Skip to content

feat: Use Sonatype Central Portal for snapshots (OSSRH deprecated) #1

feat: Use Sonatype Central Portal for snapshots (OSSRH deprecated)

feat: Use Sonatype Central Portal for snapshots (OSSRH deprecated) #1

name: Deploy Snapshot to Central Portal
env:
JAVA_VERSION: '17'
on:
# Manual trigger
workflow_dispatch:
inputs:
sign_artifacts:
description: 'Sign artifacts with GPG'
required: false
default: 'true'
type: choice
options:
- 'true'
- 'false'
# TEMP: For testing - remove after merge
push:
branches:
- feature/ossrh-snapshot-deployment
# Optionally trigger on push to develop (uncomment if desired)
# push:
# branches:
# - develop
# paths:
# - 'sdm/src/**'
# - 'pom.xml'
# - 'sdm/pom.xml'
permissions:
contents: read
packages: read
jobs:
verify-snapshot:
runs-on: ubuntu-latest
outputs:
is_snapshot: ${{ steps.check.outputs.is_snapshot }}
version: ${{ steps.check.outputs.version }}
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ env.JAVA_VERSION }}
cache: maven
- name: Check version is SNAPSHOT
id: check
run: |
VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)
echo "version=$VERSION" >> $GITHUB_OUTPUT
if [[ "$VERSION" == *-SNAPSHOT ]]; then
echo "is_snapshot=true" >> $GITHUB_OUTPUT
echo "✅ Version $VERSION is a SNAPSHOT"
else
echo "is_snapshot=false" >> $GITHUB_OUTPUT
echo "❌ Version $VERSION is NOT a SNAPSHOT - deployment will be skipped"
fi
build:
runs-on: ubuntu-latest
needs: verify-snapshot
if: needs.verify-snapshot.outputs.is_snapshot == 'true'
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Set up Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: ${{ env.JAVA_VERSION }}
cache: maven
- name: Build
run: |
echo "🔨 Building SNAPSHOT version: ${{ needs.verify-snapshot.outputs.version }}"
mvn clean install -P unit-tests -DskipIntegrationTests
echo "✅ Build completed successfully!"
- name: Upload build artifacts
uses: actions/upload-artifact@v6
with:
name: snapshot-build
path: .
include-hidden-files: true
retention-days: 1
deploy:
name: Deploy Snapshot to Central Portal
runs-on: ubuntu-latest
needs: [verify-snapshot, build]
if: needs.verify-snapshot.outputs.is_snapshot == 'true'
steps:
- name: Download artifact
uses: actions/download-artifact@v7
with:
name: snapshot-build
- name: Deploy Snapshot (with GPG signing)
if: github.event.inputs.sign_artifacts != 'false' && github.event_name == 'workflow_dispatch'
uses: ./.github/actions/deploy-central-snapshot
with:
user: ${{ secrets.CENTRAL_REPOSITORY_USER }}
password: ${{ secrets.CENTRAL_REPOSITORY_PASS }}
pgp-pub-key: ${{ secrets.PGP_PUB_KEY }}
pgp-private-key: ${{ secrets.PGP_PRIVATE_KEY }}
pgp-passphrase: ${{ secrets.PGP_PASSPHRASE }}
- name: Deploy Snapshot (without GPG signing)
if: github.event.inputs.sign_artifacts == 'false' || github.event_name != 'workflow_dispatch'
uses: ./.github/actions/deploy-central-snapshot
with:
user: ${{ secrets.CENTRAL_REPOSITORY_USER }}
password: ${{ secrets.CENTRAL_REPOSITORY_PASS }}
- name: Summary
run: |
echo "## 🚀 Snapshot Deployed to Central Portal" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Version:** ${{ needs.verify-snapshot.outputs.version }}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Repository:** https://central.sonatype.com/repository/maven-snapshots/" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "### Usage" >> $GITHUB_STEP_SUMMARY
echo '```xml' >> $GITHUB_STEP_SUMMARY
echo '<repositories>' >> $GITHUB_STEP_SUMMARY
echo ' <repository>' >> $GITHUB_STEP_SUMMARY
echo ' <id>central-snapshots</id>' >> $GITHUB_STEP_SUMMARY
echo ' <url>https://central.sonatype.com/repository/maven-snapshots/</url>' >> $GITHUB_STEP_SUMMARY
echo ' <snapshots><enabled>true</enabled></snapshots>' >> $GITHUB_STEP_SUMMARY
echo ' </repository>' >> $GITHUB_STEP_SUMMARY
echo '</repositories>' >> $GITHUB_STEP_SUMMARY
echo '```' >> $GITHUB_STEP_SUMMARY