cap-java · sjvans · Jul 4, 2025 · Jul 3, 2025 · Jul 3, 2025 · Jul 3, 2025
diff --git a/.github/actions/deploy-release/action.yml b/.github/actions/deploy-release/action.yml
@@ -8,9 +8,6 @@ inputs:
   password:
     description: "The password used for the upload (technical user for maven central upload)"
     required: true
-  profile:
-    description: "The profile id"
-    required: true
   pgp-pub-key:
     description: "The public pgp key ID"
     required: true
@@ -33,7 +30,6 @@ runs:
     - name: Echo Inputs
       run: |
         echo "user: ${{ inputs.user }}"
-        echo "profile: ${{ inputs.profile }}"
         echo "revision: ${{ inputs.revision }}"
       shell: bash
 
@@ -43,7 +39,7 @@ runs:
         distribution: sapmachine
         java-version: '17'
         cache: maven
-        server-id: ossrh
+        server-id: central
         server-username: MAVEN_CENTRAL_USER
         server-password: MAVEN_CENTRAL_PASSWORD
 
@@ -59,36 +55,17 @@ runs:
       env:
         PASSPHRASE: ${{ inputs.pgp-passphrase }}
 
-    - name: Deploy Locally
+    - name: Deploy to Maven Central
       run: >
-        mvn -B -ntp -fae --show-version
-        -Durl=file:./temp_local_repo
+        mvn -B -ntp --show-version
         -Dmaven.install.skip=true
         -Dmaven.test.skip=true
         -Dgpg.passphrase="$GPG_PASSPHRASE"
         -Dgpg.keyname="$GPG_PUB_KEY"
-        -Drevision="${{ inputs.revision }}"
-        deploy
-      working-directory: ./deploy-oss
+        clean deploy
       shell: bash
       env:
         MAVEN_CENTRAL_USER: ${{ inputs.user }}
         MAVEN_CENTRAL_PASSWORD: ${{ inputs.password }}
         GPG_PASSPHRASE: ${{ inputs.pgp-passphrase }}
         GPG_PUB_KEY: ${{ inputs.pgp-pub-key }}
-
-    - name: Deploy Staging
-      run: >
-        mvn -B -ntp -fae --show-version
-        org.sonatype.plugins:nexus-staging-maven-plugin:1.6.13:deploy-staged-repository
-        -DserverId=ossrh
-        -DnexusUrl=https://oss.sonatype.org
-        -DrepositoryDirectory=./temp_local_repo
-        -DstagingProfileId="$MAVEN_CENTRAL_PROFILE_ID"
-        -Drevision="${{ inputs.revision }}"
-      working-directory: ./deploy-oss
-      shell: bash
-      env:
-        MAVEN_CENTRAL_USER: ${{ inputs.user }}
-        MAVEN_CENTRAL_PASSWORD: ${{ inputs.password }}
-        MAVEN_CENTRAL_PROFILE_ID: ${{ inputs.profile }}
diff --git a/.github/actions/deploy/action.yml b/.github/actions/deploy/action.yml
diff --git a/.github/actions/newrelease/action.yml b/.github/actions/newrelease/action.yml
@@ -30,7 +30,7 @@ runs:
         mvn --no-transfer-progress versions:set-property -Dproperty=revision -DnewVersion=$VERSION
         git config --global user.name 'github-actions[bot]'
         git config --global user.email 'github-actions[bot]@users.noreply.github.com'
-        git checkout -b main
+        git checkout -B main
         git commit -am "Update version to $VERSION"
         git push --set-upstream origin main
-      shell: bash
+      shell: bash
diff --git a/.github/workflows/main-build-and-deploy-oss.yml b/.github/workflows/main-build-and-deploy-oss.yml
@@ -1,4 +1,4 @@
-name: Deploy to OSS
+name: Deploy to Maven Central
 
 env:
   JAVA_VERSION: '17'
@@ -9,35 +9,35 @@ on:
     types: [ "released" ]
 
 jobs:
+  blackduck:
+    name: Blackduck Scan
+    runs-on: ubuntu-latest
+    timeout-minutes: 15
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
 
