-
Notifications
You must be signed in to change notification settings - Fork 1
60 lines (53 loc) · 2.01 KB
/
java-publish.yml
File metadata and controls
60 lines (53 loc) · 2.01 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
name: Publish Java SDK to Maven Central
on:
workflow_dispatch:
inputs:
version:
description: 'Package version (e.g. 0.2.0)'
required: true
type: string
permissions:
contents: read
jobs:
publish:
if: github.repository == 'grafana/sigil-sdk' && github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
steps:
- name: Get secrets from Vault
id: get-secrets
uses: grafana/shared-workflows/actions/get-vault-secrets@f1614b210386ac420af6807a997ac7f6d96e477a # get-vault-secrets/v1.3.1
env:
VAULT_INSTANCE: ops
with:
vault_instance: ${{ env.VAULT_INSTANCE }}
common_secrets: |
MAVEN_USERNAME=sigil-maven:username
MAVEN_PASSWORD=sigil-maven:password
GPG_PRIVATE_KEY=sigil-maven:gpg-private-key
GPG_PASSPHRASE=sigil-maven:gpg-passphrase
export_env: false
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- uses: actions/setup-java@c5195efecf7bdfc987ee8bae7a71cb8b11521c00 # v4.7.1
with:
distribution: temurin
java-version: '21'
- name: Publish
working-directory: java
env:
PKG_VERSION: ${{ inputs.version }}
OSSRH_USERNAME: ${{ fromJSON(steps.get-secrets.outputs.secrets).MAVEN_USERNAME }}
OSSRH_PASSWORD: ${{ fromJSON(steps.get-secrets.outputs.secrets).MAVEN_PASSWORD }}
SIGNING_KEY: ${{ fromJSON(steps.get-secrets.outputs.secrets).GPG_PRIVATE_KEY }}
SIGNING_PASSWORD: ${{ fromJSON(steps.get-secrets.outputs.secrets).GPG_PASSPHRASE }}
run: |
./gradlew --no-daemon publish \
-Pversion="${PKG_VERSION}" \
-PossrhUsername="${OSSRH_USERNAME}" \
-PossrhPassword="${OSSRH_PASSWORD}" \
-Psigning.key="${SIGNING_KEY}" \
-Psigning.password="${SIGNING_PASSWORD}"