Skip to content

ci: attempt to use in-memory key for signing #3

ci: attempt to use in-memory key for signing

ci: attempt to use in-memory key for signing #3

Workflow file for this run

name: Publish
on:
push:
branches:
- master
workflow_dispatch: {}
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/setup-java@v3
with:
distribution: temurin
java-version: 17
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
# - id: install-secret-key
# name: Install gpg secret key
# run: |
# # Install gpg secret key
# cat <(echo -e "${{ secrets.SONATYE_PGP_PRIVATE_KEY }}") | gpg --batch --import
# # Verify gpg secret key
# gpg --list-secret-keys --keyid-format LONG
- name: Build and publish with Gradle
env:
# CI marker
CI: 'true'
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
# keyring file (did not get this to work)
# ORG_GRADLE_PROJECT_signing.password: ${{ secrets.SONATYE_PGP_PASSWORD }}
# ORG_GRADLE_PROJECT_signing.keyId: ${{ secrets.SONATYE_PGP_KEY_ID }}
# ORG_GRADLE_PROJECT_signing.secretKeyRingFile: /home/runner/.gnupg/secring.gpg
# in-memory key
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYE_PGP_PASSWORD }}
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYE_PGP_PRIVATE_KEY }}
run: ./gradlew clean check publishToSonatype
# TODO what about publishing releases?
# see https://github.com/gradle-nexus/publish-plugin#publishing-and-closing-in-different-gradle-invocations
# https://github.com/marketplace/actions/junit-report-action
- name: Publish Test Report
uses: mikepenz/action-junit-report@v3
if: always() # always run even if the previous step fails
with:
report_paths: 'build/test-results/**/*.xml'
require_tests: false # currently no tests present
annotate_only: true
detailed_summary: true
# fail_on_failure: true