From 43dfde6c2a74f753ddd01e983a975d99f7350a94 Mon Sep 17 00:00:00 2001 From: siujamo Date: Tue, 2 Jun 2026 13:27:16 +0800 Subject: [PATCH] ci: simplify CI workflow for standalone tuple repo - Remove multi-module tag parsing logic - Support x.y.z[-suffix] tag format without v-prefix - Replace tupleVersion with artefactVersion --- .github/workflows/build-and-deploy.yml | 96 ++++++++++++++++++++++++++ build.gradle.kts | 6 +- 2 files changed, 99 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/build-and-deploy.yml diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml new file mode 100644 index 0000000..8e1abce --- /dev/null +++ b/.github/workflows/build-and-deploy.yml @@ -0,0 +1,96 @@ +# Publishes onixbyte-tuple to Maven Central when a version tag is pushed to main. +# +# Supported tag format: ..[-suffix] (e.g. 3.3.1, 3.3.1-alpha) + +name: Publish Package to Maven Central + +on: + push: + tags: + - '[0-9]*.[0-9]*.[0-9]*' + +jobs: + publish: + name: Build and Publish + runs-on: ubuntu-latest + permissions: + contents: read + + steps: + - name: Checkout + uses: actions/checkout@v4.2.2 + with: + fetch-depth: 0 + + - name: Verify Tag is on Main Branch + run: | + if ! git merge-base --is-ancestor HEAD origin/main; then + echo "::error::Tag ${{ github.ref_name }} does not point to a commit on the main branch" + echo "Tags must be pushed after the commit is merged to main." + exit 1 + fi + echo "✓ Tag ${{ github.ref_name }} is on main" + + - name: Extract Version + id: version + run: | + VERSION="${{ github.ref_name }}" + echo "version=${VERSION}" >> $GITHUB_OUTPUT + echo "Version: ${VERSION}" + + - name: Setup GPG TTY + run: export GPG_TTY=$(tty) + + - name: Import PGP Private Key + uses: crazy-max/ghaction-import-gpg@v6.3.0 + with: + gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }} + passphrase: ${{ secrets.GPG_PASSPHRASE }} + trust_level: 5 + + - name: Creating PGP Ring Key + run: | + mkdir -p ~/.gnupg + echo ${{ secrets.GPG_PASSPHRASE }} | gpg --batch --yes --pinentry-mode loopback --passphrase-fd 0 --export-secret-keys -o ~/.gnupg/gpg_key.ring + + - name: Restore gradle.properties + env: + GRADLE_PROPERTIES: ${{ secrets.GRADLE_PROPERTIES }} + shell: bash + run: | + mkdir -p ~/.gradle/ + echo "GRADLE_USER_HOME=${HOME}/.gradle" >> $GITHUB_ENV + echo "${GRADLE_PROPERTIES}" > ~/.gradle/gradle.properties + + - name: Set up JDK 17 + uses: actions/setup-java@v4 + with: + java-version: "17" + distribution: "corretto" + + - name: Setup Gradle + uses: gradle/actions/setup-gradle@v4.4.1 + + - name: Grant Execution Authority to Gradlew + run: chmod +x ./gradlew + + - name: Build with Gradle + env: + VERSION: ${{ steps.version.outputs.version }} + run: ./gradlew build "-PartefactVersion=${VERSION}" + + - name: List Output Items + run: ls -l ./build/libs + + - name: Publish to Maven Central + env: + VERSION: ${{ steps.version.outputs.version }} + run: ./gradlew publish "-PartefactVersion=${VERSION}" + + - name: Create Deployment on Central Publisher Portal + run: | + curl --fail -X 'POST' \ + 'https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/com.onixbyte?publishing_type=user_managed' \ + -H 'accept: */*' \ + -H 'Authorization: Bearer ${{ secrets.MAVEN_PORTAL_TOKEN }}' \ + -d '' diff --git a/build.gradle.kts b/build.gradle.kts index ba5fdda..15c3269 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -29,9 +29,9 @@ plugins { id("signing") } -val tupleVersion: String by project +val artefactVersion: String by project -version = tupleVersion +version = artefactVersion val projectUrl: String by project val projectGithubUrl: String by project val licenseName: String by project @@ -72,7 +72,7 @@ publishing { create("tuple") { groupId = group.toString() artifactId = "tuple" - version = tupleVersion + version = artefactVersion pom { name = "OnixByte Tuple"