java-sdk/.github/workflows/release.yml

# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
# This workflow will build a package using Gradle and then publish it to GitHub packages when a release is created
# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#Publishing-using-gradle

# maven deploy commands via via https://tech.clevertap.com/automate-releases-to-maven-central-via-github-actions/

name: Release

on:
  release:
    types: [created]

jobs:
  build:

    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
    - uses: actions/checkout@v3
    - name: Set up JDK 8
      uses: actions/setup-java@v3
      with:
        java-version: '8'
        distribution: 'temurin'
        cache: maven
        server-id: ossrh
        server-username: ${{ secrets.OSSRH_USERNAME }}
        server-password: ${{ secrets.OSSRH_PASSWORD }}

    - name: Configure GPG Key
      run: |
        echo -n "$GPG_SIGNING_KEY" | base64 --decode | gpg --import        
      env:
        GPG_SIGNING_KEY: ${{ secrets.GPG_SIGNING_KEY }}

    - name: Build with Maven
      run: mvn --batch-mode --update-snapshots verify -Dversion.modifier=''

    - name: Upload coverage to Codecov
      uses: codecov/codecov-action@v2
      with:
        flags: unittests # optional
        name: coverage # optional
        fail_ci_if_error: true # optional (default = false)
        verbose: true # optional (default = false)
    - name: Deploy
      run: |
        mvn -P gpg_verify \
          --no-transfer-progress \
          --batch-mode \
          --file pom.xml -s release/m2-settings.xml verify deploy -Dversion.modifier=''        
      env:
        OSSRH_USERNAME: ${{ secrets.OSSRH_USERNAME }}
        OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}