Issue 56/publish snapshots central (#57)

* Issue #56 - Publish SNAPSHOTs to Maven Central, not TBD Artifactory * Issue #56 - Update to new org secret name * publishing: add tailing slash to ossrh-snapshots URL * Fix the user token in GH Actions org secrets - must be tied to the correct Sonatype server Align with URLs from https://central.sonatype.org/publish/publish-guide/#accessing-repositories --------- Co-authored-by: finn <fherzfeld@tbd.email>
block · Dec 15, 2024 · 5f68a14 · 5f68a14
1 parent 3528730
commit 5f68a14
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 47 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -95,17 +95,13 @@ jobs:
             --batch-mode \
             -DnewVersion=${{ steps.resolve_version.outputs.resolved_version }}
 
-          set +x
-          GITHUB_ID_TOKEN="$(curl -sLS -H "User-Agent: actions/oidc-client" -H "Authorization: Bearer $ACTIONS_ID_TOKEN_REQUEST_TOKEN" "${ACTIONS_ID_TOKEN_REQUEST_URL}&audience=jfrog-github" | jq -r .value)"
-          export ARTIFACTORY_PASSWORD="$(curl -fsH "Content-Type: application/json" "https://blockxyz.jfrog.io/access/api/v1/oidc/token" -d "{\"grant_type\": \"urn:ietf:params:oauth:grant-type:token-exchange\", \"subject_token_type\":\"urn:ietf:params:oauth:token-type:id_token\", \"subject_token\": \"${GITHUB_ID_TOKEN}\", \"provider_name\": \"github\"}" | jq -r .access_token)"
-          export ARTIFACTORY_USERNAME="github/${GITHUB_ACTOR}"
-          set -x
-
           # Maven deploy lifecycle will build, run tests, verify, sign, and deploy
-          mvn deploy --batch-mode --settings .maven_settings.xml -P sign-artifacts
+          mvn deploy --batch-mode --settings .maven_settings.xml -P sign-artifacts,ossrh
         env:
           SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }}
           SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }}
+          SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME_XYZ_BLOCK }}
+          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD_XYZ_BLOCK }}
 
       - name: Upload coverage reports to Codecov
         uses: codecov/codecov-action@v5

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -75,8 +75,8 @@ jobs:
         env:
           SIGN_KEY_PASS: ${{ secrets.GPG_SECRET_PASSPHRASE }}
           SIGN_KEY: ${{ secrets.GPG_SECRET_KEY }}
-          SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
-          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
+          SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME_XYZ_BLOCK }}
+          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD_XYZ_BLOCK }}
 
       - name: Create GitHub Release
         uses: softprops/action-gh-release@v2

diff --git a/.maven_settings.xml b/.maven_settings.xml
@@ -1,25 +1,5 @@
 <settings>
   <servers>
-    <server>
-      <id>block-oss-releases</id>
-      <username>${env.ARTIFACTORY_USERNAME}</username>
-      <password>${env.ARTIFACTORY_PASSWORD}</password>
-    </server>
-    <server>
-      <id>block-oss-snapshots</id>
-      <username>${env.ARTIFACTORY_USERNAME}</username>
-      <password>${env.ARTIFACTORY_PASSWORD}</password>
-    </server>
-    <server>
-      <id>block-oss-releases</id>
-      <username>${env.ARTIFACTORY_USERNAME}</username>
-      <password>${env.ARTIFACTORY_PASSWORD}</password>
-    </server>
-    <server>
-      <id>block-oss-snapshots</id>
-      <username>${env.ARTIFACTORY_USERNAME}</username>
-      <password>${env.ARTIFACTORY_PASSWORD}</password>
-    </server>
     <server>
       <id>ossrh-snapshots</id>
       <username>${env.SONATYPE_USERNAME}</username>

diff --git a/pom.xml b/pom.xml
@@ -449,7 +449,7 @@
       <distributionManagement>
         <snapshotRepository>
           <id>ossrh-snapshots</id>
-          <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
+          <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
         </snapshotRepository>
         <!-- Sonatype's OSSRH - replicates to Maven Central within 30min of publish -->
         <repository>
@@ -460,23 +460,6 @@
     </profile>
   </profiles>
 
-  <distributionManagement>
-    <repository>
-      <uniqueVersion>false</uniqueVersion>
-      <id>block-oss-releases</id>
-      <name>Block OSS Releases Repository</name>
-      <url>https://blockxyz.jfrog.io/artifactory/block-oss-releases-maven2</url>
-      <layout>default</layout>
-    </repository>
-    <snapshotRepository>
-      <uniqueVersion>false</uniqueVersion>
-      <id>block-oss-snapshots</id>
-      <name>Block OSS Snapshots Repository</name>
-      <url>https://blockxyz.jfrog.io/artifactory/block-oss-snapshots-maven2</url>
-      <layout>default</layout>
-    </snapshotRepository>
-  </distributionManagement>
-
   <repositories>
     <repository>
       <id>block-oss-thirdparty</id>