Switch publishing to CI

[arashi01]

Quick take at solving issues like #71 by switching publishing to CI.

With this setup, every tag starting with v will be deployed to Sonatype automatically.

For it to work, a number of Github Secrets will need to be added as specified below.

For the GPG key, I would personally create another key specifically used for CI publishing, to avoid exposing your existing key to any possible vulnerabilities.

Secrets needed:
PUBLISH_USER	Sonatype OSS Username (ideally should use information from a user token generated in Sonatype UI for security)
PUBLISH_USER_PASSPHRASE	Sonatype OSS User Passphrase (ideally should use information from a user token generated in Sonatype UI for security)
GPG_SIGNING_KEY_ID	GPG Signing Key Hex ID (obtainable by running gpg --list-keys --keyid-format=long)
GPG_SIGNING_KEY	GPG Signing Key text (obtainable by running gpg --export-secret-keys --armour %GPG_KEY_ID%)
GPG_SIGNING_KEY_PASSPHRASE	GPG Signing Key Passphrase (as created when generating gpg key)

[arashi01]

@hamnis Let me know your thoughts.

[hamnis]

Thanks for this.

We are limited to the jdk version which maven uses. If maven > jdk8 then we must use that. Its probably doubtful that maven will swich jdk target within a major release.

I am also somewhat skeptical to use old jdk versions for building. If you need to make sure we use only jdk-libraries that are on jdk-8, we can use the -release 8 compiler flag with a new jdk.

[hamnis]

With regards to jdk8, I have fixed that in master. If you want to rebase this branch on top of master, that would be great.