import GPG only if release is needed

holixon · Nov 3, 2023 · 62e3356 · 62e3356
1 parent 3b8c5ae
commit 62e3356
Showing 1 changed file with 9 additions and 8 deletions.
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -14,13 +14,6 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v3
 
-      # Get GPG private key into GPG
-      - name: Import GPG Owner Trust
-        run: echo ${{ secrets.GPG_OWNERTRUST }} | base64 --decode | gpg --import-ownertrust
-
-      - name: Import GPG key
-        run: echo ${{ secrets.GPG_SECRET_KEYS }} | base64 --decode | gpg --import --no-tty --batch --yes
-
       # Setup JDK and Maven
       - name: Set up JDK 17
         uses: actions/setup-java@v3
@@ -44,14 +37,22 @@ jobs:
       - name: Run I-Tests with Maven
         run: ./mvnw integration-test failsafe:verify -Pitest -B -T4 -ntp
 
+      # Get GPG private key into GPG
+      - name: Import GPG Owner Trust
+        run: echo ${{ secrets.GPG_OWNERTRUST }} | base64 --decode | gpg --import-ownertrust
+        if: github.ref == 'refs/heads/master' # limit artifact  production to master for the moment
+
+      - name: Import GPG key
+        run: echo ${{ secrets.GPG_SECRET_KEYS }} | base64 --decode | gpg --import --no-tty --batch --yes
+        if: github.ref == 'refs/heads/master' # limit artifact  production to master for the moment
+
       - name: Deploy a new version to central
         run: ./mvnw deploy -B -ntp -DskipTests -Prelease -Dgpg.keyname="${{secrets.GPG_KEYNAME}}" -Dgpg.passphrase="${{secrets.GPG_PASSPHRASE}}"
         env:
           OSS_CENTRAL_USERNAME: "${{ secrets.SONATYPE_USERNAME }}"
           OSS_CENTRAL_PASSWORD: "${{ secrets.SONATYPE_PASSWORD }}"
         if: github.ref == 'refs/heads/master' # limit artifact  production to master for the moment
 
-
       - name: Upload coverage information to CodeCov
         uses: codecov/codecov-action@v3
         with: