Migrate to Maven Central direct publication

Author: ynojima

.github/workflows/release.yml

@@ -27,11 +27,11 @@ jobs:
         run: |
           ./gradlew build javadoc asciidoc -PfailBuildOnCVSS=4
 
-      - name: Upload to bintray
+      - name: Publish to Maven Central
         env:
-          BINTRAY_USER: ${{ secrets.BINTRAY_USER }}
-          BINTRAY_TOKEN: ${{ secrets.BINTRAY_TOKEN }}
           MAVEN_CENTRAL_USER: ${{ secrets.MAVEN_CENTRAL_USER }}
           MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+          PGP_SIGNING_KEY: ${{ secrets.PGP_SIGNING_KEY }}
+          PGP_SIGNING_KEY_PASSPHRASE: ${{ secrets.PGP_SIGNING_KEY_PASSPHRASE }}
         run: |
-          ./gradlew bintrayUpload
+          ./gradlew publishStandardPublicationToMavenCentralRepository

.github/workflows/snapshot-release.yml

@@ -27,9 +27,11 @@ jobs:
         run: |
           ./gradlew build -PfailBuildOnCVSS=4
 
-      - name: Upload to OSS Snapshot artifactory
+      - name: Publish to oss.sonatype.org snapshot
         env:
-          ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
-          ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+          MAVEN_CENTRAL_USER: ${{ secrets.MAVEN_CENTRAL_USER }}
+          MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+          PGP_SIGNING_KEY: ${{ secrets.PGP_SIGNING_KEY }}
+          PGP_SIGNING_KEY_PASSPHRASE: ${{ secrets.PGP_SIGNING_KEY_PASSPHRASE }}
         run: |
-          ./gradlew artifactoryPublish
+          ./gradlew publishStandardPublicationToSnapshotRepository

build.gradle

@@ -56,9 +56,8 @@ allJavaProjects.addAll(sampleAppProjects);
 configure(webAuthn4JSpringSecurityLibraryProjects) {
     apply plugin: 'java-library'
     apply plugin: 'jacoco'
+    apply plugin: 'signing'
     apply plugin: "maven-publish"
-    apply plugin: 'com.jfrog.bintray'
-    apply plugin: "com.jfrog.artifactory"
 
     javadoc {
         options.charSet = 'UTF-8'
@@ -89,6 +88,10 @@ configure(webAuthn4JSpringSecurityLibraryProjects) {
     apply from: "$rootDir/helper.gradle";
 
     def githubUrl = "https://github.com/webauthn4j/webauthn4j-spring-security"
+    def mavenCentralUser = getVariable('MAVEN_CENTRAL_USER', 'mavenCentralUser')
+    def mavenCentralPassword = getVariable('MAVEN_CENTRAL_PASSWORD', 'mavenCentralPassword')
+    def pgpSigningKey = getVariable('PGP_SIGNING_KEY', 'pgpSigningKey')
+    def pgpSigningKeyPassphrase = getVariable('PGP_SIGNING_KEY_PASSPHRASE', 'pgpSigningKeyPassphrase')
 
     publishing {
         publications {
@@ -138,76 +141,36 @@ configure(webAuthn4JSpringSecurityLibraryProjects) {
                 }
             }
         }
-    }
-
-    def bintrayUser = getVariable('BINTRAY_USER', 'bintrayUser')
-    def bintrayToken = getVariable('BINTRAY_TOKEN', 'bintrayToken')
-    def artifactoryUser = getVariable('ARTIFACTORY_USER', 'artifactoryUser')
-    def artifactoryPassword = getVariable('ARTIFACTORY_PASSWORD', 'artifactoryPassword')
-    def mavenCentralUser = getVariable('MAVEN_CENTRAL_USER', 'mavenCentralUser')
-    def mavenCentralPassword = getVariable('MAVEN_CENTRAL_PASSWORD', 'mavenCentralPassword')
 
-    task bintrayGpgSign(){
-        group = "publishing"
-        doLast{
-            signArtifactsOnBintray(bintrayUser, bintrayToken);
-        }
-    }
-
-    task bintrayMavenCentralSync(){
-        group = "publishing"
-        doLast{
-            syncMavenCentralToBintray(bintrayUser, bintrayToken);
-        }
-    }
-
-    artifactory {
-        contextUrl = 'http://oss.jfrog.org/artifactory/simple/'
-        publish {
-            repository {
-                repoKey = 'oss-snapshot-local' // The Artifactory repository key to publish to
-                username = artifactoryUser
-                password = artifactoryPassword
+        repositories {
+            maven {
+                name = "mavenCentral"
+                url = "https://oss.sonatype.org/service/local/staging/deploy/maven2"
+                credentials {
+                    username = "${mavenCentralUser}"
+                    password = "${mavenCentralPassword}"
+                }
             }
-            defaults {
-                publications('standard')
+            maven {
+                name = "snapshot"
+                url = "https://oss.sonatype.org/content/repositories/snapshots"
+                credentials {
+                    username = "${mavenCentralUser}"
+                    password = "${mavenCentralPassword}"
+                }
             }
         }
     }
 
-    artifactoryPublish {
-        skip = !"${webAuthn4JSpringSecurityVersion}".endsWith("-SNAPSHOT") // Publish only when it is SNAPSHOT release
+    signing {
+        useInMemoryPgpKeys(pgpSigningKey, pgpSigningKeyPassphrase)
+        sign publishing.publications.standard
     }
 
-    bintray {
-        user = bintrayUser
-        key = bintrayToken
-        configurations = ['archives']
-        publish = true
-        dryRun = !("${webAuthn4JSpringSecurityVersion}".endsWith(".RELEASE")) // Publish only when it is RELEASE release
-        publications = ['standard']
-        pkg {
-            userOrg = "webauthn4j"
-            repo = "webauthn4j"
-            name = project.name
-            desc = project.description
-            licenses = ['Apache-2.0']
-            vcsUrl = githubUrl
-            version {
-                name = "${webAuthn4JSpringSecurityVersion}"
-                released = new Date()
-                vcsTag = "${webAuthn4JSpringSecurityVersion}"
-                gpg {
-                    sign = true
-                }
-                //Optional configuration for Maven Central sync of the version
-                mavenCentralSync {
-                    user = mavenCentralUser
-                    password = mavenCentralPassword
-                }
-            }
-        }
-    }
+    publishStandardPublicationToSnapshotRepository.onlyIf { webauthn4jSpringSecurityVersion.endsWith("-SNAPSHOT") }
+    publishStandardPublicationToMavenCentralRepository.onlyIf { !webauthn4jSpringSecurityVersion.endsWith("-SNAPSHOT") }
+
+
 }
 
 configure(sampleAppProjects) {

gradle.properties

@@ -16,4 +16,3 @@
 webAuthn4JSpringSecurityVersion=0.7.1-SNAPSHOT
 latestReleasedWebAuthn4JSpringSecurityVersion=0.7.0.RELEASE
 asciidoctorVersion='1.5.6'
-