I’m trying to deploy my project over Nexus by defining a workflow on GitHub; I already managed to deploy over GitHub Packages with not too much effort.
However, Nexus requires release artifacts to be signed with a private key in order to be distributed.
I tried to add both my key and its passphrase as secrets to my repository but with no avail: during build process, maven errors with
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:1.6:sign (sign-artifacts) on project ***: Unable to decrypt gpg passphrase: org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException: java.io.FileNotFoundException: /home/runner/.m2/settings-security.xml (No such file or directory) -> [Help 1]
I’m not sure about non-existing
settings-security.xml, since I’m using the Setup Java JDK action and there is no mention of such a file in Maven GPG plugin configuration; looks like this mechanism takes place, however I have no idea how to deal with it in GitHub Actions.
Moreover, since I use two Setup Java SDK actions within my workflow, I have the problem of the clean-up for the second one: since the first one already deletes my private key, the second one fails in doing this and errors the whole workflow.
So, my questions are:
- How do I properly set artifact signing with Setup Java JDK action?
- How do I avoid failing of two subsequent cleanup for the same kind actions?
For reference, here is workflow for my project.