Update build-with-provenance.yml #203

	# This workflow uses actions that are not certified by GitHub.
	# They are provided by a third-party and are governed by
	# separate terms of service, privacy policy, and support
	# documentation.
	# This workflow will build a Java project with Gradle and cache/restore any dependencies to improve the workflow execution time
	# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-gradle

	name: Java CI with Gradle

	on:
	push:
	pull_request:
	workflow_dispatch:

	permissions:
	contents: read

	jobs:
	build:

	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v3
	- name: Set up JDK
	uses: actions/setup-java@v3
	with:
	java-version: '8'
	distribution: 'corretto'

	- name: Add the release signing secret key
	if: github.ref_name == 'main'
	run: echo -n "$GPG_SIGNING_KEY" \| gpg --import
	env:
	GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}

	- name: Validate Gradle wrapper
	uses: gradle/wrapper-validation-action@v1

	- name: Setup gradle build
	uses: gradle/gradle-build-action@6778644d759ada84c71d6abc2f6fd7e328c600ab

	- name: Enable verbose logging of dependencies
	run: echo "org.gradle.dependency.verification.console=verbose" >> $GITHUB_WORKSPACE/gradle.properties

	- name: Build with Gradle
	run: ./gradlew build --no-daemon

	- name: Sign the binary
	if: github.ref_name == 'main'
	run: gpg --detach-sign -a ./build/libs/*.jar
	env:
	GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}

	- name: Upload a Build Artifact
	uses: actions/[email protected]
	with:
	# Artifact name
	path: ./build/libs/

Provide feedback