-  # blackduck:
-  #   name: "Blackduck Scan"
-  #   runs-on: ubuntu-latest
-  #   timeout-minutes: 15
-  #   steps:
-  #     - name: Checkout
-  #       uses: actions/checkout@v4
-  #     - name: "Scan With Black Duck"
-  #       uses: ./.github/actions/scan-with-blackduck
-  #       with:
-  #         blackduck_token: ${{ secrets.BLACK_DUCK_TOKEN }}
-  #         github_token: ${{ secrets.GITHUB_TOKEN }}
-  #         maven-version: ${{ env.MAVEN_VERSION }}
+      - name: Scan With Black Duck
+        uses: ./.github/actions/scan-with-blackduck
+        with:
+          blackduck_token: ${{ secrets.BLACK_DUCK_TOKEN }}
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          maven-version: ${{ env.MAVEN_VERSION }}
 
   update-version:
+    name: Update Version
     runs-on: ubuntu-latest
-    # needs: blackduck
     steps:
       - name: Checkout
         uses: actions/checkout@v4
-        #with:
-        #  token: ${{ secrets.GH_TOKEN }}
+        with:
+          token: ${{ secrets.GH_TOKEN }}
 
-      #- name: Update version
-      #  uses: ./.github/actions/newrelease
-      #  with:
-      #    java-version: ${{ env.JAVA_VERSION }}
-      #    maven-version: ${{ env.MAVEN_VERSION }}
+      - name: Update version
+        uses: ./.github/actions/newrelease
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          maven-version: ${{ env.MAVEN_VERSION }}
 
       - name: Upload Changed Artifacts
         uses: actions/upload-artifact@v4
@@ -48,6 +48,7 @@ jobs:
           retention-days: 1
 
   build:
+    name: Build and Sonar Scan
     runs-on: ubuntu-latest
     needs: update-version
     steps:
@@ -62,13 +63,13 @@ jobs:
           java-version: ${{ env.JAVA_VERSION }}
           maven-version: ${{ env.MAVEN_VERSION }}
 
-      #- name: SonarQube Scan
-      #  uses: ./.github/actions/scan-with-sonar
-      #  with:
-      #    java-version: ${{ env.JAVA_VERSION }}
-      #    maven-version: ${{ env.MAVEN_VERSION }}
-      #    sonarq-token: ${{ secrets.SONARQ_TOKEN }}
-      #    github-token: ${{ secrets.GITHUB_TOKEN }}
+      - name: Sonar Scan
+        uses: ./.github/actions/scan-with-sonar
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          maven-version: ${{ env.MAVEN_VERSION }}
+          sonarq-token: ${{ secrets.SONARQ_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Upload Changed Artifacts
         uses: actions/upload-artifact@v4
@@ -81,7 +82,7 @@ jobs:
   deploy:
     name: Deploy to Maven Central
     runs-on: ubuntu-latest
-    needs: build
+    needs: [blackduck, build]
     steps:
       - name: Download artifact
         uses: actions/download-artifact@v4
@@ -91,9 +92,8 @@ jobs:
       - name: Deploy
         uses: ./.github/actions/deploy-release
         with:
-          user: ${{ secrets.OSSRH_SONATYPE_ORG_API_USER }}
-          password: ${{ secrets.OSSRH_SONATYPE_ORG_API_PASSWD }}
-          profile: ${{ secrets.OSSRH_SONATYPE_ORG_PROFILE_ID }}
+          user: ${{ secrets.CENTRAL_REPOSITORY_USER }}
+          password: ${{ secrets.CENTRAL_REPOSITORY_PASS }}
           pgp-pub-key: ${{ secrets.PGP_PUBKEY_ID }}
           pgp-private-key: ${{ secrets.PGP_PRIVATE_KEY }}
           pgp-passphrase: ${{ secrets.PGP_PASSPHRASE }}

diff --git a/.github/workflows/main-build-and-deploy.yml b/.github/workflows/main-build-and-deploy.yml