Skip to content

Commit

Permalink
Use envvar for GPG signature (asciidoctor#737)
Browse files Browse the repository at this point in the history
Unify release configuration with PR asciidoctor#736 for main branch
  • Loading branch information
abelsromero authored Jan 10, 2024
1 parent 5ca7783 commit 68fa5ac
Show file tree
Hide file tree
Showing 2 changed files with 94 additions and 7 deletions.
85 changes: 85 additions & 0 deletions .github/workflows/build.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -46,3 +46,88 @@ jobs:
run: mvn -version
- name: Build & Test
run: mvn -B -Prun-its clean verify
javadocs:
name: Javadocs
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
java:
- 11
maven:
- 3.9.6
runs-on: ${{ matrix.os }}
steps:
- uses: s4u/[email protected]
with:
java-distribution: 'temurin'
java-version: ${{ matrix.java }}
maven-version: ${{ matrix.maven }}
- name: Build & Test
run: mvn -B clean javadoc:jar
signature:
name: Sign artifacts
environment: test
env:
ARTIFACTS_DIR: target/artifacts
GPG_KEYNAME: AD1FC1D8A84C23D92DC1377D519F6A9DA113C4F3
GPG_PASSPHRASE: 1234567890
GPG_PRIVATE_KEY: |
-----BEGIN PGP PRIVATE KEY BLOCK-----
lIYEZZNGnRYJKwYBBAHaRw8BAQdACk2kGg4AXHMDO4yyfUgVoxNkdgwH5JeU4RKC
oWiJ8T7+BwMCsLucYGxSgqf/wrrRjmsWthIvcmSGikVBbmURXvygOSEAVvM6/dqW
exlh52f1W38SeQV1lteQjNUP5qc+F7y4eD8wqQQ3MRf6C3lTciMHr7RAYXNjaWlk
b2N0b3ItbWF2ZW4tcGx1Z2luIHRlc3RpbmcgPGFzY2lpZG9jdG9yLXRlc3RpbmdA
ZmFrZS5tYWlsPoiZBBMWCgBBFiEErR/B2KhMI9ktwTd9UZ9qnaETxPMFAmWTRp0C
GwMFCQWjmoAFCwkIBwICIgIGFQoJCAsCBBYCAwECHgcCF4AACgkQUZ9qnaETxPPJ
BgD/Zrvgxa74ectHRj+lOF1Tc+u47B5RraAbGsDRcVRzYJABALWXYMywNLObobpU
pvNBnCyBYWwrW/+o1D3FI6aDzhgBnIsEZZNGnRIKKwYBBAGXVQEFAQEHQLdLXbH0
Q6wiP0b/QF+gJfXDNcJCWu4yAYO3WrdhyddmAwEIB/4HAwI8l2WaMrWsVP9cRuJg
ifCy3/n6Sk2DSC4028DJRCFx99oQx85dwDysmLMCccL/Od/X5RR9X4c9mCP9ZI2V
i9Fp7zcNKGCy7TafFoS2w5RTiH4EGBYKACYWIQStH8HYqEwj2S3BN31Rn2qdoRPE
8wUCZZNGnQIbDAUJBaOagAAKCRBRn2qdoRPE86XrAPwPakum1coasOY7U2mNbky3
X1Exlurk0IMFiW/GJkNcjgD+PkU7pXgRSy2YEl7ZWswheLvlQQT0PsyNSfkWS201
/ww=
=BCbM
-----END PGP PRIVATE KEY BLOCK-----
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
java:
- 11
maven:
- 3.9.6
runs-on: ${{ matrix.os }}
steps:
- name: debug
run: |
echo "${{ env.GPG_KEYNAME }}"
echo "${{ env.GPG_PASSPHRASE }}"
echo "${{ env.GPG_PRIVATE_KEY }}"
- name: Prepare key
run: echo -e "${{ env.GPG_PRIVATE_KEY }}" | gpg --import --batch
- name: List kys
run: gpg --list-keys
- uses: s4u/[email protected]
with:
java-distribution: 'temurin'
java-version: ${{ matrix.java }}
maven-version: ${{ matrix.maven }}
- name: Build & Test
run: mvn -B clean install -Prelease -DskipTests
- name: Collect artifacts
run: |
mkdir -p $ARTIFACTS_DIR
cp -r $HOME/.m2/repository/org/asciidoctor/asciidoctor-maven-* $ARTIFACTS_DIR
cp -r $HOME/.m2/repository/org/asciidoctor/*-doxia-module $ARTIFACTS_DIR
- name: Verify JAR signatures
run: find $ARTIFACTS_DIR -type f -name "*.jar" -exec gpg --verify "{}.asc" \;
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: signed-artifacts
path: ${{ env.ARTIFACTS_DIR }}
16 changes: 9 additions & 7 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -371,11 +371,13 @@
<profiles>
<profile>
<!--
To release to bintray, add your credentials to ~/.m2/settings.xml and run:
$ mvn deploy
-->
<id>release-profile</id>
To release, define environment variables:
export GPG_KEYNAME=""
export GPG_PASSPHRASE=""
Then, run
$ mvn deploy
-->
<id>release</id>
<build>
<plugins>
<plugin>
Expand Down Expand Up @@ -410,8 +412,8 @@
<artifactId>maven-gpg-plugin</artifactId>
<configuration>
<executable>gpg2</executable>
<keyname>${gpg.keyname}</keyname>
<passphrase>${gpg.passphrase}</passphrase>
<keyname>${env.GPG_KEYNAME}</keyname>
<passphrase>${env.GPG_PASSPHRASE}</passphrase>
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
Expand Down

0 comments on commit 68fa5ac

Please sign in to comment.