You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by vy...@apache.org on 2023/01/03 11:50:41 UTC
[logging-log4j-tools] branch master updated: INFRA-23996 Sign artifacts
This is an automated email from the ASF dual-hosted git repository.
vy pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j-tools.git
The following commit(s) were added to refs/heads/master by this push:
new 974c4b1 INFRA-23996 Sign artifacts
974c4b1 is described below
commit 974c4b1020cc2103291a7f056863ec790dec4745
Author: Volkan Yazıcı <vo...@yazi.ci>
AuthorDate: Tue Jan 3 12:51:25 2023 +0100
INFRA-23996 Sign artifacts
---
.github/workflows/build.yml | 14 ++++++--------
.github/workflows/maven-settings.xml | 5 +++++
2 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 218adb8..4bff19a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -118,14 +118,13 @@ jobs:
architecture: x64
cache: maven
- - name: Import GPG private key (RELEASE)
- if: startsWith(github.ref, 'refs/heads/release/')
+ - name: Import GPG secret key
run: |
- echo -n "$GPG_PKEY" \
- | base64 --decode \
+ echo -n "$GPG_SECRET_KEY" \
| gpg -v --batch --import --yes --pinentry-mode error
+ gpg --list-secret-keys
env:
- GPG_PKEY: ${{ secrets.GPG_PKEY }}
+ $GPG_SECRET_KEY: ${{ secrets.$GPG_SECRET_KEY }}
- name: Export artifact version
run: |
@@ -168,18 +167,17 @@ jobs:
}
- name: Deploy
- if: github.ref == 'refs/heads/master'
# `package install:install deploy:deploy` goal is needed to deploy without configuring the plugin in the POM.
# For details see: https://maven.apache.org/plugins/maven-gpg-plugin/examples/deploy-signed-artifacts.html
+ # `package` is necessary before `gpg:sign` too.
run: |
./mvnw \
--show-version --batch-mode --errors --no-transfer-progress \
- -Dgpg.skip=true \
-DskipTests=true \
-DinstallAtEnd=true \
-DdeployAtEnd=true \
--settings .github/workflows/maven-settings.xml \
- package install:install deploy:deploy
+ package gpg:sign install:install deploy:deploy
env:
NEXUS_USER: ${{ secrets.NEXUS_USER }}
NEXUS_PW: ${{ secrets.NEXUS_PW }}
diff --git a/.github/workflows/maven-settings.xml b/.github/workflows/maven-settings.xml
index 3584392..33a7f8f 100644
--- a/.github/workflows/maven-settings.xml
+++ b/.github/workflows/maven-settings.xml
@@ -19,6 +19,11 @@
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
<servers>
+ <server>
+ <id>apache.releases.https</id>
+ <username>${env.NEXUS_USER}</username>
+ <password>${env.NEXUS_PW}</password>
+ </server>
<server>
<id>apache.snapshots.https</id>
<username>${env.NEXUS_USER}</username>