From aa153e5eb3e6cf76bc17e45aa7f5f80a84890b7b Mon Sep 17 00:00:00 2001 From: Martin Zanoni Date: Tue, 16 Jun 2026 10:03:55 +0200 Subject: [PATCH] fix(java): update Maven Central signing setup --- .github/workflows/publish.yml | 12 +++++++----- src/pom.xml | 6 ++++++ 2 files changed, 13 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 71c3ba8..cca7b3c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -28,7 +28,7 @@ jobs: run: ./generate.sh - name: Set up JDK 17 and Maven Central auth - uses: actions/setup-java@v4 + uses: actions/setup-java@v5 with: distribution: 'temurin' java-version: '17' @@ -36,9 +36,12 @@ jobs: server-username: SONATYPE_USERNAME server-password: SONATYPE_TOKEN gpg-private-key: ${{ secrets.JRELEASER_GPG_SECRET_KEY }} - gpg-passphrase: ${{ secrets.JRELEASER_GPG_PASSPHRASE }} + gpg-passphrase: MAVEN_GPG_PASSPHRASE cache: maven + - name: Verify GPG private key import + run: gpg --batch --list-secret-keys --keyid-format LONG + - name: Build run: mvn --batch-mode -DskipTests package --file src/pom.xml @@ -52,12 +55,11 @@ jobs: run: mvn org.kordamp.maven:pomchecker-maven-plugin:1.7.0:check-maven-central --file src/pom.xml - name: Build and deploy to Maven Central - run: mvn deploy --batch-mode -Prelease -f src/pom.xml -Dgpg.passphrase="${{ secrets.JRELEASER_GPG_PASSPHRASE }}" + run: mvn deploy --batch-mode -Prelease -f src/pom.xml env: SONATYPE_USERNAME: ${{ secrets.JRELEASER_NEXUS2_USERNAME }} SONATYPE_TOKEN: ${{ secrets.JRELEASER_NEXUS2_PASSWORD }} - GPG_PRIVATE_KEY: ${{ secrets.JRELEASER_GPG_SECRET_KEY }} - GPG_PASSPHRASE: ${{ secrets.JRELEASER_GPG_PASSPHRASE }} + MAVEN_GPG_PASSPHRASE: ${{ secrets.JRELEASER_GPG_PASSPHRASE }} DATASET_ID: ${{secrets.INTEGRATIONTESTS_DATASET_ID}} API_KEY: ${{secrets.INTEGRATIONTESTS_API_KEY}} diff --git a/src/pom.xml b/src/pom.xml index 2ade1a2..3d77a71 100644 --- a/src/pom.xml +++ b/src/pom.xml @@ -128,6 +128,12 @@ org.apache.maven.plugins maven-gpg-plugin 3.1.0 + + + --pinentry-mode + loopback + + sign-artifacts