zec
/
kotlin-bip39
mirror of https://github.com/zcash/kotlin-bip39.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

[#52] Fix signing maven publications 

- Remove `IS_RELEASE_SIGNING_ENABLED` as it didn’t do what was expected.  It just made signing optional and didn’t toggle signing off.
 - Removed passing signing key for snapshot deployments in deployment
 - Pass signing key for maven local deployment for release deployment
This commit is contained in:
Carter Jernigan 2022-07-26 12:54:07 -04:00 committed by Carter Jernigan
parent c39fbb2b1d
commit 23278b9c96
5 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/deploy-release.yml vendored
View File

@ -63,7 +63,7 @@ jobs:
timeout-minutes: 25
env:
ORG_GRADLE_PROJECT_IS_SNAPSHOT: false
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: true
ORG_GRADLE_PROJECT_ZCASH_ASCII_GPG_KEY: ${{ secrets.MAVEN_SIGNING_KEY_ASCII }}
run: |
./gradlew publishKotlinMultiplatformPublicationToMavenLocalRepository --no-parallel
- name: Deploy to Maven Central
@ -73,7 +73,6 @@ jobs:
ORG_GRADLE_PROJECT_ZCASH_MAVEN_PUBLISH_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
ORG_GRADLE_PROJECT_ZCASH_ASCII_GPG_KEY: ${{ secrets.MAVEN_SIGNING_KEY_ASCII }}
ORG_GRADLE_PROJECT_IS_SNAPSHOT: false
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: true
run: |
./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository --no-parallel
- name: Collect Artifacts

3
.github/workflows/deploy-snapshot.yml vendored
View File

@ -72,7 +72,6 @@ jobs:
timeout-minutes: 25
env:
ORG_GRADLE_PROJECT_IS_SNAPSHOT: true
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: false
run: |
./gradlew publishKotlinMultiplatformPublicationToMavenLocalRepository --no-parallel
- name: Deploy to Maven Central
@ -80,9 +79,7 @@ jobs:
env:
ORG_GRADLE_PROJECT_ZCASH_MAVEN_PUBLISH_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
ORG_GRADLE_PROJECT_ZCASH_MAVEN_PUBLISH_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
ORG_GRADLE_PROJECT_ZCASH_ASCII_GPG_KEY: ${{ secrets.MAVEN_SIGNING_KEY_ASCII }}
ORG_GRADLE_PROJECT_IS_SNAPSHOT: true
ORG_GRADLE_PROJECT_IS_RELEASE_SIGNING_ENABLED: false
run: |
./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository --no-parallel
- name: Collect Artifacts

4
bip39-lib/build.gradle.kts
View File

@ -129,8 +129,8 @@ publishing {
}
signing {
// Although signing is decoupled from snapshot status, note that Maven Central requires signing for non-snapshots.
isRequired = properties["IS_RELEASE_SIGNING_ENABLED"].toString().toBoolean()
// Maven Central requires signing for non-snapshots
isRequired = !isSnapshot
val signingKey = run {
val base64EncodedKey = project.property("ZCASH_ASCII_GPG_KEY").toString()

4
docs/PUBLISHING.md
View File

@ -73,9 +73,9 @@ See [ci.md](ci.md), which describes the continuous integration workflow for depl
./gradlew publishKotlinMultiplatformPublicationToMavenLocalRepository --no-parallel
```
4. Publish via the following command:
1. Snapshot: `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=true -PIS_RELEASE_SIGNING_ENABLED=false`
1. Snapshot: `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=true`
2. Release
1. `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=false -PIS_RELEASE_SIGNING_ENABLED=true`
1. `./gradlew publishKotlinMultiplatformPublicationToMavenCentralRepository -PIS_SNAPSHOT=false`
2. Log into the Sonatype portal to complete the process of closing and releasing the repository.
Note:

1
gradle.properties
View File

@ -27,6 +27,5 @@ ZCASH_ASCII_GPG_KEY=
# Configures whether release is an unstable snapshot, therefore published to the ZCASH_MAVEN_PUBLISH_SNAPSHOT_URL
IS_SNAPSHOT=true
IS_RELEASE_SIGNING_ENABLED=false
LIBRARY_VERSION=1.0.3