Deploying tagged release v1.0.5 #6
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| on: | |
| workflow_dispatch: | |
| inputs: | |
| TAG: | |
| required: true | |
| description: The tag to build and publish (as is) | |
| name: Deploy tagged release | |
| run-name: Deploying tagged release ${{ inputs.TAG }} | |
| # gh/actions/runner/issues/1007#issuecomment-808904408 | |
| jobs: | |
| build-and-deploy: | |
| runs-on: ubuntu-latest | |
| if: ${{ startsWith(github.ref, 'refs/tags/v') || inputs.TAG != '' }} | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: refs/tags/${{ inputs.TAG }} | |
| - name: Setup Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: 11 | |
| distribution: "temurin" | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v4 | |
| with: | |
| # The Gradle wrapper's version (already the default, putting it here to clarity) | |
| gradle-version: wrapper | |
| # Removing unused files from Gradle User Home before saving to cache (i.e. older versions of gradle) | |
| gradle-home-cache-cleanup: true | |
| # Cache downloaded JDKs in addition to the default directories. | |
| gradle-home-cache-includes: | | |
| caches | |
| notifications | |
| jdks | |
| - name: Setup key | |
| uses: crazy-max/ghaction-import-gpg@v6 | |
| with: | |
| fingerprint: ${{ vars.GPG_FINGERPRINT }} | |
| gpg_private_key: ${{ secrets.GPG_KEY }} | |
| passphrase: ${{ secrets.GPG_PASS }} | |
| trust_level: 5 | |
| - name: Build and deploy | |
| env: | |
| S3FS_BUCKET_NAME: ${{ secrets.S3FS_BUCKET_NAME }} | |
| S3FS_ACCESS_KEY: ${{ secrets.S3FS_ACCESS_KEY }} | |
| S3FS_SECRET_KEY: ${{ secrets.S3FS_SECRET_KEY }} | |
| S3FS_REGION: ${{ secrets.S3FS_REGION }} | |
| S3FS_PROTOCOL: "https" | |
| S3FS_PUBLISH_SONATYPE_USER: "${{ secrets.S3FS_PUBLISH_SONATYPE_USER }}" | |
| S3FS_PUBLISH_SONATYPE_PASS: "${{ secrets.S3FS_PUBLISH_SONATYPE_PASS }}" | |
| run: ./gradlew build publish -PwithSignature=true --warn --stacktrace | |
| - name: Check file signature | |
| run: | | |
| ls -al ./build/libs/ | |
| for f in ./build/libs/*.asc; do | |
| echo "Verifying $f" | |
| gpg --verify $f | |
| done |