add: workflow for publishing to maven central #69
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish to Maven Central | |
on: | |
push: | |
branches: | |
add/workflow-maven-publish | |
# workflow_dispatch: | |
jobs: | |
publish: | |
runs-on: ubuntu-latest | |
steps: | |
# Step to check out the repository's code | |
- name: Checkout code | |
uses: actions/checkout@v3 | |
# Step to set up JDK 17, which is required for Gradle to run | |
- name: Set up JDK 17 | |
uses: actions/setup-java@v1 | |
with: | |
distribution: 'temurin' | |
java-version: '17' | |
cache: 'gradle' | |
- name: Find the location of jdk | |
run: echo "${{ env.JAVA_HOME }}" | |
- name: List the contents of the path java | |
run: cd /opt/hostedtoolcache/jdk/17.0.11/x64 | ls | |
- name: Setup Gradle | |
uses: gradle/actions/setup-gradle@417ae3ccd767c252f5661f1ace9f835f9654f2b5 # v3.1.0 | |
- name: Set up GPG | |
uses: olafurpg/setup-gpg@v3 | |
- name: get gpg version | |
run: echo `gpg --version` | |
- name: Import GPG | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.OSS_SIGNING_KEY_ARMOURED_FORMAT }} | |
passphrase: ${{ secrets.OSS_SIGNING_PASSWORD }} | |
- name: List the keys | |
run: gpg --list-secret-keys | |
# Step to grant execute permissions to the Gradle wrapper script | |
- name: Grant execute permission for gradlew | |
run: chmod +x gradlew | |
- name: Add new line | |
run: echo "" >> gradle.properties | |
- name: Add java home to gradle.properties | |
run: echo "org.gradle.java.home=${{ env.JAVA_HOME }}" >> gradle.properties | |
- name: Add signing key id to gradle.properties | |
run: echo "signing.keyId=${{ secrets.OSS_SIGNING_KEY_ID }}" >> gradle.properties | |
- name: Add signing password to gradle.proeprties | |
run: echo "signing.password=${{ secrets.OSS_SIGNING_PASSWORD }}" >> gradle.properties | |
# - name: create secring.gpg file | |
# run: gpg --export-secret-keys FDADDB51 -o ~/.gnupg/secring.gpg | |
# - name: print secring.gpg file | |
# run: cat secring.gpg | |
# - name: Decode and set up GPG secring file | |
# env: | |
# GPG_SECRET_RING: ${{ secrets.SECRET_FILE_CONTENT }} | |
# run: | | |
# echo "$GPG_SECRET_RING" >> secring.gpg | |
- name: Add secret file loc to gradle.properties | |
run: echo "signing.secretKeyRingFile=secring.gpg" >> gradle.properties | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-region: "ap-south-1" | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_KEY }} | |
- name: Download s3 secring file | |
run: aws s3 cp s3://sirn-android-secring/secring.gpg secring.gpg | |
- name: cat secring.gpg | |
run: cat secring.gpg | |
- name: Echo gradle.properties | |
run: cat gradle.properties | |
#Step to build the project and publish artifacts to Maven Central | |
# - name: Build and publish | |
# # working-directory: siren-sdk | |
# env: | |
# OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
# OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
# OSS_SIGNING_KEY_ID: ${{ secrets.OSS_SIGNING_KEY_ID }} | |
# OSS_SIGNING_PASSWORD: ${{ secrets.OSS_SIGNING_PASSWORD }} | |
# OSS_SIGNING_KEY: ${{ secrets.OSS_SIGNING_KEY }} | |
# OSS_STAGING_PROFILE_ID: ${{ secrets.OSS_STAGING_PROFILE_ID }} | |
# POM_DEVELOPER_ID: ${{ secrets.POM_DEVELOPER_ID }} | |
# POM_DEVELOPER_NAME: ${{ secrets.POM_DEVELOPER_NAME }} | |
# POM_DEVELOPER_EMAIL: ${{ secrets.POM_DEVELOPER_EMAIL }} | |
# # ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }} | |
# # ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }} | |
# # ORG_GRADLE_PROJECT_signingKeyId: ${{ secrets.GPG_PRIVATE_KEY_ID }} | |
# # ORG_GRADLE_PROJECT_base64EncodedAsciiArmoredSigningKey: ${{ secrets.GPG_BASE64_ENCODED_KEY }} | |
# # run: echo "publishing to maven central" | |
# run: ./gradlew publishToMavenLocal --stacktrace | |
# # Step to import GPG key and sign the artifacts | |
# - name: Sign artifacts | |
# # working-directory: siren-sdk | |
# env: | |
# OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }} | |
# OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} | |
# GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
# GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
# run: | | |
# echo $GPG_PRIVATE_KEY | base64 --decode > gpg_private_key.asc | |
# gpg --import --batch --yes gpg_private_key.asc | |
# ./gradlew signMavenPublication |