diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 3b0cdcf3..f40adc9e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -1,3 +1,13 @@ +# Release to Maven Central via Central Publisher Portal +# https://central.sonatype.org/publish/publish-portal-guide/ +# +# Required GitHub secrets (Settings → Secrets and variables → Actions): +# CENTRAL_TOKEN_USERNAME - Portal token username (from https://central.sonatype.com/usertoken) +# CENTRAL_TOKEN_PASSWORD - Portal token password (from same page; save on first view, cannot be retrieved later) +# GPG_SECRET_KEY - Armored GPG private key for signing +# GPG_PASSPHRASE - Passphrase for the GPG key +# PAT - Personal access token with repo scope (for pushing commits/tags) +# name: IABGPP-Java Release on: @@ -14,15 +24,15 @@ jobs: steps: # Checkout the repository with full history for tagging - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 with: fetch-depth: 0 - # Set up Java (assuming Java 11, adjust if different) + # Set up Java - name: Set up Java - uses: actions/setup-java@v2 + uses: actions/setup-java@v4 with: - distribution: 'adopt' + distribution: 'temurin' java-version: '21' # Import GPG secret key for signing @@ -31,16 +41,26 @@ jobs: echo "${{ secrets.GPG_SECRET_KEY }}" > secret_key.asc gpg --import --no-tty --batch secret_key.asc || { echo "GPG import failed"; cat secret_key.asc; exit 1; } rm -f secret_key.asc - # gpg --list-secret-keys - - # Generate settings.xml with Maven repository credentials + # Generate settings.xml with Central Publisher Portal token credentials + # Token from: https://central.sonatype.com/usertoken - name: Create settings.xml + env: + CENTRAL_TOKEN_USERNAME: ${{ secrets.CENTRAL_TOKEN_USERNAME }} + CENTRAL_TOKEN_PASSWORD: ${{ secrets.CENTRAL_TOKEN_PASSWORD }} run: | mkdir -p ~/.m2 cat > ~/.m2/settings.xml << EOF - - ~/.m2 false false org.sonatype.plugins sonatype-nexus-snapshots TiW/t45q ${{ secrets.SONATYPE_PWD }} sonatype-nexus-staging TiW/t45q ${{ secrets.SONATYPE_PWD_STAGING }} + + + + central + ${CENTRAL_TOKEN_USERNAME} + ${CENTRAL_TOKEN_PASSWORD} + + EOF @@ -52,14 +72,13 @@ jobs: - name: Set release version run: mvn versions:set -DnewVersion=${{ github.event.inputs.version }} -DgenerateBackupPoms=false - # Build and deploy the release + # Build and deploy to Central Publisher Portal (mvn deploy uploads bundle and publishes) - name: Deploy release run: | echo "pinentry-mode loopback" > ~/.gnupg/gpg.conf echo "use-agent" >> ~/.gnupg/gpg.conf export GPG_TTY=$(tty || echo /dev/tty) mvn clean deploy --settings ~/.m2/settings.xml -Dgpg.passphrase="${{ secrets.GPG_PASSPHRASE }}" -Prelease - # mvn clean deploy --settings ~/.m2/settings.xml -Dgpg.passphrase="${{ secrets.GPG_PASSPHRASE }}" -Prelease -Dmaven.javadoc.skip=true # Commit the release version and create a tag - name: Commit and tag release @@ -80,7 +99,6 @@ jobs: NEW_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout) git add . git commit -m "$NEW_VERSION" - # git commit -m "${{ github.event.inputs.version }}-SNAPSHOT" # Push commits and tags to GitHub - name: Push changes @@ -88,4 +106,4 @@ jobs: git status git push; git push --tags env: - GITHUB_TOKEN: ${{secrets.PAT}} + GITHUB_TOKEN: ${{ secrets.PAT }} diff --git a/iabgpp-encoder/src/test/java/com/iab/gpp/encoder/section/.UsNatV1Test.java.swp b/iabgpp-encoder/src/test/java/com/iab/gpp/encoder/section/.UsNatV1Test.java.swp deleted file mode 100644 index 686ae751..00000000 Binary files a/iabgpp-encoder/src/test/java/com/iab/gpp/encoder/section/.UsNatV1Test.java.swp and /dev/null differ