updated the files

CDCgov · Aug 27, 2024 · 4ee821d · 4ee821d
1 parent 3923c46
commit 4ee821d
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 62 deletions.
diff --git a/.github/workflows/deploy-to-github.yml b/.github/workflows/deploy-to-github.yml
@@ -1,41 +1,32 @@
-name: Deploy to GitHub Packages
+name: Java CI/CD Pipeline
 on:
-  push:
-    branches:
-      - testm
+ push:
+   branches:
+     - testm
 jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v3
-      - uses: actions/setup-java@v3
-        with:
-          java-version: '17'
-          distribution: temurin
-          cache: maven
-
-      - name: Publish Package - lib-hl7v2-nist
-        run: mvn -B package
-
-      # - name: Publish package to github Repo
-      #   run: mvn clean deploy --settings .github/workflows/mvn-settings.xml
-      #   env:
-      #     LIB_GITHUB_ACTOR: '${{ secrets.LIB_GITHUB_ACTOR }}'
-      #     LIB_GITHUB_TOKEN: '${{ secrets.LIB_GITHUB_TOKEN }}'
-      # - name: Configure GPG Key
-      #   run: |
-      #       echo -n "$GPG_PRIVATE_KEY" | gpg --import
-
-      - name: Publish package to Maven Central
-        run: mvn clean -X deploy --settings .github/workflows/mvn-settings.xml
-        #run: gpg --list-keys
-        env:
-          # SONATYPE_USERNAME: '${{ secrets.SONATYPE_USERNAME }}'
-          # SONATYPE_PASSWORD: '${{ secrets.SONATYPE_PASSWORD }}'
-          # GPG_PRIVATE_KEY: '${{ secrets.GPG_PRIVATE_KEY }}'
-          # GPG_PASSPHRASE: '${{ secrets.GPG_PASSPHRASE }}'
-            TEST_PASSPHRASE: '${{ secrets.TEST_PASSPHRASE }}'
+ build:
+   runs-on: ubuntu-latest
+   steps:
+   - name: Checkout code
+     uses: actions/checkout@v3
+   - name: Set up JDK 17
+     uses: actions/setup-java@v3
+     with:
+       java-version: '17'
+       distribution: 'temurin'
+       cache: maven
+   - name: Decrypt GPG key
+     run: |
+       echo ${{ secrets.GPG_PRIVATE_KEY }} | base64 --decode | gpg --batch --import
+     env:
+       GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+   - name: Build with Maven
+     run: mvn clean install
+   - name: Publish to Maven Central
+     env:
+       SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
+       SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
+       GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+     run: mvn clean deploy -P release --settings .github/maven-settings.xml
+   - name: Verify JAR signing
+     run: gpg --verify target/*.asc
diff --git a/.github/workflows/mvn-settings.xml b/.github/workflows/mvn-settings.xml
@@ -1,19 +1,21 @@
-<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0">
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
+http://maven.apache.org/xsd/settings-1.0.0.xsd">
 <servers>
-    <!--<server>
-      <id>github</id>
-      <username>${env.LIB_GITHUB_ACTOR}</username>
-      <password>${env.LIB_GITHUB_TOKEN}</password>
-    </server>
-    <server>
-      <id>central</id>
-      <username>${env.SONATYPE_USERNAME}</username>
-      <password>${env.SONATYPE_PASSWORD}</password>
-    </server>-->
     <server>
-      <id>0x26DE68BD</id>
-      <!--<privatekey>${env.GPG_PRIVATE_KEY}</privatekey>-->
-      <passphrase>${env.TEST_PASSPHRASE}</passphrase>
+      <id>SONATYPE</id>
+        <username>${env.SONATYPE_USERNAME}</username>
+        <password>${env.SONATYPE_PASSWORD}</password> 
     </server>
-  </servers>
+</servers>
+<profiles>
+    <profile>
+      <id>release</id>
+    <properties>
+      <gpg.executable>gpg</gpg.executable>
+      <gpg.passphrase>${env.GPG_PASSPHRASE}</gpg.passphrase>
+    </properties>
+    </profile>
+</profiles>
 </settings>
diff --git a/pom.xml b/pom.xml
@@ -37,6 +37,14 @@
             <id>github</id>
             <url>https://maven.pkg.github.com/cdcgov/lib-hl7v2-nist-validator</url>
         </repository>
+        <mavenrepository>
+            <id>ossrh</id>
+            <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+        </mavenrepository>
+        <snapshotRepository>
+            <id>ossrh</id>
+            <url>https://oss.sonatype.org/content/repositories/snapshots/</url>
+        </snapshotRepository>
     </distributionManagement>
 
     <properties>
@@ -92,16 +100,11 @@
                         <goals>
                             <goal>sign</goal>
                         </goals>
-                        <configuration>
-                        <keyname>0x26DE68BD</keyname>
-                        <!-- Prevent gpg from using pinentry programs -->
-                            <gpgArguments>
-                                <arg>--pinentry-mode</arg>
-                                <arg>loopback</arg>
-                            </gpgArguments>
-                        </configuration>
                     </execution>
                 </executions>
+                <configuration>
+                    <gpgPassphrase>${env.GPG_PASSPHRASE}</gpgPassphrase>
+                </configuration>
             </plugin>
             <plugin>
                 <groupId>org.sonatype.central</groupId>