diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml index 3276febc..4fc24786 100644 --- a/.github/workflows/release-please.yaml +++ b/.github/workflows/release-please.yaml @@ -30,6 +30,25 @@ jobs: - name: Check out src from Git uses: actions/checkout@v4 + - name: Debug - Check environment variables + run: | + echo "Checking if OSSRH credentials are set:" + if [ -n "${{ secrets.OSSRH_USERNAME }}" ]; then + echo "OSSRH_USERNAME is set (length: ${#OSSRH_USERNAME})" + else + echo "OSSRH_USERNAME is NOT set" + fi + if [ -n "${{ secrets.OSSRH_TOKEN }}" ]; then + echo "OSSRH_TOKEN is set (length: ${#OSSRH_TOKEN})" + else + echo "OSSRH_TOKEN is NOT set" + fi + if [ -n "${{ secrets.GPG_PRIVATE_KEY }}" ]; then + echo "GPG_PRIVATE_KEY is set (length: ${#GPG_PRIVATE_KEY})" + else + echo "GPG_PRIVATE_KEY is NOT set" + fi + - name: Set up JDK 17 uses: actions/setup-java@v3 with: @@ -41,8 +60,16 @@ jobs: gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Full private key blob gpg-passphrase: GPG_PASS + - name: Debug - Test OSSRH connection + run: | + echo "Testing connection to Central Publisher Portal..." + curl -u "${{ secrets.OSSRH_USERNAME }}:${{ secrets.OSSRH_TOKEN }}" \ + -H "Accept: application/json" \ + https://ossrh-staging-api.central.sonatype.com/api/v1/user \ + || echo "Failed to connect to Central Publisher Portal" + - name: Deploy with Maven - run: mvn --batch-mode clean deploy + run: mvn --batch-mode clean deploy -X env: MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} @@ -58,6 +85,25 @@ jobs: with: ref: ${{ needs.release-please.outputs.release_tag_name }} + - name: Debug - Check environment variables + run: | + echo "Checking if OSSRH credentials are set:" + if [ -n "${{ secrets.OSSRH_USERNAME }}" ]; then + echo "OSSRH_USERNAME is set (length: ${#OSSRH_USERNAME})" + else + echo "OSSRH_USERNAME is NOT set" + fi + if [ -n "${{ secrets.OSSRH_TOKEN }}" ]; then + echo "OSSRH_TOKEN is set (length: ${#OSSRH_TOKEN})" + else + echo "OSSRH_TOKEN is NOT set" + fi + if [ -n "${{ secrets.GPG_PRIVATE_KEY }}" ]; then + echo "GPG_PRIVATE_KEY is set (length: ${#GPG_PRIVATE_KEY})" + else + echo "GPG_PRIVATE_KEY is NOT set" + fi + - name: Set up JDK 17 uses: actions/setup-java@v3 with: @@ -69,8 +115,16 @@ jobs: gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Full private key blob gpg-passphrase: GPG_PASS + - name: Debug - Test OSSRH connection + run: | + echo "Testing connection to Central Publisher Portal..." + curl -u "${{ secrets.OSSRH_USERNAME }}:${{ secrets.OSSRH_TOKEN }}" \ + -H "Accept: application/json" \ + https://ossrh-staging-api.central.sonatype.com/api/v1/user \ + || echo "Failed to connect to Central Publisher Portal" + - name: Deploy with Maven - run: mvn --batch-mode clean deploy + run: mvn --batch-mode clean deploy -X env: MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} diff --git a/.github/workflows/test-osrh-token.yaml b/.github/workflows/test-osrh-token.yaml new file mode 100644 index 00000000..d1f84321 --- /dev/null +++ b/.github/workflows/test-osrh-token.yaml @@ -0,0 +1,66 @@ +name: Test OSSRH Token Validity +on: + pull_request: + branches: + - main + paths: + - '.github/workflows/test-osrh-token.yaml' + +jobs: + test-token: + runs-on: ubuntu-latest + steps: + - name: Test OSSRH Token + run: | + echo "Testing Central Publisher Portal token validity..." + + # Test basic authentication with Central Portal API + echo "1. Testing basic authentication..." + auth_response=$(curl -s -w "%{http_code}" -u "${{ secrets.OSSRH_USERNAME_2 }}:${{ secrets.OSSRH_TOKEN_2 }}" \ + -H "Accept: application/json" \ + https://ossrh-staging-api.central.sonatype.com/api/v1/user) + + auth_http_code="${auth_response: -3}" + auth_body="${auth_response%???}" + + echo "Authentication HTTP Status: $auth_http_code" + + if [ "$auth_http_code" = "200" ]; then + echo "✅ Token is valid - authentication successful" + echo "User profile: $auth_body" + elif [ "$auth_http_code" = "401" ]; then + echo "❌ Token is invalid or expired (401 Unauthorized)" + echo "Please regenerate your Central Portal token" + exit 1 + elif [ "$auth_http_code" = "403" ]; then + echo "❌ Token is valid but lacks permissions (403 Forbidden)" + echo "Check your Central Portal account permissions" + exit 1 + else + echo "❌ Unexpected response: HTTP $auth_http_code" + echo "Response: $auth_body" + exit 1 + fi + + # Test staging access with Central Portal API + echo "" + echo "2. Testing staging repository access..." + staging_response=$(curl -s -w "%{http_code}" -u "${{ secrets.OSSRH_USERNAME_2 }}:${{ secrets.OSSRH_TOKEN_2 }}" \ + -H "Accept: application/json" \ + https://ossrh-staging-api.central.sonatype.com/api/v1/staging/profiles) + + staging_http_code="${staging_response: -3}" + staging_body="${staging_response%???}" + + echo "Staging HTTP Status: $staging_http_code" + + if [ "$staging_http_code" = "200" ]; then + echo "✅ Staging repository access successful" + echo "Available profiles: $staging_body" + else + echo "❌ Staging repository access failed: HTTP $staging_http_code" + echo "Response: $staging_body" + fi + + echo "" + echo "Token validation complete!" \ No newline at end of file diff --git a/pom.xml b/pom.xml index 408d144f..beaeb8c8 100644 --- a/pom.xml +++ b/pom.xml @@ -10,11 +10,11 @@ ossrh - https://oss.sonatype.org/content/repositories/snapshots + https://ossrh-staging-api.central.sonatype.com/content/repositories/snapshots ossrh - https://oss.sonatype.org/service/local/staging/deploy/maven2/ + https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/