#initial-commit

mewebstudio · mewebstudio · commit bc67ee7113a6 · 2025-05-05T19:01:24.000+03:00
diff --git a/.github/workflows/maven-publish.yml b/.github/workflows/maven-publish.yml
@@ -21,35 +21,39 @@ jobs:
           server-username: MAVEN_CENTRAL_USERNAME
           server-password: MAVEN_CENTRAL_TOKEN
 
-      - name: Clean GPG keyring
+      - name: Install GPG
         run: |
-          rm -rf ~/.gnupg
+          sudo apt-get update
+          sudo apt-get install -y gnupg
 
-      - name: Start gpg-agent
+      - name: Configure GPG agent
         run: |
-          echo "Starting gpg-agent..."
+          echo "allow-loopback-pinentry" > ~/.gnupg/gpg-agent.conf
+          gpgconf --kill gpg-agent
           gpgconf --launch gpg-agent
         shell: bash
 
       - name: Import GPG key
         run: |
-          echo "$GPG_PRIVATE_KEY" | gpg --batch --yes --import
+          echo "${{ secrets.GPG_PRIVATE_KEY }}" | gpg --batch --yes --import
         env:
           GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
 
+      - name: Preload GPG passphrase
+        run: |
+          echo "${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}" | gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 -o /dev/null --sign
+        env:
+          GPG_PRIVATE_KEY_PASSPHRASE: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
+
       - name: Verify GPG keys
         run: |
           gpg --list-secret-keys --keyid-format LONG
 
-      - name: Set GPG passphrase
-        run: echo "GPG_PASSPHRASE=${{ secrets.GPG_SECRET_KEY_PASSWORD }}" >> $GITHUB_ENV
-
       - name: Set GPG keyname
         run: echo "GPG_KEYNAME=${{ secrets.GPG_KEYNAME }}" >> $GITHUB_ENV
 
       - name: Publish to Maven Central
-        run: mvn --batch-mode deploy -P release -Dgpg.keyname=${{ env.GPG_KEYNAME }} -Dgpg.passphrase=${{ env.GPG_PASSPHRASE }}
+        run: mvn --batch-mode deploy -P release -Dgpg.keyname=${{ env.GPG_KEYNAME }}
         env:
           MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
           MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
-          GPG_PASSPHRASE: ${{ secrets.GPG_SECRET_KEY_PASSWORD }}
diff --git a/pom.xml b/pom.xml
@@ -149,10 +149,12 @@
                         </goals>
                         <configuration>
                             <keyname>${env.GPG_KEYNAME}</keyname>
-                            <passphrase>${env.GPG_PASSPHRASE}</passphrase>
-                            <files>
-                                <file>${project.build.directory}/${project.build.finalName}.jar</file>
-                            </files>
+                            <gpgArguments>
+                                <arg>--batch</arg>
+                                <arg>--yes</arg>
+                                <arg>--pinentry-mode</arg>
+                                <arg>loopback</arg>
+                            </gpgArguments>
                         </configuration>
                     </execution>
                 </executions>
