Skip to content

Commit fbb375d

Browse files
musketyrmusketyr
committed
back to in-memory key
1 parent 2bf5b46 commit fbb375d

2 files changed

Lines changed: 16 additions & 8 deletions

File tree

.github/workflows/release.yml

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,10 +17,12 @@ jobs:
1717
with:
1818
java-version: '11'
1919
distribution: 'zulu'
20-
- name: Setup GPG
21-
run: |
22-
mkdir -p /home/runner/.gnupg
23-
echo "${{ secrets.SIGNING_SECRET_KEY_BASE64 }}" | base64 -d > /home/runner/.gnupg/secring.gpg
20+
- name: Decode PGP
21+
id: write_file
22+
uses: timheuer/base64-to-file@v1.2
23+
with:
24+
fileName: 'secret.pgp'
25+
encodedString: ${{ secrets.SIGNING_SECRET_KEY_BASE64 }}
2426
- name: Semantic Version
2527
id: version
2628
uses: ncipollo/semantic-version-action@v1
@@ -30,5 +32,5 @@ jobs:
3032
MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
3133
SIGNING_KEY_ID: ${{ secrets.SIGNING_KEY_ID }}
3234
SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}
33-
SIGNING_SECRET_KEY_RING_FILE: /home/runner/.gnupg/secring.gpg
35+
SIGNING_SECRET_KEY_PATH: ${{ steps.write_file.outputs.filePath }}
3436
run: ./gradlew gitPublishPush publishAndReleaseToMavenCentral "-Pversion=${{ steps.version.outputs.tag }}" -Prelease=true "-Dorg.ajoberstar.grgit.auth.username=${{ secrets.GH_PAGES_TOKEN }}" --stacktrace

build.gradle

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,9 +24,9 @@ plugins {
2424

2525
if (!project.hasProperty('mavenCentralUsername')) ext.mavenCentralUsername = System.getenv('MAVEN_CENTRAL_USERNAME') ?: '**UNDEFINED**'
2626
if (!project.hasProperty('mavenCentralPassword')) ext.mavenCentralPassword = System.getenv('MAVEN_CENTRAL_PASSWORD') ?: '**UNDEFINED**'
27-
if (!project.hasProperty('signing.keyId')) ext['signing.keyId'] = System.getenv('SIGNING_KEY_ID') ?: '**UNDEFINED**'
28-
if (!project.hasProperty('signing.password')) ext['signing.password'] = System.getenv('SIGNING_PASSWORD') ?: '**UNDEFINED**'
29-
if (!project.hasProperty('signing.secretKeyRingFile')) ext['signing.secretKeyRingFile'] = System.getenv('SIGNING_SECRET_KEY_RING_FILE') ?: '**UNDEFINED**'
27+
if (!project.hasProperty('signingInMemoryKeyId')) ext.signingInMemoryKeyId = System.getenv('SIGNING_KEY_ID') ?: '**UNDEFINED**'
28+
if (!project.hasProperty('signingInMemoryKeyPassword')) ext.signingInMemoryKeyPassword = System.getenv('SIGNING_PASSWORD') ?: '**UNDEFINED**'
29+
if (!project.hasProperty('signingInMemoryKey')) ext.signingInMemoryKey = System.getenv('SIGNING_SECRET_KEY_PATH') ? rootProject.file(System.getenv('SIGNING_SECRET_KEY_PATH')).text : '**UNDEFINED**'
3030

3131
config {
3232
release = (rootProject.findProperty('release') ?: false).toBoolean()
@@ -169,4 +169,10 @@ subprojects { subproject ->
169169
}
170170

171171
}
172+
173+
signing {
174+
useInMemoryPgpKeys(ext.signingInMemoryKey, ext.signingInMemoryKeyPassword )
175+
sign publishing.publications
176+
}
177+
172178
}

0 commit comments

Comments
 (0)