From 065cc4f8df0f94dc924ddd2613b69d851a39b72d Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 12:36:04 +0200 Subject: [PATCH 01/29] added manual deployment(release) step for the Publisher Portal --- .github/workflows/publishing2sonatype.yml | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index c36a5d7a..adcbd79e 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -33,6 +33,11 @@ jobs: run: | sed -i -e 's|.*sonatypeUsername.*| username = "${{ secrets.SUSER }}"|' ./build.gradle sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - - name: Publish to Sonatype + - name: Sonatype Publish run: | - ./gradlew publishJarPublicationToStagingRepository \ No newline at end of file + ./gradlew publishJarPublicationToStagingRepository + BEARER=$(printf "${secrets.SUSER}:${secrets.SPASSWORD}" | base64) + curl --request POST \ + --verbose \ + --header "Authorization: Bearer ${BEARER}" \ + https://central.sonatype.com/manual/upload/defaultRepository/${secrets.SREPO_ID} From db44a11a95616a11a658090fa088409ae96ae39f Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 13:45:35 +0200 Subject: [PATCH 02/29] allow to run from branch for testing --- .github/workflows/publishing2sonatype.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index adcbd79e..b4e5d6e1 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -1,7 +1,7 @@ name: Publishing to Sonatype on: - release: - types: [published] +# release: +# types: [published] env: GH_TOKEN: ${{ github.token }} From b7ef1399f4fbbbcd8e5ffd2220e4cf68db89c54b Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 13:53:45 +0200 Subject: [PATCH 03/29] on push publish for testing --- .github/workflows/publishing2sonatype.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index b4e5d6e1..5a76ab7e 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -1,5 +1,6 @@ name: Publishing to Sonatype on: + push: # release: # types: [published] From 73eacd62e2d381f317d660581dda9bd6db723991 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 14:04:08 +0200 Subject: [PATCH 04/29] fixed some vars --- .github/workflows/publishing2sonatype.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 5a76ab7e..befa8092 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -37,8 +37,8 @@ jobs: - name: Sonatype Publish run: | ./gradlew publishJarPublicationToStagingRepository - BEARER=$(printf "${secrets.SUSER}:${secrets.SPASSWORD}" | base64) + BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ --header "Authorization: Bearer ${BEARER}" \ - https://central.sonatype.com/manual/upload/defaultRepository/${secrets.SREPO_ID} + https://central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} From a74cc0775b203ba696e9313814333b254d45535f Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 14:23:19 +0200 Subject: [PATCH 05/29] sonatype host changed --- .github/workflows/publishing2sonatype.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index befa8092..eceed491 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -41,4 +41,4 @@ jobs: curl --request POST \ --verbose \ --header "Authorization: Bearer ${BEARER}" \ - https://central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} + https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} From 88a12d779edde045aaa9ba06cb8f9120d4038838 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 14:34:33 +0200 Subject: [PATCH 06/29] sonatype maven repo name changed --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 587fe65e..05dbb6d3 100644 --- a/build.gradle +++ b/build.gradle @@ -157,7 +157,7 @@ publishing { repositories { maven { - name 'staging' + name 'ossrh-staging-api' url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' credentials { From 2de68ae258b1335d1060c568247adda2c77dc7e1 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 14:57:15 +0200 Subject: [PATCH 07/29] sonatype maven repo name changed --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 05dbb6d3..587fe65e 100644 --- a/build.gradle +++ b/build.gradle @@ -157,7 +157,7 @@ publishing { repositories { maven { - name 'ossrh-staging-api' + name 'staging' url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' credentials { From a463a1551b10040ebe7a7a18a976056dbedde235 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 15:02:38 +0200 Subject: [PATCH 08/29] debug flag for gradlew --- .github/workflows/publishing2sonatype.