name: Grace CI on: push: branches: - 'release/2023.0.0-RC1' pull_request: branches: - 'release/2023.0.0-RC1' workflow_dispatch: jobs: build: permissions: contents: read # to fetch code (actions/checkout) runs-on: ubuntu-22.04 strategy: matrix: java: ['17'] env: WORKSPACE: ${{ github.workspace }} steps: - name: Checkout repository env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK uses: actions/setup-java@v4 with: distribution: 'adopt' java-version: ${{ matrix.java }} - name: Run Build id: build uses: gradle/gradle-build-action@v3 with: arguments: build -x codenarcMain -x codenarcTest -x checkstyleMain -x checkstyleTest publish: if: github.event_name == 'push' needs: ["build"] permissions: contents: read # to fetch code (actions/checkout) checks: write runs-on: ubuntu-22.04 strategy: matrix: java: ['17'] steps: - name: Checkout repository env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} uses: actions/checkout@v4 with: token: ${{ secrets.GITHUB_TOKEN }} - name: Set up JDK 17 uses: actions/setup-java@v4 with: distribution: 'adopt' java-version: ${{ matrix.java }} - name: Generate secring file env: SECRING_FILE: ${{ secrets.SECRING_FILE }} run: echo $SECRING_FILE | base64 -d > ${{ github.workspace }}/secring.gpg - name: Publish to Sonatype OSSRH id: publish uses: gradle/gradle-build-action@v3 env: SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} SONATYPE_NEXUS_URL: ${{ secrets.SONATYPE_NEXUS_URL }} SONATYPE_STAGING_PROFILE_ID: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }} SIGNING_KEY: ${{ secrets.SIGNING_KEY }} SIGNING_PASSPHRASE: ${{ secrets.SIGNING_PASSPHRASE }} SECRING_FILE: ${{ secrets.SECRING_FILE }} with: arguments: -Psigning.secretKeyRingFile=${{ github.workspace }}/secring.gpg publishToSonatype closeAndReleaseSonatypeStagingRepository