\"OSSRH_USERNAME\")
password = findProperty(\"ossrhPassword\") ?: System.getenv(\"OSSRH_PASSWORD\")
packageGroup = \"com.wepay\"
}" >> "build.gradle"
fi
#Close and Release project in Sonatype
- name: Close and Release
run: ./gradlew closeAndReleaseRepository
env:
OSSRH_USERNAME: ${{ secrets.LEDGER_INFRA_OSSRH_USERNAME }}
OSSRH_PASSWORD: ${{ secrets.LEDGER_INFRA_OSSRH_PASSWORD }}