search

arktekk / sbt-aether-deploy

Deploy SBT artifacts using Maven Artifact Resolver (formerly Eclipse Aether)
Other
84 stars 31 forks source link

Switch publishing to CI #72

Open arashi01 opened 1 year ago

arashi01 commented 1 year ago

Quick take at solving issues like #71 by switching publishing to CI.

With this setup, every tag starting with v will be deployed to Sonatype automatically.

For it to work, a number of Github Secrets will need to be added as specified below.

For the GPG key, I would personally create another key specifically used for CI publishing, to avoid exposing your existing key to any possible vulnerabilities.

Secrets needed:
PUBLISH_USER Sonatype OSS Username (ideally should use information from a user token generated in Sonatype UI for security)
PUBLISH_USER_PASSPHRASE Sonatype OSS User Passphrase (ideally should use information from a user token generated in Sonatype UI for security)
GPG_SIGNING_KEY_ID GPG Signing Key Hex ID (obtainable by running gpg --list-keys --keyid-format=long)
GPG_SIGNING_KEY GPG Signing Key text (obtainable by running gpg --export-secret-keys --armour %GPG_KEY_ID%)
GPG_SIGNING_KEY_PASSPHRASE GPG Signing Key Passphrase (as created when generating gpg key)
arashi01 commented 1 year ago

@hamnis Let me know your thoughts.

hamnis commented 1 year ago

Thanks for this.

We are limited to the jdk version which maven uses. If maven > jdk8 then we must use that. Its probably doubtful that maven will swich jdk target within a major release.

I am also somewhat skeptical to use old jdk versions for building. If you need to make sure we use only jdk-libraries that are on jdk-8, we can use the -release 8 compiler flag with a new jdk.

hamnis commented 1 year ago

With regards to jdk8, I have fixed that in master. If you want to rebase this branch on top of master, that would be great.