diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
index 8449dec..0c9ff0b 100644
--- a/.github/workflows/release-please.yml
+++ b/.github/workflows/release-please.yml
@@ -99,16 +99,39 @@ jobs:
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
+ - name: Construct Maven settings file
+ run: |
+ cat > /tmp/maven_settings.xml <<'EOF'
+
+
+
+
+ central
+ ${{ secrets.MAVEN_CENTRAL_USERNAME }}
+ ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+
+
+
+ EOF
+
+ - name: Write GPG key and passphrase to files
+ run: |
+ echo "${{ secrets.GPG_PRIVATE_KEY }}" > /tmp/gpg_private_key.asc
+ echo "${{ secrets.SIGN_KEY_PASS }}" > /tmp/gpg_pass.txt
+
- name: Publish Java package with Docker
uses: docker/build-push-action@v6
with:
context: .
target: openfeature-provider-java.publish
cache-from: type=registry,ref=ghcr.io/${{ github.repository }}/cache:main
- secrets: |
- "maven_settings=${{ secrets.MAVEN_SETTINGS }}"
- gpg_private_key=${{ secrets.GPG_PRIVATE_KEY }}
- gpg_pass=${{ secrets.SIGN_KEY_PASS }}
+ secret-files: |
+ maven_settings=/tmp/maven_settings.xml
+ gpg_private_key=/tmp/gpg_private_key.asc
+ gpg_pass=/tmp/gpg_pass.txt
publish-js-provider-release:
needs: release
diff --git a/Dockerfile b/Dockerfile
index 4ac12d1..ac8fb70 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.4
+# syntax=docker/dockerfile:1
# ==============================================================================
# Base image with Rust toolchain (Alpine - more reliable than Debian)
@@ -490,14 +490,12 @@ RUN make build
# ==============================================================================
FROM openfeature-provider-java.build AS openfeature-provider-java.publish
-# Import GPG private key and deploy to Maven Central
-RUN --mount=type=secret,id=maven_settings,target=/root/.m2/settings.xml \
- --mount=type=secret,id=gpg_private_key \
- --mount=type=secret,id=gpg_pass \
- # Import GPG key
- cat /run/secrets/gpg_private_key | gpg --batch --import && \
- # Deploy to Maven Central
- mvn -Dgpg.passphrase="$(cat /run/secrets/gpg_pass)" --batch-mode deploy
+RUN --mount=type=secret,id=gpg_private_key \
+ gpg --batch --import /run/secrets/gpg_private_key
+
+RUN --mount=type=secret,id=maven_settings \
+ --mount=type=secret,id=gpg_pass,env=MAVEN_GPG_PASSPHRASE \
+ mvn -q -s /run/secrets/maven_settings --batch-mode deploy
# ==============================================================================
# All - Build and validate everything (default target)
diff --git a/openfeature-provider/java/Makefile b/openfeature-provider/java/Makefile
index a911b17..dbb3d1d 100644
--- a/openfeature-provider/java/Makefile
+++ b/openfeature-provider/java/Makefile
@@ -24,7 +24,7 @@ $(RESOURCES_WASM): $(LOCAL_WASM)
@cp -p $(LOCAL_WASM) $@
$(BUILD_STAMP): pom.xml $(RESOURCES_WASM) $(SRC)
- mvn package -DskipTests
+ mvn -q package -DskipTests
@touch $@
build: $(BUILD_STAMP)
diff --git a/openfeature-provider/java/pom.xml b/openfeature-provider/java/pom.xml
index 1627600..fea833b 100644
--- a/openfeature-provider/java/pom.xml
+++ b/openfeature-provider/java/pom.xml
@@ -356,14 +356,8 @@
org.apache.maven.plugins
maven-gpg-plugin
- 3.1.0
-
-
- --pinentry-mode
- loopback
- --no-tty
-
-
+ 3.2.8
+
sign-artifacts