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index eceed491..42f2de22 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,7 +36,7 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | - ./gradlew publishJarPublicationToStagingRepository + ./gradlew -S publishJarPublicationToStagingRepository BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ From 3ee96566460d7a939afe773513b06bffe7cce72d Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 15:43:48 +0200 Subject: [PATCH 09/29] Portal Publisher API test --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 587fe65e..b6409936 100644 --- a/build.gradle +++ b/build.gradle @@ -158,7 +158,7 @@ publishing { repositories { maven { name 'staging' - url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' + url = 'https://central.sonatype.com/api/v1/publisher/deployments/download/' credentials { username = "${sonatypeUsername}" From c18e5210e9fe2dc7a3b341593fbcd545dfe64951 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 16:13:45 +0200 Subject: [PATCH 10/29] Portal Publisher API auth with Bearer --- .github/workflows/publishing2sonatype.yml | 12 +++++++----- build.gradle | 7 ++++--- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 42f2de22..9c253790 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,9 +36,11 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | - ./gradlew -S publishJarPublicationToStagingRepository BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) - curl --request POST \ - --verbose \ - --header "Authorization: Bearer ${BEARER}" \ - https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} + echo "stagingAuthHeaderName=Authorization" >> ./gradle.properties + echo "stagingAuthHeaderValuee=Bearer ${BEARER}" >> ./gradle.properties + ./gradlew -S publishJarPublicationToStagingRepository +# curl --request POST \ +# --verbose \ +# --header "Authorization: Bearer ${BEARER}" \ +# https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} diff --git a/build.gradle b/build.gradle index b6409936..353061d7 100644 --- a/build.gradle +++ b/build.gradle @@ -160,10 +160,11 @@ publishing { name 'staging' url = 'https://central.sonatype.com/api/v1/publisher/deployments/download/' - credentials { - username = "${sonatypeUsername}" - password = "${sonatypePassword}" + credentials(HttpHeaderCredentials) + authentication { + header(HttpHeaderAuthentication) } + } } } From f57308220e4c0290ea81939d60c8e72b8d954bb9 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 16:22:23 +0200 Subject: [PATCH 11/29] auth with Bearer attempt --- .github/workflows/publishing2sonatype.yml | 2 +- build.gradle | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 9c253790..e9cb5b9c 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -38,7 +38,7 @@ jobs: run: | BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) echo "stagingAuthHeaderName=Authorization" >> ./gradle.properties - echo "stagingAuthHeaderValuee=Bearer ${BEARER}" >> ./gradle.properties + echo "stagingAuthHeaderValue=Bearer ${BEARER}" >> ./gradle.properties ./gradlew -S publishJarPublicationToStagingRepository # curl --request POST \ # --verbose \ diff --git a/build.gradle b/build.gradle index 353061d7..26ea097d 100644 --- a/build.gradle +++ b/build.gradle @@ -160,9 +160,9 @@ publishing { name 'staging' url = 'https://central.sonatype.com/api/v1/publisher/deployments/download/' - credentials(HttpHeaderCredentials) + credentials(AuthHeaderValue) authentication { - header(HttpHeaderAuthentication) + header(AuthHeaderName) } } From c68a5b41e9f6ff5d8ec9e45cc6529f7bd34c3daa Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 16:26:08 +0200 Subject: [PATCH 12/29] back to basic auth attempt --- .github/workflows/publishing2sonatype.yml | 4 ++-- build.gradle | 9 ++++----- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index e9cb5b9c..06857f16 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -37,8 +37,8 @@ jobs: - name: Sonatype Publish run: | BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) - echo "stagingAuthHeaderName=Authorization" >> ./gradle.properties - echo "stagingAuthHeaderValue=Bearer ${BEARER}" >> ./gradle.properties +# echo "stagingAuthHeaderName=Authorization" >> ./gradle.properties +# echo "stagingAuthHeaderValue=Bearer ${BEARER}" >> ./gradle.properties ./gradlew -S publishJarPublicationToStagingRepository # curl --request POST \ # --verbose \ diff --git a/build.gradle b/build.gradle index 26ea097d..0c97d777 100644 --- a/build.gradle +++ b/build.gradle @@ -158,13 +158,12 @@ publishing { repositories { maven { name 'staging' - url = 'https://central.sonatype.com/api/v1/publisher/deployments/download/' + url = 'https://central.sonatype.com/api/v1/publisher' - credentials(AuthHeaderValue) - authentication { - header(AuthHeaderName) + credentials { + username = "${sonatypeUsername}" + password = "${sonatypePassword}" } - } } } From 09e4adb7fa2af2e85c39de9ccdcc3bf9c3cb4419 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 16:27:29 +0200 Subject: [PATCH 13/29] fixed yml --- .github/workflows/publishing2sonatype.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 06857f16..75e931cf 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,10 +36,8 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | - BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) -# echo "stagingAuthHeaderName=Authorization" >> ./gradle.properties -# echo "stagingAuthHeaderValue=Bearer ${BEARER}" >> ./gradle.properties ./gradlew -S publishJarPublicationToStagingRepository +# BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) # curl --request POST \ # --verbose \ # --header "Authorization: Bearer ${BEARER}" \ From 0d11634160ec8c9035df1a69ab12dc7d9a403836 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 16:31:36 +0200 Subject: [PATCH 14/29] publisher url changed --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 0c97d777..b6409936 100644 --- a/build.gradle +++ b/build.gradle @@ -158,7 +158,7 @@ publishing { repositories { maven { name 'staging' - url = 'https://central.sonatype.com/api/v1/publisher' + url = 'https://central.sonatype.com/api/v1/publisher/deployments/download/' credentials { username = "${sonatypeUsername}" From 88d9c207f98d75969cf2eec625979b9250ff0c75 Mon Sep 17 00:00:00 2001 From: Alexey Havrilyuk Date: Wed, 30 Jul 2025 16:37:42 +0200 Subject: [PATCH 15/29] back to ossrh --- .github/workflows/publishing2sonatype.yml | 10 +++++----- build.gradle | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 75e931cf..42f2de22 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -37,8 +37,8 @@ jobs: - name: Sonatype Publish run: | ./gradlew -S publishJarPublicationToStagingRepository -# BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) -# curl --request POST \ -# --verbose \ -# --header "Authorization: Bearer ${BEARER}" \ -# https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} + BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) + curl --request POST \ + --verbose \ + --header "Authorization: Bearer ${BEARER}" \ + https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} diff --git a/build.gradle b/build.gradle index b6409936..587fe65e 100644 --- a/build.gradle +++ b/build.gradle @@ -158,7 +158,7 @@ publishing { repositories { maven { name 'staging' - url = 'https://central.sonatype.com/api/v1/publisher/deployments/download/' + url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' credentials { username = "${sonatypeUsername}" From 4cbc6c1e219f3a87b7f162c86554167278ef095a Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 18:04:01 +0300 Subject: [PATCH 16/29] change url --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 587fe65e..5afb7e15 100644 --- a/build.gradle +++ b/build.gradle @@ -158,7 +158,7 @@ publishing { repositories { maven { name 'staging' - url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' + url = 'https://ossrh-staging-api.central.sonatype.com/service/local/' credentials { username = "${sonatypeUsername}" From 7d01777f09c983060785f530c9086f343c51ca3c Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 18:05:14 +0300 Subject: [PATCH 17/29] change url --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 5afb7e15..587fe65e 100644 --- a/build.gradle +++ b/build.gradle @@ -158,7 +158,7 @@ publishing { repositories { maven { name 'staging' - url = 'https://ossrh-staging-api.central.sonatype.com/service/local/' + url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' credentials { username = "${sonatypeUsername}" From 11eb8763d7eb4ffab9766d6c242e41132b1ed7cb Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 18:08:03 +0300 Subject: [PATCH 18/29] change requests order --- .github/workflows/publishing2sonatype.