Add Maven publication to Github workflow

1. Use in-memory signing for CI workflow (#159) 2. Add publication to workflow1. Use in-memory signing for CI workflow (#159)
stellar · Dec 13, 2024 · 419e194 · 419e194
1 parent 5051478
commit 419e194
Show file tree

Hide file tree

Showing 3 changed files with 63 additions and 4 deletions.
diff --git a/.github/workflows/basic_test.yml → .github/workflows/on_pull_request.yml b/.github/workflows/basic_test.yml → .github/workflows/on_pull_request.yml
@@ -8,7 +8,7 @@ on:
 
 jobs:
   test_and_build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-latest-8-cores
     steps:
       - uses: actions/checkout@v4
 

diff --git a/.github/workflows/on_release_created.yml b/.github/workflows/on_release_created.yml
@@ -0,0 +1,33 @@
+name: Release Published
+
+on:
+  workflow_dispatch:
+  release:
+    types: [ created, edited ]
+
+jobs:
+  build_and_publish_jar:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set up JDK 11
+        uses: actions/setup-java@v4
+        with:
+          java-version: '11'
+          distribution: 'adopt'
+
+      - name: Publish
+        env:
+          OSSRH_USER: ${{ secrets.OSSRH_USER }}
+          OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+          GPG_SIGNING_PASSWORD: ${{ secrets.GPG_SIGNING_PASSWORD }}
+          GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}
+        run: | 
+          ./gradlew clean publish
+
+      - name: Print test results
+        if: success() || failure()
+        run: |
+          echo "\n\n*** Wallet SDK test report ***\n"
+          cat /home/runner/work/kotlin-wallet-sdk/kotlin-wallet-sdk/wallet-sdk/build/reports/tests/test/index.html
diff --git a/wallet-sdk/build.gradle.kts b/wallet-sdk/build.gradle.kts
@@ -102,9 +102,16 @@ publishing {
       val releasesRepoUrl = uri("https://oss.sonatype.org/service/local/staging/deploy/maven2/")
       val snapshotsRepoUrl = uri("https://oss.sonatype.org/content/repositories/snapshots/")
       url = if (version.toString().endsWith("SNAPSHOT")) snapshotsRepoUrl else releasesRepoUrl
+
       credentials {
-        username = System.getenv("OSSRH_USER") ?: return@credentials
-        password = System.getenv("OSSRH_PASSWORD") ?: return@credentials
+        if (System.getenv("OSSRH_USER") == null || System.getenv("OSSRH_PASSWORD") == null) {
+          println(">>> Please set OSSRH_USER and OSSRH_PASSWORD environment variables to continue publishing to Maven.<<<")
+          // @TODO: Enable this exception when we are ready to publish to Maven.
+          // throw GradleException("OSSRH_USER and OSSRH_PASSWORD environment variables are not set.")
+        } else {
+          username = System.getenv("OSSRH_USER") ?: return@credentials
+          password = System.getenv("OSSRH_PASSWORD") ?: return@credentials
+        }
       }
     }
   }
@@ -154,7 +161,26 @@ publishing {
 
   apply<SigningPlugin>()
   configure<SigningExtension> {
-    useGpgCmd()
+    if (System.getenv("GPG_SIGNING_KEY") == null || System.getenv("GPG_SIGNING_PASSWORD") == null) {
+      println("GPG_SIGNING_KEY and GPG_SIGNING_PASSWORD environment variables are not set.")
+      println("Switching to useGpgCmd()")
+      useGpgCmd()
+    } else {
+      // To use in-memory keys instead of GPG command line, use the following:
+      // # List the keys
+      // gpg --list-secret-keys
+      //
+      // # Export the private key in ASCII-armored format
+      // export GPG_SIGNING_KEY=`gpg --export-secret-keys --armor <KEY_ID>`
+      // export GPG_SIGNING_PASSWORD=<PASSPHRASE>
+      println("GPG_SIGNING_KEY and GPG_SIGNING_PASSWORD environment variables are set.")
+      println("Switching to useInMemoryPgpKeys()")
+      useInMemoryPgpKeys(
+        System.getenv("GPG_SIGNING_KEY"), // The private key in ASCII-armored format
+        System.getenv("GPG_SIGNING_PASSWORD")  // The passphrase for the private key
+      )
+    }
+
     sign(publishing.publications)
   }
 }