Publish to Maven #56

Workflow file for this run

.github/workflows/publish.maven.yml at ee898dd

	name: Publish to Maven
	on:
	workflow_dispatch:

	jobs:
	get-version:
	runs-on: ubuntu-latest
	defaults:
	run:
	working-directory: ./sdk/java/core
	outputs:
	version: ${{ steps.extract-version.outputs.version }}
	steps:
	- uses: actions/checkout@v3
	- name: Extract version from build.gradle.kts
	id: extract-version
	run: \|
	VERSION=$(grep -Po 'version\s=\s"\K[^"]*' build.gradle.kts \|\| echo "0.0.0-unknown")
	echo "Version retrieved: $VERSION"
	echo "version=$VERSION" >> $GITHUB_OUTPUT

	generate-and-upload-sbom:
	needs: get-version
	uses: ./.github/workflows/reusable.sbom.workflow.yml
	with:
	working-directory: ./sdk/java/core
	project-name: keeper-secrets-manager-java
	project-type: java
	project-version: ${{ needs.get-version.outputs.version }}
	sbom-format: spdx-json
	additional-labels: ksm,sdk,java,security
	secrets:
	MANIFEST_TOKEN: ${{ secrets.MANIFEST_TOKEN }}

	publish-java:
	needs: generate-and-upload-sbom
	environment: prod
	runs-on: ubuntu-latest

	defaults:
	run:
	working-directory: ./sdk/java/core

	steps:
	- name: Get the source code
	uses: actions/checkout@v3

	- name: Set up Java 11
	uses: actions/setup-java@v2
	with:
	java-version: '11'
	distribution: 'adopt'

	- name: Validate Gradle wrapper
	uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b

	- name: Retrieve secrets from KSM
	id: ksmsecrets
	uses: Keeper-Security/ksm-action@v1
	with:
	keeper-secret-config: ${{ secrets.KSM_ARTIFACT_JAVA_APP_CONFIG }}
	secrets: \|
	zOVOneDczofWFlfizjC5Qw/file/90A46CD1-private-key.asc > file:/tmp/signing_secret_key_ring_file.asc
	zOVOneDczofWFlfizjC5Qw/custom_field/signing.keyId > env:SIGNING_KEY_ID
	zOVOneDczofWFlfizjC5Qw/custom_field/signing.password > env:SIGNING_PASSWORD
	zOVOneDczofWFlfizjC5Qw/custom_field/ossrhUsername > env:OSSRH_USERNAME
	zOVOneDczofWFlfizjC5Qw/custom_field/ossrhPassword > env:OSSRH_PASSWORD

	- name: Publish package
	env:
	SIGNING_SECRET_KEY_RING_FILE: /tmp/signing_secret_key_ring_file.asc
	run: gradle publishMavenJavaPublicationToSonatypeRepository

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Publish to Maven #56

Workflow file

Publish to Maven #56

Jobs

Run details

Workflow file for this run