Skip to content
Maven Package

Update get-certificate.yml #69

Sign in to view logs

Update get-certificate.yml

Update get-certificate.yml #69

Workflow file for this run

.github/workflows/maven-publish.yml at dbfb63d
# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
# For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path
name: Maven Package
env:
# Setting environment variables with values of secrets (organisation wide)
SOURCEFORGE_USERNAME: ${{ secrets.SOURCEFORGE_USERNAME }}
SOURCEFORGE_PASSWORD: ${{ secrets.SOURCEFORGE_PASSWORD }}
COSIGN_EXPERIMENTAL: "true"
COSIGN_YES: "true"
on:
push:
branches:
- master
jobs:
build:
runs-on: ubuntu-latest
permissions:
contents: read
packages: write
id-token: write
steps:
- name: Checkout source code
uses: actions/checkout@v3
- name: Install cosign
uses: sigstore/cosign-installer@main
- name: Generate keyless certificate
run:
touch dummy.txt
&& cosign generate-key-pair
&& cosign sign-blob dummy.txt --yes --output-certificate cosign.crt.base64 --output-signature cosign.sig
&& base64 --decode cosign.crt.base64 > cosign.crt
&& openssl x509 -in cosign.crt -out cosign.pem
&& openssl x509 -text -noout -in cosign.pem
- name: Set up JDK
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
server-id: github # Value of the distributionManagement/repository/id field of the pom.xml
settings-path: ${{ github.workspace }} # location for the settings.xml file
- name: Create Java keystore
run:
keytool -import -trustcacerts -alias violetumleditor -file cosign.pem -keystore cosign.jks -storepass violetumleditor -noprompt
&& keytool -v -list -keystore cosign.jks -storepass violetumleditor -noprompt
- name: Build and publish to GitHub Packages Apache Maven and Sourceforge.net
run: mvn -B package deploy -s $GITHUB_WORKSPACE/settings.xml
env:
GITHUB_TOKEN: ${{ github.token }}