publish-snapshot.yml

name: Publish package to Sonatype OSS Snapshots
on:
  workflow_run:
    workflows: [CI Build]
    types: [completed]
    branches: [main]
jobs:
  publish-snapshot:
    runs-on: ubuntu-latest
    if: ${{ github.event.workflow_run.conclusion == 'success' }}
    steps:
      - uses: actions/checkout@v4
      - uses: actions/setup-java@v3
        with:
          java-version: '11'
          distribution: 'temurin'
          cache: 'gradle'
      - uses: gradle/wrapper-validation-action@v1
      - name: Publish maproulette-java-client
        env:
          SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
          SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
          # These three GPG vars are required to create the signed *.asc files used to validate each artifact
          GPG_KEY_LOCATION: ${{ secrets.GPG_KEY_LOCATION }}
          GPG_KEY_ID: ${{ secrets.GPG_KEY_ID }}
          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
        run: |
          ./gradlew build
          ./gradlew publish \
            -PpublishSnapshot=true \
            -Psigning.secretKeyRingFile=${GPG_KEY_LOCATION} \
            -Psigning.keyId=${GPG_KEY_ID} \
            -Psigning.password=${GPG_PASSPHRASE}