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 42f2de22..44fac8ad 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,9 +36,9 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | - ./gradlew -S publishJarPublicationToStagingRepository BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ --header "Authorization: Bearer ${BEARER}" \ https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} + ./gradlew -S publishJarPublicationToStagingRepository From 1cf1fef0d637578426660b2f17da0b8f91d95b6a Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 18:12:39 +0300 Subject: [PATCH 19/29] adds scan flag --- .github/workflows/publishing2sonatype.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 44fac8ad..27985ff9 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,9 +36,9 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | + ./gradlew -S --scan publishJarPublicationToStagingRepository BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ --header "Authorization: Bearer ${BEARER}" \ https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/${{ secrets.SREPO_ID }} - ./gradlew -S publishJarPublicationToStagingRepository From f8e59690307be7cfbdba99274b7020740bdfe8d8 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 18:19:27 +0300 Subject: [PATCH 20/29] remove staging --- build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build.gradle b/build.gradle index 587fe65e..8bcc303c 100644 --- a/build.gradle +++ b/build.gradle @@ -157,7 +157,7 @@ publishing { repositories { maven { - name 'staging' +// name 'staging' url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' credentials { From 9ba7a649a3ae15548bec3f6580e053cff610aeb0 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 18:27:30 +0300 Subject: [PATCH 21/29] revert back staging --- .github/workflows/publishing2sonatype.yml | 2 +- build.gradle | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 27985ff9..3fa108cf 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,7 +36,7 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | - ./gradlew -S --scan publishJarPublicationToStagingRepository + ./gradlew --info publishJarPublicationToStagingRepository BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ diff --git a/build.gradle b/build.gradle index 8bcc303c..587fe65e 100644 --- a/build.gradle +++ b/build.gradle @@ -157,7 +157,7 @@ publishing { repositories { maven { -// name 'staging' + name 'staging' url = 'https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/' credentials { From 5d8effd9fbde585da6abdba4dcf106a1c92bff0f Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 19:24:44 +0300 Subject: [PATCH 22/29] commented signing zip/tar --- .github/workflows/publishing2sonatype.yml | 1 + build.gradle | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 3fa108cf..1e59b9c3 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -37,6 +37,7 @@ jobs: - name: Sonatype Publish run: | ./gradlew --info publishJarPublicationToStagingRepository + ls -la build/libs/ BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ diff --git a/build.gradle b/build.gradle index 587fe65e..ef1e3034 100644 --- a/build.gradle +++ b/build.gradle @@ -140,9 +140,9 @@ publishing { def matcher = it.file =~ /-(sources|javadoc)\.jar\.asc$/ def zipMatcher = it.file =~ /\.(zip|tar)\.asc$/ def extensionPrefix = 'jar' - if (zipMatcher.find()) { - extensionPrefix = zipMatcher.group(1) - } +// if (zipMatcher.find()) { +// extensionPrefix = zipMatcher.group(1) +// } if (matcher.find()) { classifier = matcher.group(1) } else { From 998ac205adff1b4c50c15bc5d6af26084df938a3 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 19:41:35 +0300 Subject: [PATCH 23/29] test another signing approach --- build.gradle | 48 ++++++++++++++++++++++++++++-------------------- 1 file changed, 28 insertions(+), 20 deletions(-) diff --git a/build.gradle b/build.gradle index ef1e3034..cd84422c 100644 --- a/build.gradle +++ b/build.gradle @@ -135,23 +135,23 @@ publishing { } // Sign the artifacts. - project.tasks.signArchives.signatureFiles.each { - artifact(it) { - def matcher = it.file =~ /-(sources|javadoc)\.jar\.asc$/ - def zipMatcher = it.file =~ /\.