Skip to content

Commit dab3848

Browse files
makingmaking
authored
Fix ci.yaml
1 parent 88971b5 commit dab3848

File tree

1 file changed

+20
-22
lines changed

1 file changed

+20
-22
lines changed

.github/workflows/ci.yaml

Lines changed: 20 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -9,14 +9,13 @@ on:
99
- src/**
1010
- pom.xml
1111
- .github/workflows/ci.yaml
12-
pull_request_target:
12+
pull_request:
1313
branches:
1414
- develop
1515
- main
1616
paths:
1717
- src/**
1818
- pom.xml
19-
- .github/workflows/ci.yaml
2019
jobs:
2120
build:
2221
runs-on: ubuntu-latest
@@ -27,29 +26,13 @@ jobs:
2726
id-token: write
2827
contents: read
2928
steps:
30-
- uses: actions/checkout@v3
31-
- name: Import Secrets
32-
id: secrets
33-
uses: hashicorp/[email protected]
34-
with:
35-
exportToken: true
36-
exportEnv: true
37-
method: jwt
38-
url: ${{ secrets.VAULT_ADDR }}
39-
role: cicd
40-
secrets: |
41-
kv/data/cicd/sonatype username | SONATYPE_USERNAME ;
42-
kv/data/cicd/sonatype password | SONATYPE_PASSWORD ;
43-
kv/data/cicd/gpg secring | GPG_SECRING ;
44-
kv/data/cicd/gpg passphrase | GPG_PASSPHRASE ;
45-
- name: Set up JDK
46-
uses: actions/setup-java@v3
29+
- uses: actions/checkout@v4
30+
- name: Set up JDK 17
31+
uses: actions/setup-java@v4
4732
with:
4833
java-version: ${{ matrix.java }}
4934
distribution: 'liberica'
5035
cache: maven
51-
gpg-private-key: ${{ steps.secrets.outputs.GPG_SECRING }}
52-
gpg-passphrase: ${{ steps.secrets.outputs.GPG_PASSPHRASE }}
5336
- name: Unit Tests
5437
if: (github.ref != 'refs/heads/develop' && github.ref != 'refs/heads/main') || !startsWith(env.JAVA_HOME, '/opt/hostedtoolcache/Java_Liberica_jdk/8')
5538
run: ./mvnw -V test --no-transfer-progress
@@ -61,6 +44,21 @@ jobs:
6144
if: (github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main') && startsWith(env.JAVA_HOME, '/opt/hostedtoolcache/Java_Liberica_jdk/8')
6245
run: |
6346
./mvnw -V javadoc:jar --no-transfer-progress
47+
- name: Import Secrets
48+
if: (github.ref == 'refs/heads/develop' || github.ref == 'refs/heads/main') && startsWith(env.JAVA_HOME, '/opt/hostedtoolcache/Java_Liberica_jdk/8')
49+
id: secrets
50+
uses: hashicorp/[email protected]
51+
with:
52+
exportToken: true
53+
exportEnv: true
54+
method: jwt
55+
url: ${{ secrets.VAULT_ADDR }}
56+
role: cicd
57+
secrets: |
58+
kv/data/cicd/sonatype username | SONATYPE_USERNAME ;
59+
kv/data/cicd/sonatype password | SONATYPE_PASSWORD ;
60+
kv/data/cicd/gpg secring | GPG_SECRING ;
61+
kv/data/cicd/gpg passphrase | GPG_PASSPHRASE ;
6462
- name: Deploy to sonatype-snapshots
6563
if: github.ref == 'refs/heads/develop' && startsWith(env.JAVA_HOME, '/opt/hostedtoolcache/Java_Liberica_jdk/8')
6664
run: |
@@ -112,4 +110,4 @@ jobs:
112110
- name: Revoke token
113111
if: always()
114112
run: |
115-
curl -X POST -s -H "X-Vault-Token: ${VAULT_TOKEN}" ${{ secrets.VAULT_ADDR }}/v1/auth/token/revoke-self
113+
curl -X POST -s -H "X-Vault-Token: ${VAULT_TOKEN}" ${{ secrets.VAULT_ADDR }}/v1/auth/token/revoke-self || true

0 commit comments

Comments
 (0)