Publishing maven package GitHub action is failing

[davidgamez]

Description

The update-release-assets GitHub action failed in the last 6.0.0 release. It looks like the 1password key was changed and its reference is not invalid.

https://github.com/MobilityData/gtfs-validator/actions/runs/11521874673/job/32076491158

As a recommendation, we should add the 1password reference as a GitHub environment variable to avoid changing the action code when keys are re-generated/updated.

[jcpitre]

I believe the entry to use from 1password is:

• Vault: TECH: Keys & Tokens
• Entry: GPG Key - Maven/Sonatype

And here are the new values of the variables in publish_assets.yml:

• MAVEN_GPG_PRIVATE_KEY: "op://rbiv7rvkkrsdlpcrz3bmv7nmcu/dkkfywvsr3xq6eyeubq6cldaxi/Private Key"
• MAVEN_GPG_PASSPHRASE: "op://rbiv7rvkkrsdlpcrz3bmv7nmcu/dkkfywvsr3xq6eyeubq6cldaxi/password"

Which are not the same as the ones we have now.

To be confirmed.

[jcpitre]

I tried publishing from the command line following this , but I got this error: FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':core:publishMavenJavaPublicationToMavenRepository'.
> Failed to publish publication 'mavenJava' to repository 'maven'
   > Could not PUT 'https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/org/mobilitydata/gtfs-validator/gtfs-validator-core/6.0.0/gtfs-validator-core-6.0.0.jar'. Received status code 401 from server: Content access is protected by token

It seems sonatype will not accept username/password any more. It will require tokens. See this

[jcpitre]

Created a token and used it to do the release. Tested and published. The 6.0.0 jars are now available. See the core jar, the model jar and the main jar.

Still need to modify the release code for next time.