diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index b4a65256..d2b2bd06 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -12,12 +12,22 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
+ - name: Set up JDK 21
+ uses: actions/setup-java@v4
+ with:
+ java-version: 21
+ distribution: temurin
- name: Spotless Check
run: ./gradlew spotlessCheck
javadoc:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
+ - name: Set up JDK 21
+ uses: actions/setup-java@v4
+ with:
+ java-version: 21
+ distribution: temurin
- name: Javadoc CheckStyle
run: ./gradlew checkstyleMain
- name: Javadoc Check
@@ -43,6 +53,11 @@ jobs:
needs: [check]
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v4
- - name: Publish to Maven Local
- run: ./gradlew publishToMavenLocal
+ - uses: actions/checkout@v4
+ - name: Set up JDK 21
+ uses: actions/setup-java@v4
+ with:
+ java-version: 21
+ distribution: temurin
+ - name: Publish to Maven Local
+ run: ./gradlew publishToMavenLocal
diff --git a/.github/workflows/publish-snapshots.yml b/.github/workflows/publish-snapshots.yml
index dc0ad97b..3f7314f3 100644
--- a/.github/workflows/publish-snapshots.yml
+++ b/.github/workflows/publish-snapshots.yml
@@ -21,15 +21,19 @@ jobs:
with:
java-version: 21
distribution: temurin
+ - name: Load secret
+ uses: 1password/load-secrets-action@v3
+ with:
+ # Export loaded secrets as environment variables
+ export-env: true
+ env:
+ OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+ MAVEN_SNAPSHOTS_S3_REPO: op://opensearch-infra-secrets/maven-snapshots-s3/repo
+ MAVEN_SNAPSHOTS_S3_ROLE: op://opensearch-infra-secrets/maven-snapshots-s3/role
- name: Configure AWS credentials
- uses: aws-actions/configure-aws-credentials@v4
+ uses: aws-actions/configure-aws-credentials@v5
with:
- role-to-assume: ${{ secrets.PUBLISH_SNAPSHOTS_ROLE }}
+ role-to-assume: ${{ env.MAVEN_SNAPSHOTS_S3_ROLE }}
aws-region: us-east-1
- name: publish snapshots to maven
- run: |
- export SONATYPE_USERNAME=$(aws secretsmanager get-secret-value --secret-id maven-snapshots-username --query SecretString --output text)
- export SONATYPE_PASSWORD=$(aws secretsmanager get-secret-value --secret-id maven-snapshots-password --query SecretString --output text)
- echo "::add-mask::$SONATYPE_USERNAME"
- echo "::add-mask::$SONATYPE_PASSWORD"
- ./gradlew publishMavenJavaPublicationToSnapshotsRepository
+ run: ./gradlew publishMavenJavaPublicationToSnapshotsRepository
diff --git a/CREATE_YOUR_FIRST_EXTENSION.md b/CREATE_YOUR_FIRST_EXTENSION.md
index 8ab0bce4..c414a28e 100644
--- a/CREATE_YOUR_FIRST_EXTENSION.md
+++ b/CREATE_YOUR_FIRST_EXTENSION.md
@@ -27,7 +27,7 @@ In your dependency management, set up a dependency on the OpenSearch SDK for Jav
- Version: `1.0.0-SNAPSHOT` (compatible with OpenSearch 2.x) or `2.0.0-SNAPSHOT` (compatible with OpenSearch 3.x)
At general availability, dependencies will be released to the Central Repository. To use SNAPSHOT versions, add these repositories:
- - OpenSearch SNAPSHOT repository: https://aws.oss.sonatype.org/content/repositories/snapshots/
+ - OpenSearch SNAPSHOT repository: https://ci.opensearch.org/ci/dbc/snapshots/maven/
- Lucene snapshot repository: https://ci.opensearch.org/ci/dbc/snapshots/lucene/
If you use Maven, the following POM entries will work:
@@ -37,7 +37,7 @@ If you use Maven, the following POM entries will work:
opensearch.snapshots
OpenSearch Snapshot Repository
- https://aws.oss.sonatype.org/content/repositories/snapshots/
+ https://ci.opensearch.org/ci/dbc/snapshots/maven/
lucene.snapshots
@@ -60,7 +60,7 @@ For Gradle, specify dependencies as follows:
```groovy
repositories {
mavenCentral()
- maven { url "https://aws.oss.sonatype.org/content/repositories/snapshots/" }
+ maven { url "https://ci.opensearch.org/ci/dbc/snapshots/maven/" }
maven { url "https://ci.opensearch.org/ci/dbc/snapshots/lucene/"}
}
diff --git a/RELEASING.md b/RELEASING.md
index dba83a86..9559f334 100644
--- a/RELEASING.md
+++ b/RELEASING.md
@@ -35,4 +35,4 @@ The release process is standard across repositories in this org and is run by a
5. Increment "version" in [build.gradle](https://github.com/opensearch-project/opensearch-sdk-java/blob/main/build.gradle#L79) to the next iteration, e.g. v1.0.1.
## Snapshot Builds
-The [snapshots builds](https://aws.oss.sonatype.org/content/repositories/snapshots/org/opensearch/sdk/opensearch-sdk-java/) are published to sonatype using [publish-snapshots.yml](./.github/workflows/publish-snapshots.yml) workflow. Each `push` event to the main branch triggers this workflow.
+The [snapshots builds](https://ci.opensearch.org/ci/dbc/snapshots/maven/org/opensearch/sdk/opensearch-sdk-java/) are published to sonatype using [publish-snapshots.yml](./.github/workflows/publish-snapshots.yml) workflow. Each `push` event to the main branch triggers this workflow.
diff --git a/build.gradle b/build.gradle
index b797793f..ff845be4 100644
--- a/build.gradle
+++ b/build.gradle
@@ -27,7 +27,7 @@ buildscript {
repositories {
mavenLocal()
mavenCentral()
- maven { url "https://aws.oss.sonatype.org/content/repositories/snapshots" }
+ maven { url "https://ci.opensearch.org/ci/dbc/snapshots/maven/" }
}
dependencies {
@@ -130,10 +130,11 @@ publishing {
if (version.toString().endsWith("SNAPSHOT")) {
maven {
name = "Snapshots" // optional target repository name
- url = "https://aws.oss.sonatype.org/content/repositories/snapshots"
- credentials {
- username "$System.env.SONATYPE_USERNAME"
- password "$System.env.SONATYPE_PASSWORD"
+ url = System.getenv("MAVEN_SNAPSHOTS_S3_REPO")
+ credentials(AwsCredentials) {
+ accessKey = System.getenv("AWS_ACCESS_KEY_ID")
+ secretKey = System.getenv("AWS_SECRET_ACCESS_KEY")
+ sessionToken = System.getenv("AWS_SESSION_TOKEN")
}
}
}
@@ -156,7 +157,7 @@ javadoc {
repositories {
mavenLocal()
mavenCentral()
- maven { url "https://aws.oss.sonatype.org/content/repositories/snapshots" }
+ maven { url "https://ci.opensearch.org/ci/dbc/snapshots/maven/" }
maven { url "https://ci.opensearch.org/ci/dbc/snapshots/lucene/"}
}