Publish to Maven #42

	name: Publish to Maven
	on:
	workflow_dispatch:

	jobs:
	publish-java:
	environment: prod
	runs-on: ubuntu-latest

	defaults:
	run:
	working-directory: ./sdk/java/core

	steps:
	- name: Get the source code
	uses: actions/checkout@v3

	- name: Set up Java 11
	uses: actions/setup-java@v2
	with:
	java-version: '11'
	distribution: 'adopt'

	- name: Validate Gradle wrapper
	uses: gradle/wrapper-validation-action@e6e38bacfdf1a337459f332974bb2327a31aaf4b

	- name: Retrieve secrets from KSM
	id: ksmsecrets
	uses: Keeper-Security/ksm-action@v1
	with:
	keeper-secret-config: ${{ secrets.KSM_ARTIFACT_JAVA_APP_CONFIG }}
	secrets: \|
	zOVOneDczofWFlfizjC5Qw/file/90A46CD1-private-key.asc > file:/tmp/signing_secret_key_ring_file.asc
	zOVOneDczofWFlfizjC5Qw/custom_field/signing.keyId > env:SIGNING_KEY_ID
	zOVOneDczofWFlfizjC5Qw/custom_field/signing.password > env:SIGNING_PASSWORD
	zOVOneDczofWFlfizjC5Qw/custom_field/ossrhUsername > env:OSSRH_USERNAME
	zOVOneDczofWFlfizjC5Qw/custom_field/ossrhPassword > env:OSSRH_PASSWORD

	- name: Publish package
	env:
	SIGNING_SECRET_KEY_RING_FILE: /tmp/signing_secret_key_ring_file.asc
	run: gradle publishMavenJavaPublicationToSonatypeRepository

Provide feedback