Update for Maven Release process.

Author: fdevans

.github/workflows/release.yml

@@ -1,14 +1,13 @@
 on:
   push:
-    # Sequence of patterns matched against refs/tags
     tags:
-      - '*' # Push events to matching v*, i.e. v1.0, v20.15.10
+      - '*.*.*'
 
-name: Upload Release Asset
+name: Publish Release
 
 jobs:
   build:
-    name: Upload Release Asset
+    name: Publish Release
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
@@ -25,8 +24,7 @@ jobs:
       - name: Get Release Version
         id: get_version
         run: VERSION=$(./gradlew currentVersion -q -Prelease.quiet) && echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
-      - name: Create Release and Upload Asset
-        id: create_release
+      - name: Create Release
         run: |
           gh release create \
             --generate-notes \
@@ -35,3 +33,10 @@ jobs:
             build/libs/ansible-plugin-${{ steps.get_version.outputs.VERSION }}.jar
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Publish to Maven Central
+        run: ./gradlew -PsigningKey=${SIGNING_KEY_B64} -PsigningPassword=${SIGNING_PASSWORD} -PsonatypeUsername=${SONATYPE_USERNAME} -PsonatypePassword=${SONATYPE_PASSWORD} publishToSonatype closeAndReleaseSonatypeStagingRepository
+        env:
+          SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
+          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
+          SIGNING_KEY_B64: ${{ secrets.SIGNING_KEY_B64 }}
+          SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}

build.gradle

@@ -1,9 +1,15 @@
 plugins {
   id 'pl.allegro.tech.build.axion-release' version '1.17.2'
-  id 'maven-publish'
+  id 'io.github.gradle-nexus.publish-plugin' version '2.0.0'
 }
 
-group = 'com.rundeck.plugins'
+group = 'org.rundeck.plugins'
+
+ext.publishName = "Ansible Integration ${project.version}"
+ext.githubSlug = 'rundeck-plugins/ansible-plugin'
+ext.developers = [
+        [id: 'rundeck', name: 'Rundeck Engineering', email: 'product@rundeck.com']
+]
 
 ext.rundeckPluginVersion = '1.2'
 ext.pluginClassNames = [
@@ -76,7 +82,9 @@ configurations {
 
 dependencies {
   pluginLibs libs.gson
-  implementation libs.rundeck.core
+  // rundeck-core: compileOnly so SNAPSHOT is not in published POM; testImplementation for tests
+  compileOnly libs.rundeck.core
+  testImplementation libs.rundeck.core
   implementation libs.groovy.all
   pluginLibs libs.jackson.core
   pluginLibs libs.jackson.dataformat.yaml
@@ -139,27 +147,14 @@ jar {
   dependsOn(copyToLib)
 }
 
-publishing {
-  publications {
-    maven(MavenPublication) {
-      groupId = 'com.rundeck.plugins'
-      artifactId = 'ansible-plugin'
-      version = project.version
-      from components.java
-    }
-  }
-  
+nexusPublishing {
+  packageGroup = 'org.rundeck.plugins'
   repositories {
-    maven {
-      name = "PackageCloudTest"
-      url = uri("https://packagecloud.io/pagerduty/rundeckpro-test/maven2")
-      authentication {
-        header(HttpHeaderAuthentication)
-      }
-      credentials(HttpHeaderCredentials) {
-        name = "Authorization"
-        value = "Bearer " + (System.getenv("PKGCLD_WRITE_TOKEN") ?: project.findProperty("pkgcldWriteToken"))
-      }
+    sonatype {
+      nexusUrl.set(uri("https://ossrh-staging-api.central.sonatype.com/service/local/"))
+      snapshotRepositoryUrl.set(uri("https://central.sonatype.com/repository/maven-snapshots/"))
     }
   }
 }
+
+apply from: "${rootDir}/gradle/publishing.gradle"

gradle/publishing.gradle

@@ -0,0 +1,86 @@
+/**
+ * Define project extension values in the project gradle file before including this file:
+ *
+ * publishName = 'Name of Package'
+ * publishDescription = 'description' (optional)
+ * githubSlug = Github slug e.g. 'rundeck/rundeck-cli'
+ * developers = [ [id:'id', name:'name', email: 'email' ] ] list of developers
+ *
+ * Define project properties to sign and publish when invoking publish task:
+ *
+ *     ./gradlew \
+ *     -PsigningKey="base64 encoded gpg key" \
+ *     -PsigningPassword="password for key" \
+ *     -PsonatypeUsername="sonatype token user" \
+ *     -PsonatypePassword="sonatype token password" \
+ *     publishToSonatype closeAndReleaseSonatypeStagingRepository
+ */
+apply plugin: 'maven-publish'
+apply plugin: 'signing'
+
+publishing {
+    publications {
+        "${project.name}"(MavenPublication) { publication ->
+            from components.java
+
+            pom {
+                name = publishName
+                description = project.ext.hasProperty('publishDescription') ? project.ext.publishDescription :
+                        project.description ?: publishName
+                url = "https://github.com/${githubSlug}"
+                licenses {
+                    license {
+                        name = 'The Apache Software License, Version 2.0'
+                        url = 'http://www.apache.org/licenses/LICENSE-2.0.txt'
+                        distribution = 'repo'
+                    }
+                }
+                scm {
+                    url = "https://github.com/${githubSlug}"
+                    connection = "scm:git:git@github.com/${githubSlug}.git"
+                    developerConnection = "scm:git:git@github.com:${githubSlug}.git"
+                }
+                if (project.ext.developers) {
+                    developers {
+                        project.ext.developers.each { dev ->
+                            developer {
+                                id = dev.id
+                                name = dev.name
+                                email = dev.email
+                            }
+                        }
+                    }
+                }
+            }
+
+        }
+    }
+    repositories {
+        def pkgcldWriteToken = System.getenv("PKGCLD_WRITE_TOKEN") ?: project.findProperty("pkgcldWriteToken")
+        if (pkgcldWriteToken) {
+            maven {
+                name = "PackageCloudTest"
+                url = uri("https://packagecloud.io/pagerduty/rundeckpro-test/maven2")
+                authentication {
+                    header(HttpHeaderAuthentication)
+                }
+                credentials(HttpHeaderCredentials) {
+                    name = "Authorization"
+                    value = "Bearer " + pkgcldWriteToken
+                }
+            }
+        }
+    }
+}
+def base64Decode = { String prop ->
+    project.findProperty(prop) ?
+            new String(Base64.getDecoder().decode(project.findProperty(prop).toString())).trim() :
+            null
+}
+
+if (project.hasProperty('signingKey') && project.hasProperty('signingPassword')) {
+    signing {
+        useInMemoryPgpKeys(base64Decode("signingKey"), project.signingPassword)
+        sign(publishing.publications)
+    }
+}