DEV-199: revert publish workflow to GitHub Packages only

.github/workflows/publish.yaml

@@ -1,4 +1,4 @@
-name: Publish to sonatype and GH-packages
+name: Publish to GitHub Packages
 
 on:
   pull_request:
@@ -9,32 +9,70 @@ on:
   workflow_dispatch:
 
 jobs:
-  publish:
+  publish-github:
     if: |
       github.event_name == 'workflow_dispatch' ||
       (
         github.event_name == 'pull_request' &&
         github.event.pull_request.merged == true &&
         startsWith(github.event.pull_request.head.ref, 'release/')
       )
-    uses: rees46/workflow/.github/workflows/reusable-android-publish.yaml@master
+    runs-on: ubuntu-latest
     permissions: write-all
-    with:
-      appId: ${{ vars.PUBLISHER_ID }}
-      PROPERTIES_FILE: gradle.properties
-      SIGNING_SECRET_KEY_RING_FILE: com.rees46.key.gpg
-      SIGNING_SECRET_KEY_RING_FILE_LOCATION: ./personalization-sdk
-      OSSRH_USERNAME: ${{ vars.OSSRH_USERNAME }}
-      VARIANT_NAME: ${{ vars.REES_VARIANT_NAME }}
-      URL: ${{ vars.REES_REPO_URL }}
-      MAVEN_REPOSITORY_URL: ${{ vars.REES_MAVEN_URL }}
-      GRADLE_VERSION: 8.8
-    secrets:
-      appSecret: ${{ secrets.PUBLISHER_SECRET }}
-      SONATA_STAGING_PROFILE_ID: ${{ secrets.SONATA_STAGING_PROFILE_ID }}
-      SONATA_USERNAME: ${{ secrets.SONATA_USERNAME }}
-      SONATA_PASSWORD: ${{ secrets.SONATA_PASSWORD }}
-      OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
-      SIGNING_KEY_ID: ${{ secrets.SIGNING_KEY_ID }}
-      SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}
-      SIGNING_KEY_FILE_AS_BASE64_STRING: ${{ secrets.SIGNING_KEY_FILE_AS_BASE64_STRING }}
+    steps:
+      - name: Generate GitHub App token
+        id: app-token
+        uses: actions/create-github-app-token@v1
+        with:
+          app-id: ${{ vars.PUBLISHER_ID }}
+          private-key: ${{ secrets.PUBLISHER_SECRET }}
+
+      - name: Checkout
+        uses: actions/checkout@v5
+        with:
+          fetch-depth: 0
+          token: ${{ steps.app-token.outputs.token }}
+
+      - name: Set up Java
+        uses: actions/setup-java@v4
+        with:
+          java-version: 22
+          distribution: 'zulu'
+
+      - name: Set up Gradle
+        uses: gradle/actions/setup-gradle@v3
+        with:
+          gradle-version: 8.8
+
+      - name: Decode signing key file
+        uses: timheuer/base64-to-file@v1.2
+        with:
+          fileName: com.rees46.key.gpg
+          fileDir: ./personalization-sdk
+          encodedString: ${{ secrets.SIGNING_KEY_FILE_AS_BASE64_STRING }}
+
+      - name: Configure gradle.properties for GitHub Packages
+        run: |
+          echo "github=true" >> gradle.properties
+          # Use the same OSSRH credentials that were used before (GitHub credentials)
+          echo "ossrhUsername=${{ secrets.OSSRH_USERNAME }}" >> gradle.properties
+          echo "ossrhPassword=${{ secrets.OSSRH_PASSWORD }}" >> gradle.properties
+          echo "signing_keyId=${{ secrets.SIGNING_KEY_ID }}" >> gradle.properties
+          echo "signing_password=${{ secrets.SIGNING_PASSWORD }}" >> gradle.properties
+          echo "signing_secretKeyRingFile=com.rees46.key.gpg" >> gradle.properties
+          echo "variantName=${{ vars.REES_VARIANT_NAME }}" >> gradle.properties
+          echo "url=${{ vars.REES_REPO_URL }}" >> gradle.properties
+          echo "publishUrl=https://maven.pkg.github.com/${{ github.repository }}" >> gradle.properties
+
+          ESCAPED_KEY=$(echo "${{ secrets.SIGNING_KEY_FILE_AS_BASE64_STRING }}" | awk '{printf "%s\\n", $0}' | tr -d '\n')
+          echo "signing_key=$ESCAPED_KEY" >> gradle.properties
+
+          echo "Updated gradle.properties for GitHub Packages"
+
+      - name: Clean
+        run: ./gradlew clean
+
+      - name: Publish to GitHub Packages
+        env:
+          GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
+        run: ./gradlew publishToGitHubPackages