Skip to content

Commit 27f00d3

Browse files
committed
[Backport 2.19] Update the maven snapshot publish endpoint and credential
Signed-off-by: Jialiang Liang <jiallian@amazon.com>
1 parent b6c307e commit 27f00d3

4 files changed

Lines changed: 11 additions & 10 deletions

File tree

.github/workflows/link-checker.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
id: lychee
1919
uses: lycheeverse/lychee-action@master
2020
with:
21-
args: --accept=200,403,429,999 "./**/*.html" "./**/*.md" "./**/*.txt" --exclude "https://aws.oss.sonatype.*" "http://localhost*" "https://localhost" "https://odfe-node1:9200/" "https://community.tableau.com/docs/DOC-17978" ".*family.zzz" "https://pypi.python.org/pypi/opensearchsql/" "opensearch*" ".*@amazon.com" ".*email.com" "git@github.com" "http://timestamp.verisign.com/scripts/timstamp.dll" ".*/PowerBIConnector/bin/Release"
21+
args: --accept=200,403,429,999 "./**/*.html" "./**/*.md" "./**/*.txt" --exclude "https://aws.oss.sonatype.*|https://central.sonatype.*|http://localhost.*|https://localhost|https://odfe-node1:9200/|https://community.tableau.com/docs/DOC-17978|.*family.zzz|opensearch*|.*@amazon.com|.*email.com|.*@github.com|http://timestamp.verisign.com/scripts/timstamp.dll"
2222
env:
2323
GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
2424
- name: Fail if there were link errors

.github/workflows/maven-publish.yml

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -25,14 +25,15 @@ jobs:
2525
distribution: temurin # Temurin is a distribution of adoptium
2626
java-version: 11
2727
- uses: actions/checkout@v4
28-
- uses: aws-actions/configure-aws-credentials@v1.7.0
28+
- name: Load secret
29+
uses: 1password/load-secrets-action@v2
2930
with:
30-
role-to-assume: ${{ secrets.PUBLISH_SNAPSHOTS_ROLE }}
31-
aws-region: us-east-1
31+
# Export loaded secrets as environment variables
32+
export-env: true
33+
env:
34+
OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
35+
SONATYPE_USERNAME: op://opensearch-infra-secrets/maven-central-portal-credentials/username
36+
SONATYPE_PASSWORD: op://opensearch-infra-secrets/maven-central-portal-credentials/password
3237
- name: publish snapshots to maven
3338
run: |
34-
export SONATYPE_USERNAME=$(aws secretsmanager get-secret-value --secret-id maven-snapshots-username --query SecretString --output text)
35-
export SONATYPE_PASSWORD=$(aws secretsmanager get-secret-value --secret-id maven-snapshots-password --query SecretString --output text)
36-
echo "::add-mask::$SONATYPE_USERNAME"
37-
echo "::add-mask::$SONATYPE_PASSWORD"
3839
./gradlew publishPluginZipPublicationToSnapshotsRepository

integ-test/build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ ext {
6363
noticeFile = rootProject.file('NOTICE')
6464

6565
getSecurityPluginDownloadLink = { ->
66-
var repo = "https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/plugin/" +
66+
var repo = "https://central.sonatype.com/repository/maven-snapshots/org/opensearch/plugin/" +
6767
"opensearch-security/$opensearch_build_snapshot/"
6868
var metadataFile = Paths.get(projectDir.toString(), "build", "maven-metadata.xml").toAbsolutePath().toFile()
6969
download.run {

plugin/build.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ publishing {
8080
repositories {
8181
maven {
8282
name = "Snapshots" // optional target repository name
83-
url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
83+
url = "https://central.sonatype.com/repository/maven-snapshots/"
8484
credentials {
8585
username "$System.env.SONATYPE_USERNAME"
8686
password "$System.env.SONATYPE_PASSWORD"

0 commit comments

Comments
 (0)