spotify · fabriziodemaria · Jul 4, 2025 · Jul 4, 2025 · Jul 4, 2025 · Jul 4, 2025
diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml
@@ -30,6 +30,25 @@ jobs:
       - name: Check out src from Git
         uses: actions/checkout@v4
 
+      - name: Debug - Check environment variables
+        run: |
+          echo "Checking if OSSRH credentials are set:"
+          if [ -n "${{ secrets.OSSRH_USERNAME }}" ]; then
+            echo "OSSRH_USERNAME is set (length: ${#OSSRH_USERNAME})"
+          else
+            echo "OSSRH_USERNAME is NOT set"
+          fi
+          if [ -n "${{ secrets.OSSRH_TOKEN }}" ]; then
+            echo "OSSRH_TOKEN is set (length: ${#OSSRH_TOKEN})"
+          else
+            echo "OSSRH_TOKEN is NOT set"
+          fi
+          if [ -n "${{ secrets.GPG_PRIVATE_KEY }}" ]; then
+            echo "GPG_PRIVATE_KEY is set (length: ${#GPG_PRIVATE_KEY})"
+          else
+            echo "GPG_PRIVATE_KEY is NOT set"
+          fi
+
       - name: Set up JDK 17
         uses: actions/setup-java@v3
         with:
@@ -41,8 +60,16 @@ jobs:
           gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Full private key blob
           gpg-passphrase: GPG_PASS
 
+      - name: Debug - Test OSSRH connection
+        run: |
+          echo "Testing connection to Central Publisher Portal..."
+          curl -u "${{ secrets.OSSRH_USERNAME }}:${{ secrets.OSSRH_TOKEN }}" \
+               -H "Accept: application/json" \
+               https://ossrh-staging-api.central.sonatype.com/api/v1/user \
+               || echo "Failed to connect to Central Publisher Portal"
+
       - name: Deploy with Maven
-        run: mvn --batch-mode clean deploy
+        run: mvn --batch-mode clean deploy -X
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
@@ -58,6 +85,25 @@ jobs:
         with:
           ref: ${{ needs.release-please.outputs.release_tag_name }}
 
+      - name: Debug - Check environment variables
+        run: |
+          echo "Checking if OSSRH credentials are set:"
+          if [ -n "${{ secrets.OSSRH_USERNAME }}" ]; then
+            echo "OSSRH_USERNAME is set (length: ${#OSSRH_USERNAME})"
+          else
+            echo "OSSRH_USERNAME is NOT set"
+          fi
+          if [ -n "${{ secrets.OSSRH_TOKEN }}" ]; then
+            echo "OSSRH_TOKEN is set (length: ${#OSSRH_TOKEN})"
+          else
+            echo "OSSRH_TOKEN is NOT set"
+          fi
+          if [ -n "${{ secrets.GPG_PRIVATE_KEY }}" ]; then
+            echo "GPG_PRIVATE_KEY is set (length: ${#GPG_PRIVATE_KEY})"
+          else
+            echo "GPG_PRIVATE_KEY is NOT set"
+          fi
+
       - name: Set up JDK 17
         uses: actions/setup-java@v3
         with:
@@ -69,8 +115,16 @@ jobs:
           gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Full private key blob
           gpg-passphrase: GPG_PASS
 
+      - name: Debug - Test OSSRH connection
+        run: |
+          echo "Testing connection to Central Publisher Portal..."
+          curl -u "${{ secrets.OSSRH_USERNAME }}:${{ secrets.OSSRH_TOKEN }}" \
+               -H "Accept: application/json" \
+               https://ossrh-staging-api.central.sonatype.com/api/v1/user \
+               || echo "Failed to connect to Central Publisher Portal"
+
       - name: Deploy with Maven
-        run: mvn --batch-mode clean deploy
+        run: mvn --batch-mode clean deploy -X
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}

diff --git a/.github/workflows/test-osrh-token.yaml b/.github/workflows/test-osrh-token.yaml
@@ -0,0 +1,66 @@
+name: Test OSSRH Token Validity
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '.github/workflows/test-osrh-token.yaml'
+
+jobs:
+  test-token:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Test OSSRH Token
+        run: |
+          echo "Testing Central Publisher Portal token validity..."
+
+          # Test basic authentication with Central Portal API
+          echo "1. Testing basic authentication..."
+          auth_response=$(curl -s -w "%{http_code}" -u "${{ secrets.OSSRH_USERNAME_2 }}:${{ secrets.OSSRH_TOKEN_2 }}" \
+               -H "Accept: application/json" \
+               https://ossrh-staging-api.central.sonatype.com/api/v1/user)
+
+          auth_http_code="${auth_response: -3}"
+          auth_body="${auth_response%???}"
+
+          echo "Authentication HTTP Status: $auth_http_code"
+
+          if [ "$auth_http_code" = "200" ]; then
+            echo "✅ Token is valid - authentication successful"
+            echo "User profile: $auth_body"
+          elif [ "$auth_http_code" = "401" ]; then
+            echo "❌ Token is invalid or expired (401 Unauthorized)"
+            echo "Please regenerate your Central Portal token"
+            exit 1
+          elif [ "$auth_http_code" = "403" ]; then
+            echo "❌ Token is valid but lacks permissions (403 Forbidden)"
+            echo "Check your Central Portal account permissions"
+            exit 1
+          else
+            echo "❌ Unexpected response: HTTP $auth_http_code"
+            echo "Response: $auth_body"
+            exit 1
+          fi
+
+          # Test staging access with Central Portal API
+          echo ""
+          echo "2. Testing staging repository access..."
+          staging_response=$(curl -s -w "%{http_code}" -u "${{ secrets.OSSRH_USERNAME_2 }}:${{ secrets.OSSRH_TOKEN_2 }}" \
+               -H "Accept: application/json" \
+               https://ossrh-staging-api.central.sonatype.com/api/v1/staging/profiles)
+
+          staging_http_code="${staging_response: -3}"
+          staging_body="${staging_response%???}"
+
+          echo "Staging HTTP Status: $staging_http_code"
+
+          if [ "$staging_http_code" = "200" ]; then
+            echo "✅ Staging repository access successful"
+            echo "Available profiles: $staging_body"
+          else
+            echo "❌ Staging repository access failed: HTTP $staging_http_code"
+            echo "Response: $staging_body"
+          fi
+
+          echo ""
+          echo "Token validation complete!" 
diff --git a/pom.xml b/pom.xml
@@ -10,11 +10,11 @@
   <distributionManagement>
     <snapshotRepository>
       <id>ossrh</id>
-      <url>https://oss.sonatype.org/content/repositories/snapshots</url>
+      <url>https://ossrh-staging-api.central.sonatype.com/content/repositories/snapshots</url>
     </snapshotRepository>
     <repository>
       <id>ossrh</id>
-      <url>https://oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+      <url>https://ossrh-staging-api.central.sonatype.com/service/local/staging/deploy/maven2/</url>
     </repository>
   </distributionManagement>