Skip to content

Maven Manual Deploy

Maven Manual Deploy #1

# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
## For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path
name: Maven Manual Deploy
on:
workflow_dispatch:
inputs:
ref:
description: "Git ref to release"
required: true
version:
description: "Maven version to release (without 'v' prefix)"
required: true
deployArgs:
description: "Additional Maven deploy arguments (e.g. '--debug -DautoReleaseAfterClose=false')"
required: false
jobs:
build:
runs-on: ubuntu-latest
env:
SONATYPE_USER: ${{secrets.BUF_SONATYPE_USER}}
SONATYPE_PASSWORD: ${{secrets.BUF_SONATYPE_PASSWORD}}
GPG_KEY_NAME: ${{secrets.GPG_KEY_NAME}}
GPG_PASSPHRASE: ${{secrets.GPG_PASSPHRASE}}
MAVEN_OPTS: "--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
REF_NAME: ${{ inputs.ref }}
steps:
- uses: actions/checkout@v4
with:
ref: ${{ inputs.ref }}
- uses: actions/setup-go@v5
with:
go-version: 'stable'
- name: Set VERSION variable from tag
run: |
echo "VERSION=${{ inputs.VERSION }}" >> $GITHUB_ENV
- name: 'Configure GPG signing'
env:
GPG_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
run: |
# https://github.com/keybase/keybase-issues/issues/2798
export GPG_TTY=$(tty)
# Import gpg keys and warm the passphrase to avoid the gpg
# passphrase prompt when initating a deploy
# `--pinentry-mode=loopback` could be needed to ensure we
# suppress the gpg prompt
echo $GPG_KEY | base64 --decode > signing-key
gpg --passphrase $GPG_PASSPHRASE --batch --import signing-key
shred signing-key
- name: Configure GIT
run: |
git config --global user.email "envoy-bot@users.noreply.github.com"
git config --global user.name "envoy-bot"
- name: Set up JDK
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
server-id: ossrh
server-username: ${ env.SONATYPE_USER }
server-password: ${ env.SONATYPE_PASSWORD }
gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
gpg-passphrase: ${ env.GPG_PASSPHRASE }
- name: Update version in pom
working-directory: ${{ github.workspace }}/java
run: mvn -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
- name: Publish to Maven Packages Apache Maven
working-directory: ${{ github.workspace }}/java
run: |
mvn -B -s settings.xml ${{ inputs.deployArgs }} clean deploy \
-Darguments="-s settings.xml" \
-DreleaseVersion=${{ env.VERSION }} \
-DdevelopmentVersion=${{ env.VERSION }}-SNAPSHOT \
-DscmCommentPrefix="java release: "
env:
MAVEN_USERNAME: ${{ env.SONATYPE_USER }}
MAVEN_CENTRAL_TOKEN: ${{ env.SONATYPE_PASSWORD }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}