-
Notifications
You must be signed in to change notification settings - Fork 30
70 lines (56 loc) · 2.39 KB
/
publish.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
name: Publish
on:
push:
branches:
- master
workflow_dispatch: {}
concurrency:
# only run one publishing at a time to avoid conflicts
group: publish-${{ github.ref }}
jobs:
publish:
# Only on main repository (don't publish on forks)
if: github.repository_owner == 'stempler'
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
# fetch-depth 0 is required to fetch all tags (and to determine the version based on tags)
fetch-depth: 0
- uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
distribution: temurin
java-version: 17
- name: Setup Gradle
uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1
# - id: install-secret-key
# name: Install gpg secret key
# run: |
# # Install gpg secret key
# cat <(echo -e "${{ secrets.SONATYE_PGP_PRIVATE_KEY }}") | gpg --batch --import
# # Verify gpg secret key
# gpg --list-secret-keys --keyid-format LONG
- name: Build and publish with Gradle
env:
# CI marker
CI: 'true'
ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
# keyring file (did not get this to work)
# ORG_GRADLE_PROJECT_signing.password: ${{ secrets.SONATYE_PGP_PASSWORD }}
# ORG_GRADLE_PROJECT_signing.keyId: ${{ secrets.SONATYE_PGP_KEY_ID }}
# ORG_GRADLE_PROJECT_signing.secretKeyRingFile: /home/runner/.gnupg/secring.gpg
# in-memory key
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.SONATYE_PGP_PASSWORD }}
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.SONATYE_PGP_PRIVATE_KEY }}
run: ./gradlew clean check publishToSonatype
# https://github.com/marketplace/actions/junit-report-action
- name: Publish Test Report
uses: mikepenz/action-junit-report@992d97d6eb2e5f3de985fbf9df6a04386874114d # v5.1.0
if: always() # always run even if the previous step fails
with:
report_paths: 'build/test-results/**/*.xml'
require_tests: true # currently no tests present
annotate_only: true
detailed_summary: true
# fail_on_failure: true