Release to Maven Central #46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Release to Maven Central | |
| on: | |
| workflow_dispatch: | |
| release: | |
| types: [published] | |
| permissions: | |
| contents: read | |
| jobs: | |
| publish: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| - name: Setup Java 11 | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: temurin | |
| java-version: '11' | |
| cache: maven | |
| - name: Import GPG private key | |
| env: | |
| GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }} | |
| run: | | |
| echo "$GPG_PRIVATE_KEY" | gpg --batch --import | |
| gpg --list-secret-keys || true | |
| - name: Create temporary Maven settings.xml | |
| env: | |
| OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_TOKEN_USERNAME }} | |
| OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }} | |
| run: | | |
| mkdir -p ~/.m2 | |
| cat > ~/.m2/settings.xml <<EOF | |
| <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" | |
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
| xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd"> | |
| <servers> | |
| <server> | |
| <id>ossrh</id> | |
| <username>${OSSRH_TOKEN_USERNAME}</username> | |
| <password>${OSSRH_TOKEN_PASSWORD}</password> | |
| </server> | |
| </servers> | |
| </settings> | |
| EOF | |
| # DEBUG: 检查 settings.xml 内容(替换密码以防泄露) | |
| echo "Generated settings.xml content (sanitized):" | |
| sed 's/<password>.*<\/password>/<password>***<\/password>/' ~/.m2/settings.xml | |
| # 额外检查 username 是否也被正确替换了(只显示前几位) | |
| grep "<username>" ~/.m2/settings.xml | sed 's/<username>\(.\{3\}\).*<\/username>/<username>\1***<\/username>/' | |
| - name: Ensure release version | |
| run: | | |
| VERSION=$(mvn -q -Dexec.executable=echo -Dexec.args='${project.version}' --non-recursive org.codehaus.mojo:exec-maven-plugin:3.5.0:exec) | |
| echo "Project version: $VERSION" | |
| if echo "$VERSION" | grep -qi SNAPSHOT; then | |
| echo "ERROR: version is SNAPSHOT. Please set a non-SNAPSHOT version before releasing." | |
| exit 1 | |
| fi | |
| - name: Deploy to Central Portal | |
| run: | | |
| # 强制设置 GPG 终端环境 | |
| export GPG_TTY=$(tty) | |
| mvn -X -B -U \ | |
| -DskipTests=true \ | |
| -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} \ | |
| -Dgpg.pinentry-mode=loopback \ | |
| -DaltDeploymentRepository="ossrh::default::https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/" \ | |
| clean deploy | |
| env: | |
| GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| OSSRH_TOKEN_USERNAME: ${{ secrets.OSSRH_TOKEN_USERNAME }} | |
| OSSRH_TOKEN_PASSWORD: ${{ secrets.OSSRH_TOKEN_PASSWORD }} |