ci(sbt-build): verify resources #121
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build & Publish | |
| on: | |
| #workflow_dispatch: | |
| push: | |
| branches: | |
| - feature/artifact-publish | |
| jobs: | |
| Build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Setup JDK And SBT | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: "temurin" | |
| java-version: "21" | |
| cache: "sbt" | |
| - name: Decrypt and Import GPG Key | |
| run: | | |
| gpgconf --kill gpg-agent || true | |
| gpgconf --launch gpg-agent || true | |
| echo "$PGP_SECRET" | base64 --decode | gpg --batch --no-tty --import | |
| env: | |
| PGP_SECRET: ${{ secrets.GPG_SECRET }} | |
| - name: Verify Resources | |
| run: | | |
| echo "---------- Verifying GPG Keys ----------" | |
| GPG_FINGERPRINT=$(gpg --list-keys --with-colons | grep fpr | head -n 1 | cut -d: -f10) | |
| echo "GPG_FINGERPRINT=$GPG_FINGERPRINT" >> $GITHUB_ENV | |
| gpg --keyserver keyserver.ubuntu.com --recv-keys $GPG_FINGERPRINT | |
| echo "----------------------------------------" | |
| echo "----------------------------------------" | |
| echo "---------- Verifying Existence of Sonatype Credentials ----------" | |
| if [ -z "$SONATYPE_USERNAME" ]; then echo "SONATYPE_USERNAME is not set"; else echo "SONATYPE_USERNAME is set"; fi | |
| if [ -z "$SONATYPE_PASSWORD" ]; then echo "SONATYPE_PASSWORD is not set"; else echo "SONATYPE_PASSWORD is set"; fi | |
| echo "-----------------------------------------------------------------" | |
| echo "-----------------------------------------------------------------" | |
| echo "---------- Verifying Existence of PGP Variables ----------" | |
| if [ -z "$PGP_PASSPHRASE" ]; then echo "PGP_PASSPHRASE is not set"; else echo "PGP_PASSPHRASE is set"; fi | |
| if [ -z "$PGP_SECRET" ]; then echo "PGP_SECRET is not set"; else echo "PGP_SECRET is set"; fi | |
| echo "----------------------------------------------------------" | |
| echo "----------------------------------------------------------" | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| PGP_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| PGP_SECRET: ${{ secrets.GPG_SECRET }} | |
| - name: Publish to Maven Repository | |
| run: sbt -debug ci-release | |
| env: | |
| SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }} | |
| SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }} | |
| PGP_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} | |
| PGP_SECRET: ${{ secrets.GPG_SECRET }} | |
| # - name: Publish to GitHub Packages | |
| # run: sbt publish | |
| # env: | |
| # GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} |