# This workflow publishes one or all modules to Maven Central when a GitHub Release is published. # # Supported release tag formats: # /v — publish a single module (e.g. tuple/v3.3.1) # v — publish all modules (e.g. v3.3.0, backward compat) # # Valid module names: common-toolbox, tuple, identity-generator, crypto-toolbox, math-toolbox, version-catalogue name: Publish Packages to Maven Central on: release: types: - published jobs: publish: name: Build and Publish runs-on: ubuntu-latest permissions: contents: read packages: write steps: - name: Checkout uses: actions/checkout@v4.2.2 - name: Parse Release Tag id: parse-tag run: | TAG="${{ github.event.release.tag_name }}" echo "Release tag: ${TAG}" # /v — single module if [[ "${TAG}" =~ ^([a-z][a-z0-9-]*)/v?([0-9]+\.[0-9]+\.[0-9]+.*)$ ]]; then MODULE="${BASH_REMATCH[1]}" VERSION="${BASH_REMATCH[2]}" case "${MODULE}" in common-toolbox) PROP="commonToolboxVersion" ;; tuple) PROP="tupleVersion" ;; identity-generator) PROP="identityGeneratorVersion" ;; crypto-toolbox) PROP="cryptoToolboxVersion" ;; math-toolbox) PROP="mathToolboxVersion" ;; version-catalogue) PROP="versionCatalogueVersion" ;; *) echo "::error::Unknown module: ${MODULE}" echo "Valid modules: common-toolbox, tuple, identity-generator, crypto-toolbox, math-toolbox, version-catalogue" exit 1 ;; esac echo "module=${MODULE}" >> $GITHUB_OUTPUT echo "version=${VERSION}" >> $GITHUB_OUTPUT echo "gradle_property=${PROP}" >> $GITHUB_OUTPUT echo "gradle_project=:${MODULE}" >> $GITHUB_OUTPUT echo "single_module=true" >> $GITHUB_OUTPUT echo "→ Publishing single module: ${MODULE} @ ${VERSION}" # v — all modules (backward compat) else VERSION="${TAG#v}" echo "version=${VERSION}" >> $GITHUB_OUTPUT echo "single_module=false" >> $GITHUB_OUTPUT echo "→ Publishing all modules @ ${VERSION}" fi - name: Setup GPG TTY run: export GPG_TTY=$(tty) - name: Import PGP Private Key uses: crazy-max/ghaction-import-gpg@v6.3.0 with: gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} passphrase: ${{ secrets.GPG_PASSPHRASE }} trust_level: 5 - name: Creating PGP Ring Key run: | mkdir -p ~/.gnupg echo ${{ secrets.GPG_PASSPHRASE }} | gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 --export-secret-keys -o ~/.gnupg/gpg_key.ring - name: Restore gradle.properties env: GRADLE_PROPERTIES: ${{ secrets.GRADLE_PROPERTIES }} shell: bash run: | mkdir -p ~/.gradle/ echo "GRADLE_USER_HOME=${HOME}/.gradle" >> $GITHUB_ENV echo "${GRADLE_PROPERTIES}" > ~/.gradle/gradle.properties - name: Set up JDK 17 uses: actions/setup-java@v4 with: java-version: "17" distribution: "corretto" - name: Setup Gradle uses: gradle/actions/setup-gradle@v4.4.1 - name: Grant Execution Authority to Gradlew run: chmod +x ./gradlew - name: Build with Gradle env: SINGLE: ${{ steps.parse-tag.outputs.single_module }} PROJECT: ${{ steps.parse-tag.outputs.gradle_project }} PROPERTY: ${{ steps.parse-tag.outputs.gradle_property }} VERSION: ${{ steps.parse-tag.outputs.version }} run: | if [ "${SINGLE}" = "true" ]; then ./gradlew "${PROJECT}:build" "-P${PROPERTY}=${VERSION}" else ./gradlew build \ -PcommonToolboxVersion="${VERSION}" \ -PtupleVersion="${VERSION}" \ -PidentityGeneratorVersion="${VERSION}" \ -PcryptoToolboxVersion="${VERSION}" \ -PmathToolboxVersion="${VERSION}" \ -PversionCatalogueVersion="${VERSION}" fi - name: List Output Items run: ls -l ./**/build/libs - name: Publish to Maven Central env: SINGLE: ${{ steps.parse-tag.outputs.single_module }} PROJECT: ${{ steps.parse-tag.outputs.gradle_project }} PROPERTY: ${{ steps.parse-tag.outputs.gradle_property }} VERSION: ${{ steps.parse-tag.outputs.version }} run: | if [ "${SINGLE}" = "true" ]; then ./gradlew "${PROJECT}:publish" "-P${PROPERTY}=${VERSION}" else ./gradlew publish \ -PcommonToolboxVersion="${VERSION}" \ -PtupleVersion="${VERSION}" \ -PidentityGeneratorVersion="${VERSION}" \ -PcryptoToolboxVersion="${VERSION}" \ -PmathToolboxVersion="${VERSION}" \ -PversionCatalogueVersion="${VERSION}" fi - name: Create Deployment on Central Publisher Portal run: | curl --fail -X 'POST' \ 'https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/com.onixbyte?publishing_type=user_managed' \ -H 'accept: */*' \ -H 'Authorization: Bearer ${{ secrets.MAVEN_PORTAL_TOKEN }}' \ -d ''