Skip to content

Merge pull request #956 from alphagov/dependabot/maven/com.amazonaws-… #441

Merge pull request #956 from alphagov/dependabot/maven/com.amazonaws-…

Merge pull request #956 from alphagov/dependabot/maven/com.amazonaws-… #441

name: Release to maven
on:
push:
branches:
- master
paths-ignore:
- '.github/**'
permissions:
contents: write
jobs:
check-signing-key:
uses: ./.github/workflows/_check_gpg_signing_key.yml
secrets:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
release:
needs: check-signing-key
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
- name: Install Java and Maven
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9
with:
java-version: '21'
distribution: 'temurin'
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_CENTRAL_USERNAME # env variable for username in deploy
server-password: MAVEN_CENTRAL_TOKEN # pragma: allowlist secret - env variable for token in deploy
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
- name: Cache Maven packages
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2-
- name: Set package version
id: set-package-version
run: |
PACKAGE_VERSION="1.0.$(date +"%Y%m%d%H%M%S")"
echo "PACKAGE_VERSION=$PACKAGE_VERSION" >> "$GITHUB_OUTPUT"
mvn -B --no-transfer-progress versions:set -DnewVersion="$PACKAGE_VERSION"
- name: Release Maven package
run: mvn -B --no-transfer-progress deploy -P gpg-sign
env:
MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Create GitHub release
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const releaseResponse = await github.rest.repos.createRelease({
owner: context.repo.owner,
repo: context.repo.repo,
name: "Release ${{ steps.set-package-version.outputs.PACKAGE_VERSION }}",
tag_name: "${{ steps.set-package-version.outputs.PACKAGE_VERSION }}",
generate_release_notes: true,
})
console.log(releaseResponse)