GPG Key import successfully, but "No secret key" when maven deploy

[DQinYuan]

Job Url

config:

name: Maven Central Repo Deployment
on:
  release:
    types: [released, prereleased]
jobs:
  publish:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout Git Repo
        uses: actions/checkout@v2
      - name: Set up Maven Central Repo
        uses: actions/setup-java@v4
        with:
          distribution: temurin
          java-version: 8
          server-id: sonatype-nexus-staging
          server-username: 'OSSRH_USER'
          server-password: 'OSSRH_PASSWORD'
          gpg-passphrase:  'MAVEN_GPG_PASSPHRASE'
          gpg-private-key: ${{ secrets.GPG_SECRET }}
      - name: debug settings.xml
        run: cat /home/runner/.m2/settings.xml
      - name: Publish to Maven Central Repo
        run: mvn clean deploy --batch-mode --activate-profiles deploy
        env:
          OSSRH_USER: ${{ secrets.OSSRH_USER }}
          OSSRH_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSWORD }}

gpg private key imported successfully:

Bug maven depoly failed with "No secret key":

[aparnajyothi-y]

Hello @DQinYuan, Thank for creating this issue and we will look into it :)

[DQinYuan]

Is there any progress? I'm still waiting for it to release the new version. We can't solve this problem.

[gowridurgad]

Hi @DQinYuan, The problem you're encountering could be due to the absence of a GPG key in the environment where your action is being executed. Here's how you can fix it:

1.If you haven't done so already, generate a GPG key and export the private key to a file. Execute these commands to accomplish that:

gpg --gen-key # Complete the prompts to generate the key
gpg --export-secret-keys > private.key

2.Add the data from the private.key file to the secrets of your GitHub repository.

[DQinYuan]

Hi @DQinYuan, The problem you're encountering could be due to the absence of a GPG key in the environment where your action is being executed. Here's how you can fix it:

1.If you haven't done so already, generate a GPG key and export the private key to a file. Execute these commands to accomplish that:

gpg --gen-key # Complete the prompts to generate the key
gpg --export-secret-keys > private.key

2.Add the data from the private.key file to the secrets of your GitHub repository.

@gowridurgad I have setted GPG_SECRET 7 months ago

I publish package successfully before updating setup-java to v4.

Successful Job URL

[gowridurgad]

Hi @DQinYuan, After implementing the process detailed in the previous comment, we no longer observe the error in our logs. I have attached a screenshot for your consideration.

Could you please reconfigure the secret by following the steps previously outlined?

To verify the existence of the secret, could you please incorporate the following steps into your workflow file?

 name: Check if secret exists
        run: |
          if [[ -z "${{ secrets.GPG_SECRET }}" ]]; then
            echo "Secret does not exist"
          else
            echo "Secret exists"

[DQinYuan]

@gowridurgad

Job with 'Check if secret exists' step.

Error because of newline in GPG_SECRET.
I think this phenomenon can prove GPG_SECRET's existence.

[DQinYuan]

I later troubleshooted and found that the issue was due to an expired GPG key, which was resolved by renewing it.