Skip to content

Merge pull request #960 from alphagov/dependabot/maven/com.amazonaws-… #448

Merge pull request #960 from alphagov/dependabot/maven/com.amazonaws-…

Merge pull request #960 from alphagov/dependabot/maven/com.amazonaws-… #448

name: Release to maven
on:
push:
branches:
- master
paths-ignore:
- '.github/**'
permissions:
contents: write
jobs:
check-signing-key:
uses: ./.github/workflows/_check_gpg_signing_key.yml
secrets:
GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
release:
needs: check-signing-key
runs-on: ubuntu-latest
steps:
- name: Check out Git repository
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install Java and Maven
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with:
java-version: '21'
distribution: 'temurin'
server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
server-username: MAVEN_CENTRAL_USERNAME # env variable for username in deploy
server-password: MAVEN_CENTRAL_TOKEN # pragma: allowlist secret - env variable for token in deploy
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Value of the GPG private key to import
gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
- name: Cache Maven packages
uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2-
- name: Set package version
id: set-package-version
run: |
PACKAGE_VERSION="1.0.$(date +"%Y%m%d%H%M%S")"
echo "PACKAGE_VERSION=$PACKAGE_VERSION" >> "$GITHUB_OUTPUT"
mvn -B --no-transfer-progress versions:set -DnewVersion="$PACKAGE_VERSION"
- name: Release Maven package
run: mvn -B --no-transfer-progress deploy -P gpg-sign
env:
MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
- name: Create GitHub release
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
const releaseResponse = await github.rest.repos.createRelease({
owner: context.repo.owner,
repo: context.repo.repo,
name: "Release ${{ steps.set-package-version.outputs.PACKAGE_VERSION }}",
tag_name: "${{ steps.set-package-version.outputs.PACKAGE_VERSION }}",
generate_release_notes: true,
})
console.log(releaseResponse)