(zip|tar)\.asc$/ - def extensionPrefix = 'jar' -// if (zipMatcher.find()) { -// extensionPrefix = zipMatcher.group(1) +// project.tasks.signArchives.signatureFiles.each { +// artifact(it) { +// def matcher = it.file =~ /-(sources|javadoc)\.jar\.asc$/ +// def zipMatcher = it.file =~ /\.(zip|tar)\.asc$/ +// def extensionPrefix = 'jar' +//// if (zipMatcher.find()) { +//// extensionPrefix = zipMatcher.group(1) +//// } +// if (matcher.find()) { +// classifier = matcher.group(1) +// } else { +// classifier = null // } - if (matcher.find()) { - classifier = matcher.group(1) - } else { - classifier = null - } - - extension = extensionPrefix + '.asc' - } - } +// +// extension = extensionPrefix + '.asc' +// } +// } } } @@ -168,10 +168,18 @@ publishing { } } -model { - tasks.publishJarPublicationToStagingRepository { - dependsOn(project.tasks.signArchives) - } +//model { +// tasks.publishJarPublicationToStagingRepository { +// dependsOn(project.tasks.signArchives) +// } +//} + +signing { + required { gradle.taskGraph.hasTask("publish") } + def signingKey = "${signing.keyId}" + def signingPassword = "${signing.password}" + useInMemoryPgpKeys(signingKey, signingPassword) + sign publishing.publications.jar } distributions { From 9acc6cca9cc519940352754de27e936a0cfd05c3 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 19:43:51 +0300 Subject: [PATCH 24/29] fixes signing properties --- .github/workflows/publishing2sonatype.yml | 4 ++-- build.gradle | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 1e59b9c3..a51a92c4 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -24,8 +24,8 @@ jobs: echo -e "${{ secrets.SECRING }}" | base64 -d > ./secring.gpg echo "$(ls -la)" touch ./gradle.properties - echo "signing.keyId=${{ secrets.KEYID }}" >> ./gradle.properties - echo "signing.password=${{ secrets.PASS }}" >> ./gradle.properties + echo "signingKeyId=${{ secrets.KEYID }}" >> ./gradle.properties + echo "signingPassword=${{ secrets.PASS }}" >> ./gradle.properties echo "signing.secretKeyRingFile=$(pwd)/secring.gpg" >> ./gradle.properties echo "sonatypeUsername=${{ secrets.SUSER }}" >> ./gradle.properties echo "sonatypePassword=${{ secrets.SPASSWORD }}" >> ./gradle.properties diff --git a/build.gradle b/build.gradle index cd84422c..49ca93d6 100644 --- a/build.gradle +++ b/build.gradle @@ -176,8 +176,8 @@ publishing { signing { required { gradle.taskGraph.hasTask("publish") } - def signingKey = "${signing.keyId}" - def signingPassword = "${signing.password}" + def signingKey = "${signingKeyId}" + def signingPassword = "${signingPassword}" useInMemoryPgpKeys(signingKey, signingPassword) sign publishing.publications.jar } From 86113f29c0dae3f87b25df34d46a889da4c7daff Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 19:47:40 +0300 Subject: [PATCH 25/29] Use signing approach with secring --- .github/workflows/publishing2sonatype.yml | 4 ++-- build.gradle | 3 --- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index a51a92c4..1e59b9c3 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -24,8 +24,8 @@ jobs: echo -e "${{ secrets.SECRING }}" | base64 -d > ./secring.gpg echo "$(ls -la)" touch ./gradle.properties - echo "signingKeyId=${{ secrets.KEYID }}" >> ./gradle.properties - echo "signingPassword=${{ secrets.PASS }}" >> ./gradle.properties + echo "signing.keyId=${{ secrets.KEYID }}" >> ./gradle.properties + echo "signing.password=${{ secrets.PASS }}" >> ./gradle.properties echo "signing.secretKeyRingFile=$(pwd)/secring.gpg" >> ./gradle.properties echo "sonatypeUsername=${{ secrets.SUSER }}" >> ./gradle.properties echo "sonatypePassword=${{ secrets.SPASSWORD }}" >> ./gradle.properties diff --git a/build.gradle b/build.gradle index 49ca93d6..ab589cc8 100644 --- a/build.gradle +++ b/build.gradle @@ -176,9 +176,6 @@ publishing { signing { required { gradle.taskGraph.hasTask("publish") } - def signingKey = "${signingKeyId}" - def signingPassword = "${signingPassword}" - useInMemoryPgpKeys(signingKey, signingPassword) sign publishing.publications.jar } From d72c31c6ad9dfb302d981c3c7057403308247665 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 19:50:36 +0300 Subject: [PATCH 26/29] comments manual signing of pom --- build.gradle | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/build.gradle b/build.gradle index ab589cc8..19490b1b 100644 --- a/build.gradle +++ b/build.gradle @@ -123,16 +123,16 @@ publishing { } // Sign the pom.xml. - pom.withXml { - def pomFile = file("${project.buildDir}/generated-pom.xml") - writeTo(pomFile) - def pomAscFile = signing.sign(pomFile).signatureFiles[0] - artifact(pomAscFile) { - classifier = null - extension = 'pom.asc' - } - pomFile.delete() - } +// pom.withXml { +// def pomFile = file("${project.buildDir}/generated-pom.xml") +// writeTo(pomFile) +// def pomAscFile = signing.sign(pomFile).signatureFiles[0] +// artifact(pomAscFile) { +// classifier = null +// extension = 'pom.asc' +// } +// pomFile.delete() +// } // Sign the artifacts. // project.tasks.signArchives.signatureFiles.each { From ca2fccbf408048b524cf4888d60afe8b70647fb8 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Wed, 30 Jul 2025 21:20:24 +0300 Subject: [PATCH 27/29] code clean up --- .github/workflows/publishing2sonatype.yml | 3 +- build.gradle | 44 ++--------------------- 2 files changed, 4 insertions(+), 43 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 1e59b9c3..eceed491 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -36,8 +36,7 @@ jobs: sed -i -e 's|.*sonatypePassword.*| password = "${{ secrets.SPASSWORD }}"|' ./build.gradle - name: Sonatype Publish run: | - ./gradlew --info publishJarPublicationToStagingRepository - ls -la build/libs/ + ./gradlew publishJarPublicationToStagingRepository BEARER=$(printf "${{ secrets.SUSER }}:${{ secrets.SPASSWORD }}" | base64) curl --request POST \ --verbose \ diff --git a/build.gradle b/build.gradle index 19490b1b..1bd02452 100644 --- a/build.gradle +++ b/build.gradle @@ -74,13 +74,12 @@ def pomConfig = { inceptionYear 2016 organization { name 'Sift Science' - url 'https://siftscience.com' + url 'https://sift.com' } developers { developer { - id 'lopatin' - name 'Alex Lopatin' - url 'https://github.com/lopatin' + id 'sift-api-platform' + name 'Sift API Platform Team' } } scm { @@ -121,37 +120,6 @@ publishing { last.parent().appendNode('description', 'Sift Science Java API') last + pomConfig } - - // Sign the pom.xml. -// pom.withXml { -// def pomFile = file("${project.buildDir}/generated-pom.xml") -// writeTo(pomFile) -// def pomAscFile = signing.sign(pomFile).signatureFiles[0] -// artifact(pomAscFile) { -// classifier = null -// extension = 'pom.asc' -// } -// pomFile.delete() -// } - - // Sign the artifacts. -// project.tasks.signArchives.signatureFiles.each { -// artifact(it) { -// def matcher = it.file =~ /-(sources|javadoc)\.jar\.asc$/ -// def zipMatcher = it.file =~ /\.(zip|tar)\.asc$/ -// def extensionPrefix = 'jar' -//// if (zipMatcher.find()) { -//// extensionPrefix = zipMatcher.group(1) -//// } -// if (matcher.find()) { -// classifier = matcher.group(1) -// } else { -// classifier = null -// } -// -// extension = extensionPrefix + '.asc' -// } -// } } } @@ -168,12 +136,6 @@ publishing { } } -//model { -// tasks.publishJarPublicationToStagingRepository { -// dependsOn(project.tasks.signArchives) -// } -//} - signing { required { gradle.taskGraph.hasTask("publish") } sign publishing.publications.jar From ece439f10b6da5861927c9447d294814bf9dffe3 Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Thu, 31 Jul 2025 13:59:11 +0300 Subject: [PATCH 28/29] revert back Publishing for the release only --- .github/workflows/publishing2sonatype.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index eceed491..3deb7bf1 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -1,8 +1,8 @@ name: Publishing to Sonatype on: push: -# release: -# types: [published] + release: + types: [published] env: GH_TOKEN: ${{ github.token }} From ec2e22c2dcb0f57f35afedbd92ef4618f92b644b Mon Sep 17 00:00:00 2001 From: Ihor Prysiazhnyi Date: Thu, 31 Jul 2025 14:02:22 +0300 Subject: [PATCH 29/29] revert back Publishing for the release only --- .github/workflows/publishing2sonatype.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/publishing2sonatype.yml b/.github/workflows/publishing2sonatype.yml index 3deb7bf1..19867c0c 100644 --- a/.github/workflows/publishing2sonatype.yml +++ b/.github/workflows/publishing2sonatype.yml @@ -1,6 +1,5 @@ name: Publishing to Sonatype on: - push: release: types: [published]