Introduction
Currently, I’m trying to contribute on a GitHub Action that automatically publishes a java library.
The branch where I’m developing: https://github.com/MathieuSoysal/Java-maven-library-publisher/tree/2-add-automated-tests
The yaml code of the Action :
name: Java maven library publisher
author: "Mathieu Soysal (@MathieuSoysal)"
description: "Build automatically Java Maven library and publish it to GitHub Packages and Maven Central."
branding:
icon: "package"
color: "gray-dark"
inputs:
nexus-username:
description: "Nexus username"
required: true
nexus-password:
description: "Nexus password"
required: true
gpg-private-key:
description: "GPG private key"
required: true
gpg-passphrase:
description: "GPG passphrase"
required: true
github-token:
description: "GitHub token"
required: true
# Java version to use
java-version:
description: "Java version to use"
required: true
default: "17"
# Library version
library-version:
description: "Library version"
required: false
default: ""
runs:
using: "composite"
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Set up JDK 17 for deploy to OSSRH
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: ${{ inputs.java-version }}
server-id: ossrh
server-username: ${{ inputs.nexus-username }}
server-password: ${{ inputs.nexus-password }}
gpg-private-key: ${{ inputs.gpg-private-key }}
gpg-passphrase: ${{ inputs.gpg-passphrase }}
- name: Build with Maven
run: mvn -B package --file pom.xml
shell: bash
- name: Update package version
if: ${{ inputs.library-version != '' }}
run: mvn versions:set -DnewVersion=${{ inputs.library-version }}
shell: bash
- name: Prepare Maven environnement with Java 17 for deployment to OSSRH
run: export MAVEN_OPTS="--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
shell: bash
- name: Publish to Apache Maven Central
run: mvn deploy -PossrhDeploy
shell: bash
env:
MAVEN_USERNAME: ${{ inputs.nexus-username }}
MAVEN_CENTRAL_TOKEN: ${{ inputs.nexus-password }}
MAVEN_GPG_PASSPHRASE: ${{ inputs.gpg-passphrase }}
- name: Set up JDK 17 for deploy to github packages
uses: actions/setup-java@v3
with:
distribution: "adopt"
java-version: ${{ inputs.java-version }}
server-id: github
- name: Publish to GitHub Packages Apache Maven
run: mvn deploy -PgithubDeploy
shell: bash
env:
GITHUB_TOKEN: ${{ inputs.github-token }}
link to the code: https://github.com/MathieuSoysal/Java-maven-library-publisher/blob/2-add-automated-tests/action.yaml
The workflow that execute the Action:
name: Test Actions
on: [push]
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Maven Library build and publish
uses: ./
with:
nexus-username: ${{ secrets.NEXUS_USERNAME }}
nexus-password: ${{ secrets.NEXUS_PASSWORD }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
library-version: $GITHUB_RUN_NUMBER
github-token: ${{ secrets.GITHUB_TOKEN }}
java-version: 17
Link to the code: https://github.com/MathieuSoysal/Java-maven-library-publisher/blob/2-add-automated-tests/.github/workflows/test-action.yml
Problem
When i’m trying to execute the action I obtain this error:
Getting action download info
Download action repository 'actions/setup-java@v3' (SHA:c3ac5dd0ed8db40fedb61c32fbe677e6b355e94c)
Run ./
Run actions/checkout@v3
Syncing repository: ***/Java-maven-library-publisher
Getting Git version info
Temporarily overriding HOME='/home/runner/work/_temp/45376e45-02aa-4aa5-b536-5f744f7e10d3' before making global git config changes
Adding repository directory to the temporary git global config as a safe directory
/usr/bin/git config --global --add safe.directory /home/runner/work/Java-maven-library-publisher/Java-maven-library-publisher
/usr/bin/git config --local --get remote.origin.url
https://github.com/***/Java-maven-library-publisher
Removing previously created refs, to avoid conflicts
Cleaning the repository
Disabling automatic garbage collection
Setting up auth
Fetching the repository
Determining the checkout info
Checking out the ref
/usr/bin/git log -1 --format='%H'
'0e8da131bf626b218ddccbd08a661c7921dfb8da'
Run actions/setup-java@v3
Installed distributions
Creating settings.xml with server-id: ossrh
Writing to /home/runner/.m2/settings.xml
Importing private gpg key
Error: The process '/usr/bin/gpg' failed with exit code 2
Question
Someone know how we can fix this The process '/usr/bin/gpg' failed with exit code 2
for actions/setup-java@v3 ?
3
Answers
GPG is asking whether you want to continue on with the encryption using an unsigned key. There for the issue is with the signing. In usage from terminal adding these switches would be sufficient:
--yes
and--always-trust
In our case though, you might want to try adding it as env variable like so:
actions/setup-java
is tricky here:So it’s not actual passphrase, it’s env var name that holds it. Very counter intuitive IMO.
So you need to remove this
and add this
Can you make sure GPG private key is in the correct format. The key should be in the ASCII Armored format, which can be done by running the following command:
Once the key is in the correct format, add it as an input variable in the Action and pass it to the action in the workflow.