diff --git a/.github/workflows/manual-github-release-trigger.yml b/.github/workflows/manual-github-release-trigger.yml index b863ac6..6de2b10 100644 --- a/.github/workflows/manual-github-release-trigger.yml +++ b/.github/workflows/manual-github-release-trigger.yml @@ -54,29 +54,32 @@ jobs: git config user.email "oranheim@gmail.com" git config user.name "GitHub Actions" - - name: Import and Verify GPG key + - name: Import GPG key env: - GPG_PRIVATE_KEY: ${{ secrets.OSSRH_GPG_PRIVATE_KEY }} - GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} - GPG_KEY_ID: ${{ secrets.OSSRH_GPG_SECRET_KEY_ID }} + GPG_SECRET: ${{ secrets.GPG_SECRET }} run: | - echo "$GPG_PRIVATE_KEY" | gpg --batch --import + echo "$GPG_SECRET" | gpg --batch --import gpg --list-secret-keys --keyid-format LONG - echo "Verifying GPG passphrase..." - echo "test" | gpg --batch --yes --passphrase "$GPG_PASSPHRASE" --local-user "$GPG_KEY_ID" --armor --detach-sign --pinentry-mode loopback - name: Release with Maven env: MAVEN_USERNAME: ${{ secrets.OSSRH_USER }} MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} - GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} - GPG_KEY_ID: ${{ secrets.OSSRH_GPG_SECRET_KEY_ID }} + GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} + GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }} run: | mvn -X --batch-mode release:clean release:prepare release:perform \ - -Darguments="-Dgpg.passphrase=${GPG_PASSPHRASE} -Dgpg.keyname=${GPG_KEY_ID} -DskipTests" \ + -Dgpg.passphrase=${GPG_PASSPHRASE} \ + -Dgpg.keyname=${GPG_KEY_ID} \ -DskipTests \ -P oss-maven-central + - name: Cleanup GPG keys + if: always() + run: | + gpg --delete-secret-keys ${{ secrets.GPG_KEY_ID }} + gpg --delete-keys ${{ secrets.GPG_KEY_ID }} + - name: Notify on success if: success() run: | diff --git a/pom.xml b/pom.xml index 712ed41..6422361 100644 --- a/pom.xml +++ b/pom.xml @@ -170,7 +170,6 @@ - --pinentry-mode loopback