Removed staging step and cleanup #17
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish Snapshot | |
| concurrency: | |
| group: deploy-master | |
| cancel-in-progress: false | |
| on: | |
| push: | |
| branches: | |
| - master | |
| - 187-create-mobilitydata-maven-packages # TEMPORARY: remove after testing | |
| workflow_dispatch: # Manual trigger | |
| env: | |
| java_version: '17' | |
| java_distribution: 'zulu' | |
| jobs: | |
| publish-snapshot: | |
| if: "github.event_name == 'workflow_dispatch' || !contains(github.event.head_commit.message, 'ci skip')" | |
| runs-on: ubuntu-24.04 | |
| env: | |
| HAS_1PASSWORD: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN != '' && vars.ONE_PASSWORD_SECRET_REFERENCES != '' }} | |
| steps: | |
| - uses: actions/checkout@v5 | |
| with: | |
| fetch-depth: 0 | |
| - name: Set up JDK ${{ env.java_version }}-${{ env.java_distribution }} | |
| uses: actions/setup-java@v5 | |
| with: | |
| java-version: ${{ env.java_version }} | |
| distribution: ${{ env.java_distribution }} | |
| - name: Print Java and Maven versions | |
| run: mvn --version | |
| - name: Cache Maven dependencies | |
| uses: actions/cache@v4 | |
| with: | |
| path: ~/.m2/repository | |
| key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| restore-keys: | | |
| ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} | |
| ${{ runner.os }}-maven- | |
| ${{ runner.os }}- | |
| - name: Load secrets from 1Password | |
| if: env.HAS_1PASSWORD == 'true' | |
| uses: MobilityData/gtfs-validator/.github/actions/extract-1password-secret@master | |
| with: | |
| OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} | |
| VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME, MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD' | |
| ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }} | |
| - name: Load secrets from GitHub secrets (fallback for forks without 1Password) | |
| if: env.HAS_1PASSWORD != 'true' | |
| env: | |
| GPG_KEY: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} | |
| GPG_PASS: ${{ secrets.MAVEN_GPG_PASSPHRASE }} | |
| MVN_USER: ${{ secrets.MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME }} | |
| MVN_PASS: ${{ secrets.MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD }} | |
| run: | | |
| { | |
| echo "MAVEN_GPG_PASSPHRASE=$GPG_PASS" | |
| echo "MAVEN_GPG_PRIVATE_KEY<<GPG_EOF" | |
| echo "$GPG_KEY" | |
| echo "GPG_EOF" | |
| echo "MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME=$MVN_USER" | |
| echo "MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD=$MVN_PASS" | |
| } >> "$GITHUB_ENV" | |
| - name: Stage artifacts | |
| run: mvn deploy -Ppublication -Dprettier.skip=true -ntp | |
| - name: Publish snapshot to Maven Central | |
| env: | |
| JRELEASER_GPG_PASSPHRASE: ${{ env.MAVEN_GPG_PASSPHRASE }} | |
| JRELEASER_GPG_SECRET_KEY: ${{ env.MAVEN_GPG_PRIVATE_KEY }} | |
| run: mvn jreleaser:deploy -Djreleaser.output.directory=out -ntp | |
| - name: Upload JReleaser output | |
| if: always() | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: jreleaser-snapshot-logs | |
| path: out/ |