Open kwin opened 3 years ago
kwin
commented
3 years ago Some references
kwin
commented
3 years ago I would suggest creating a new PGP keypair for code signing and placing it as organisation secret together with the passphrase. Alternatively it has to be placed as repository secret in both https://github.com/Adobe-Consulting-Services/acs-aem-commons/settings/secrets/actions and https://github.com/Adobe-Consulting-Services/acs-aem-tools/settings/secrets/actions. In addition a new OSSRH account which is not bound to a particular user would be good to allow to deploy to OSSRH Maven repository. Those credentials need to be available as Org/Repo secrets as well. @davidjgonzalez Can you take care of creating those, publishing the public PGP key to the necessary keyservers and create a new OSSRH account which has write access to the group id of acs-aem-commons and acs-aem-tools?
Releases currently require quite some manual steps outlined at https://github.com/Adobe-Consulting-Services/acs-aem-commons/blob/master/RELEASING.md and in particual personal OSSRH credentials which need to have deploy rights for group id
com.adobe.acs. Also the javadoc should be automatically uploaded to https://adobe-consulting-services.github.io/acs-aem-commons/apidocs/ (which is very outdated right now).The release should be automated with GH actions as well and a repo secret should be used for the OSSRH deploy credentials. As repo/organization secrets are not exposed by GitHub, storing it there should be fairly safe.
That would allow to release more often, with less effort and allow more people to perform the release (everyone with write access to the repo)
Open issues: