Remove secret-length diag step now that SIGNING_KEY was refreshed #14
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release | |
| on: | |
| push: | |
| tags: | |
| - "v[0-9]+.[0-9]+.[0-9]+" | |
| - "v[0-9]+.[0-9]+.[0-9]+-*" # pre-release tags (v0.1.0-rc1, etc.) | |
| permissions: | |
| contents: write # to create the GitHub Release | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| # The maven-central environment was auto-created on first run with no | |
| # secrets registered, so `${{ secrets.SIGNING_KEY }}` resolved to an empty | |
| # string ("Could not read PGP secret key"). Dropping the directive lets | |
| # the workflow fall back to org-level secrets (which devslab-kr has and | |
| # easy-paging already publishes against). If we want manual approval back | |
| # later, re-add `environment: maven-central` AND register the five secrets | |
| # directly under that environment in repo settings. | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v6 | |
| - name: Set up JDK 21 | |
| uses: actions/setup-java@v5 | |
| with: | |
| distribution: temurin | |
| java-version: 21 | |
| - name: Set up Gradle | |
| uses: gradle/actions/setup-gradle@v5 | |
| - name: Derive version from tag | |
| id: ver | |
| run: echo "version=${GITHUB_REF#refs/tags/v}" >> "$GITHUB_OUTPUT" | |
| - name: Build and test | |
| run: ./gradlew build --no-configuration-cache --stacktrace -PVERSION=${{ steps.ver.outputs.version }} | |
| - name: Publish to Maven Central | |
| env: | |
| # Sonatype Central Portal credentials (https://central.sonatype.com/account) | |
| ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_CENTRAL_USERNAME }} | |
| ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_CENTRAL_PASSWORD }} | |
| # ASCII-armored private key (`gpg --armor --export-secret-keys <key-id>`) | |
| ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.SIGNING_KEY }} | |
| ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.SIGNING_KEY_ID }} | |
| ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.SIGNING_KEY_PASSWORD }} | |
| run: | | |
| ./gradlew publishAndReleaseToMavenCentral \ | |
| --no-configuration-cache \ | |
| --stacktrace \ | |
| -PVERSION=${{ steps.ver.outputs.version }} | |
| - name: Create GitHub Release | |
| uses: softprops/action-gh-release@v3 | |
| with: | |
| generate_release_notes: true | |
| name: ${{ github.ref_name }} | |
| fail_on_unmatched_files: false | |
| # Glob across every module's build/libs/ so the release page picks up | |
| # api-log-core / -jpa / -r2dbc / -mybatis without per-module entries. | |
| files: | | |
| **/build/libs/*.jar | |
| **/build/libs/*.asc |