mirror of
https://github.com/actions/setup-java
synced 2024-11-14 09:32:40 +00:00
Merge pull request #122 from dmitry-shibanov/update-docs-for-maven-and-gpg
Add notes about maven extra configuration and gpg key.
This commit is contained in:
commit
546dae7e87
1 changed files with 22 additions and 1 deletions
23
README.md
23
README.md
|
@ -85,6 +85,23 @@ jobs:
|
||||||
```
|
```
|
||||||
|
|
||||||
## Publishing using Apache Maven
|
## Publishing using Apache Maven
|
||||||
|
|
||||||
|
### Extra setup for pom.xml:
|
||||||
|
|
||||||
|
The Maven GPG Plugin configuration in the pom.xml file should contain the following structure to avoid possible issues like `Inappropriate ioctl for device` or `gpg: signing failed: No such file or directory`:
|
||||||
|
|
||||||
|
```xml
|
||||||
|
<configuration>
|
||||||
|
<!-- Prevent gpg from using pinentry programs -->
|
||||||
|
<gpgArguments>
|
||||||
|
<arg>--pinentry-mode</arg>
|
||||||
|
<arg>loopback</arg>
|
||||||
|
</gpgArguments>
|
||||||
|
</configuration>
|
||||||
|
```
|
||||||
|
GPG 2.1 requires `--pinentry-mode` to be set to `loopback` in order to pick up the `gpg.passphrase` value defined in Maven `settings.xml`.
|
||||||
|
|
||||||
|
### Yaml example:
|
||||||
```yaml
|
```yaml
|
||||||
jobs:
|
jobs:
|
||||||
build:
|
build:
|
||||||
|
@ -164,10 +181,14 @@ The two `settings.xml` files created from the above example look like the follow
|
||||||
</settings>
|
</settings>
|
||||||
```
|
```
|
||||||
|
|
||||||
***NOTE: The `settings.xml` file is created in the Actions $HOME directory. If you have an existing `settings.xml` file at that location, it will be overwritten. See below for using the `settings-path` to change your `settings.xml` file location.***
|
***NOTE: The `settings.xml` file is created in the Actions $HOME/.m2 directory. If you have an existing `settings.xml` file at that location, it will be overwritten. See below for using the `settings-path` to change your `settings.xml` file location.***
|
||||||
|
|
||||||
|
### GPG
|
||||||
|
|
||||||
If `gpg-private-key` input is provided, the private key will be written to a file in the runner's temp directory, the private key file will be imported into the GPG keychain, and then the file will be promptly removed before proceeding with the rest of the setup process. A cleanup step will remove the imported private key from the GPG keychain after the job completes regardless of the job status. This ensures that the private key is no longer accessible on self-hosted runners and cannot "leak" between jobs (hosted runners are always clean instances).
|
If `gpg-private-key` input is provided, the private key will be written to a file in the runner's temp directory, the private key file will be imported into the GPG keychain, and then the file will be promptly removed before proceeding with the rest of the setup process. A cleanup step will remove the imported private key from the GPG keychain after the job completes regardless of the job status. This ensures that the private key is no longer accessible on self-hosted runners and cannot "leak" between jobs (hosted runners are always clean instances).
|
||||||
|
|
||||||
|
**GPG key should be imported by: `gpg --armor --export-secret-keys YOUR_ID`**
|
||||||
|
|
||||||
See the help docs on [Publishing a Package](https://help.github.com/en/github/managing-packages-with-github-packages/configuring-apache-maven-for-use-with-github-packages#publishing-a-package) for more information on the `pom.xml` file.
|
See the help docs on [Publishing a Package](https://help.github.com/en/github/managing-packages-with-github-packages/configuring-apache-maven-for-use-with-github-packages#publishing-a-package) for more information on the `pom.xml` file.
|
||||||
|
|
||||||
## Publishing using Gradle
|
## Publishing using Gradle
|
||||||
|
|
Loading…
Reference in a new issue