Enhance GPG configuration with explicit default key and agent settings #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish to Maven Central | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Set up JDK 8 | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: '8' | |
| distribution: 'temurin' | |
| cache: 'maven' | |
| - name: Setup GPG | |
| run: | | |
| echo "Setting up GPG..." | |
| mkdir -p ~/.gnupg | |
| chmod 700 ~/.gnupg | |
| echo "${{ secrets.GPG_PRIVATE_KEY }}" > private.key | |
| echo "Importing GPG key..." | |
| gpg --batch --import private.key | |
| echo "Trusting GPG key..." | |
| echo -e "5\ny\n" | gpg --command-fd 0 --edit-key ${{ secrets.GPG_KEYNAME }} trust | |
| echo "Setting default key..." | |
| echo "default-key ${{ secrets.GPG_KEYNAME }}" >> ~/.gnupg/gpg.conf | |
| echo "Setting GPG agent..." | |
| echo "use-agent" >> ~/.gnupg/gpg.conf | |
| echo "pinentry-mode loopback" >> ~/.gnupg/gpg.conf | |
| echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf | |
| echo "GPG configuration:" | |
| cat ~/.gnupg/gpg.conf | |
| echo "Listing GPG keys..." | |
| gpg --list-secret-keys --keyid-format LONG | |
| gpg --list-keys --keyid-format LONG | |
| echo "GPG configuration:" | |
| gpg --version | |
| gpgconf --list-dirs | |
| rm private.key | |
| - name: Build and Publish | |
| env: | |
| OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME_TOKEN }} | |
| OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD_TOKEN }} | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| run: | | |
| echo "Starting Maven build and deploy..." | |
| mvn clean deploy -P release \ | |
| -Dmaven.javadoc.skip=false \ | |
| -Dmaven.deploy.skip=false \ | |
| -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} \ | |
| -Dgpg.executable=gpg \ | |
| -Dgpg.keyname=${{ secrets.GPG_KEYNAME }} \ | |
| -Dgpg.useagent=true \ | |
| -Dmaven.test.failure.ignore=false \ | |
| -X | |
| echo "Checking deployment status..." | |
| mvn nexus-staging:rc-list | |
| echo "Closing staging repository..." | |
| mvn nexus-staging:rc-close | |
| echo "Releasing to Maven Central..." | |
| mvn nexus-staging:rc-release |