From 907119c3e86ea2b122d828251b8efa450fd346eb Mon Sep 17 00:00:00 2001 From: xyzcancer Date: Mon, 1 Dec 2025 16:03:57 +0400 Subject: [PATCH] DEV-199: revert publish workflow to GitHub Packages only --- .github/workflows/publish.yaml | 82 +++++++++++++++++++++++++--------- 1 file changed, 60 insertions(+), 22 deletions(-) diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index ce596d61..f34a4799 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -1,4 +1,4 @@ -name: Publish to sonatype and GH-packages +name: Publish to GitHub Packages on: pull_request: @@ -9,7 +9,7 @@ on: workflow_dispatch: jobs: - publish: + publish-github: if: | github.event_name == 'workflow_dispatch' || ( @@ -17,24 +17,62 @@ jobs: github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'release/') ) - uses: rees46/workflow/.github/workflows/reusable-android-publish.yaml@master + runs-on: ubuntu-latest permissions: write-all - with: - appId: ${{ vars.PUBLISHER_ID }} - PROPERTIES_FILE: gradle.properties - SIGNING_SECRET_KEY_RING_FILE: com.rees46.key.gpg - SIGNING_SECRET_KEY_RING_FILE_LOCATION: ./personalization-sdk - OSSRH_USERNAME: ${{ vars.OSSRH_USERNAME }} - VARIANT_NAME: ${{ vars.REES_VARIANT_NAME }} - URL: ${{ vars.REES_REPO_URL }} - MAVEN_REPOSITORY_URL: ${{ vars.REES_MAVEN_URL }} - GRADLE_VERSION: 8.8 - secrets: - appSecret: ${{ secrets.PUBLISHER_SECRET }} - SONATA_STAGING_PROFILE_ID: ${{ secrets.SONATA_STAGING_PROFILE_ID }} - SONATA_USERNAME: ${{ secrets.SONATA_USERNAME }} - SONATA_PASSWORD: ${{ secrets.SONATA_PASSWORD }} - OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} - SIGNING_KEY_ID: ${{ secrets.SIGNING_KEY_ID }} - SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }} - SIGNING_KEY_FILE_AS_BASE64_STRING: ${{ secrets.SIGNING_KEY_FILE_AS_BASE64_STRING }} + steps: + - name: Generate GitHub App token + id: app-token + uses: actions/create-github-app-token@v1 + with: + app-id: ${{ vars.PUBLISHER_ID }} + private-key: ${{ secrets.PUBLISHER_SECRET }} + + - name: Checkout + uses: actions/checkout@v5 + with: + fetch-depth: 0 + token: ${{ steps.app-token.outputs.token }} + + - name: Set up Java + uses: actions/setup-java@v4 + with: + java-version: 22 + distribution: 'zulu' + + - name: Set up Gradle + uses: gradle/actions/setup-gradle@v3 + with: + gradle-version: 8.8 + + - name: Decode signing key file + uses: timheuer/base64-to-file@v1.2 + with: + fileName: com.rees46.key.gpg + fileDir: ./personalization-sdk + encodedString: ${{ secrets.SIGNING_KEY_FILE_AS_BASE64_STRING }} + + - name: Configure gradle.properties for GitHub Packages + run: | + echo "github=true" >> gradle.properties + # Use the same OSSRH credentials that were used before (GitHub credentials) + echo "ossrhUsername=${{ secrets.OSSRH_USERNAME }}" >> gradle.properties + echo "ossrhPassword=${{ secrets.OSSRH_PASSWORD }}" >> gradle.properties + echo "signing_keyId=${{ secrets.SIGNING_KEY_ID }}" >> gradle.properties + echo "signing_password=${{ secrets.SIGNING_PASSWORD }}" >> gradle.properties + echo "signing_secretKeyRingFile=com.rees46.key.gpg" >> gradle.properties + echo "variantName=${{ vars.REES_VARIANT_NAME }}" >> gradle.properties + echo "url=${{ vars.REES_REPO_URL }}" >> gradle.properties + echo "publishUrl=https://maven.pkg.github.com/${{ github.repository }}" >> gradle.properties + + ESCAPED_KEY=$(echo "${{ secrets.SIGNING_KEY_FILE_AS_BASE64_STRING }}" | awk '{printf "%s\\n", $0}' | tr -d '\n') + echo "signing_key=$ESCAPED_KEY" >> gradle.properties + + echo "Updated gradle.properties for GitHub Packages" + + - name: Clean + run: ./gradlew clean + + - name: Publish to GitHub Packages + env: + GITHUB_TOKEN: ${{ steps.app-token.outputs.token }} + run: ./gradlew publishToGitHubPackages