Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add notes about maven extra configuration and gpg key. #122

Merged
merged 3 commits into from Feb 15, 2021
Merged

Add notes about maven extra configuration and gpg key. #122

Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
661c4c1
update docs to notes about maven and gpg
dmitry-shibanov Feb 12, 2021
719bcb4
resolve comments
dmitry-shibanov Feb 12, 2021
4d656d0
work on resolving comments
dmitry-shibanov Feb 15, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
23 changes: 22 additions & 1 deletion README.md
View file
Open in desktop
Expand Up @@ -85,6 +85,23 @@ jobs:
```

## Publishing using Apache Maven

### Extra setup for pom.xml:

Maven GPG Plugin configuration in pom.xml file should contain the following structure to avoid possible issues like `Inappropriate ioctl for device` or `gpg: signing failed: No such file or directory`:
dmitry-shibanov marked this conversation as resolved.
Show resolved Hide resolved

```
dmitry-shibanov marked this conversation as resolved.
Show resolved Hide resolved
<configuration>
<!-- Prevent gpg from using pinentry programs -->
<gpgArguments>
<arg>--pinentry-mode</arg>
<arg>loopback</arg>
</gpgArguments>
</configuration>
```
GPG 2.1 requires `--pinentry-mode` to be set to `loopback` in order to pick up `gpg.passphrase` value defined in Maven `settings.xml`
dmitry-shibanov marked this conversation as resolved.
Show resolved Hide resolved

### Yaml example:
```yaml
jobs:
build:
Expand Down Expand Up @@ -164,10 +181,14 @@ The two `settings.xml` files created from the above example look like the follow
</settings>
```

***NOTE: The `settings.xml` file is created in the Actions $HOME directory. If you have an existing `settings.xml` file at that location, it will be overwritten. See below for using the `settings-path` to change your `settings.xml` file location.***
***NOTE: The `settings.xml` file is created in the Actions $HOME/.m2 directory. If you have an existing `settings.xml` file at that location, it will be overwritten. See below for using the `settings-path` to change your `settings.xml` file location.***

### GPG

If `gpg-private-key` input is provided, the private key will be written to a file in the runner's temp directory, the private key file will be imported into the GPG keychain, and then the file will be promptly removed before proceeding with the rest of the setup process. A cleanup step will remove the imported private key from the GPG keychain after the job completes regardless of the job status. This ensures that the private key is no longer accessible on self-hosted runners and cannot "leak" between jobs (hosted runners are always clean instances).

**GPG key should be imported by: `gpg --armor --export-secret-keys YOUR_ID`**

See the help docs on [Publishing a Package](https://help.github.com/en/github/managing-packages-with-github-packages/configuring-apache-maven-for-use-with-github-packages#publishing-a-package) for more information on the `pom.xml` file.

## Publishing using Gradle
Expand Down