[#52] Fix signing maven publications
- Remove `IS_RELEASE_SIGNING_ENABLED` as it didn’t do what was expected. It just made signing optional and didn’t toggle signing off. - Removed passing signing key for snapshot deployments in deployment - Pass signing key for maven local deployment for release deployment
This commit is contained in:
parent
c39fbb2b1d
commit
23278b9c96
|
@ -63,7 +63,7 @@ jobs:
|
|||
timeout-minutes: 25
|
||||
env:
|
||||
ORG_GRADLE_PROJECT_IS_SNAPSHOT: false
|
||||
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: true
|
||||
ORG_GRADLE_PROJECT_ZCASH_ASCII_GPG_KEY: ${{ secrets.MAVEN_SIGNING_KEY_ASCII }}
|
||||
run: |
|
||||
./gradlew publishKotlinMultiplatformPublicationToMavenLocalRepository --no-parallel
|
||||
- name: Deploy to Maven Central
|
||||
|
@ -73,7 +73,6 @@ jobs:
|
|||
ORG_GRADLE_PROJECT_ZCASH_MAVEN_PUBLISH_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
|
||||
ORG_GRADLE_PROJECT_ZCASH_ASCII_GPG_KEY: ${{ secrets.MAVEN_SIGNING_KEY_ASCII }}
|
||||
ORG_GRADLE_PROJECT_IS_SNAPSHOT: false
|
||||
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: true
|
||||
run: |
|
||||
./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository --no-parallel
|
||||
- name: Collect Artifacts
|
||||
|
|
|
@ -72,7 +72,6 @@ jobs:
|
|||
timeout-minutes: 25
|
||||
env:
|
||||
ORG_GRADLE_PROJECT_IS_SNAPSHOT: true
|
||||
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: false
|
||||
run: |
|
||||
./gradlew publishKotlinMultiplatformPublicationToMavenLocalRepository --no-parallel
|
||||
- name: Deploy to Maven Central
|
||||
|
@ -80,9 +79,7 @@ jobs:
|
|||
env:
|
||||
ORG_GRADLE_PROJECT_ZCASH_MAVEN_PUBLISH_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
|
||||
ORG_GRADLE_PROJECT_ZCASH_MAVEN_PUBLISH_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
|
||||
ORG_GRADLE_PROJECT_ZCASH_ASCII_GPG_KEY: ${{ secrets.MAVEN_SIGNING_KEY_ASCII }}
|
||||
ORG_GRADLE_PROJECT_IS_SNAPSHOT: true
|
||||
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: false
|
||||
run: |
|
||||
./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository --no-parallel
|
||||
- name: Collect Artifacts
|
||||
|
|
|
@ -129,8 +129,8 @@ publishing {
|
|||
}
|
||||
|
||||
signing {
|
||||
// Although signing is decoupled from snapshot status, note that Maven Central requires signing for non-snapshots.
|
||||
isRequired = properties["IS_RELEASE_SIGNING_ENABLED"].toString().toBoolean()
|
||||
// Maven Central requires signing for non-snapshots
|
||||
isRequired = !isSnapshot
|
||||
|
||||
val signingKey = run {
|
||||
val base64EncodedKey = project.property("ZCASH_ASCII_GPG_KEY").toString()
|
||||
|
|
|
@ -73,9 +73,9 @@ See [ci.md](ci.md), which describes the continuous integration workflow for depl
|
|||
./gradlew publishKotlinMultiplatformPublicationToMavenLocalRepository --no-parallel
|
||||
```
|
||||
4. Publish via the following command:
|
||||
1. Snapshot: `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=true -PIS_RELEASE_SIGNING_ENABLED=false`
|
||||
1. Snapshot: `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=true`
|
||||
2. Release
|
||||
1. `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=false -PIS_RELEASE_SIGNING_ENABLED=true`
|
||||
1. `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=false`
|
||||
2. Log into the Sonatype portal to complete the process of closing and releasing the repository.
|
||||
|
||||
Note:
|
||||
|
|
|
@ -27,6 +27,5 @@ ZCASH_ASCII_GPG_KEY=
|
|||
|
||||
# Configures whether release is an unstable snapshot, therefore published to the ZCASH_MAVEN_PUBLISH_SNAPSHOT_URL
|
||||
IS_SNAPSHOT=true
|
||||
IS_RELEASE_SIGNING_ENABLED=false
|
||||
|
||||
LIBRARY_VERSION=1.0.3
|
||||
|
|
Loading…
Reference in New Issue