ci: prepare the release workflow

[missedone]

No description provided.

[rr-nick-tan]

@cbeust could you create the above four secrets at the testng-team github org level?

[rr-nick-tan]

fixes #1 , #81

[juherr]

@krmahadevan could you try with your credentials?

[krmahadevan]

@krmahadevan could you try with your credentials?

@juherr - I didn't get you. What do you want me to try with my credentials ?

[juherr]

@krmahadevan add secrets in order to publish artifacts. I think your credentials will work.

[krmahadevan]

@juherr - I am searching for my credentials. Not sure where I have saved them after I lost all data on my Hard drive. Please give me sometime on this.

[krmahadevan]

@juherr - I managed to finally find the credentials and I have added them to the repo settings

[juherr]

@missedone could you check if it is working?

[missedone]

@krmahadevan thanks for updating the secrets, however the snapshot publishing failed:
https://github.com/testng-team/testng-remote/runs/6045933404?check_suite_focus=true

could you double check set the gpg secrets with the instruction here https://github.com/samuelmeuli/action-maven-publish#secrets

[krmahadevan]

@missedone - I have setup the keys once again, just to rule out any manual errors and it still throws the same error.

I looked at the latest raw logs https://pipelines.actions.githubusercontent.com/serviceHosts/14024220-b483-4fbd-97de-92f0294e671b/_apis/pipelines/1/runs/52/signedlogcontent/2?urlExpires=2022-04-22T04%3A32%3A13.4714860Z&urlSigningMethod=HMACV1&urlSignature=EJWacww9NlYboBLWpI61N6ebEi7fbgtOBhZHTpbPOSM%3D

I see the below lines

2022-04-16T06:16:58.5415754Z   JAVA_HOME: /opt/hostedtoolcache/Java_Adopt_jdk/11.0.11-9/x64
2022-04-16T06:16:58.5416255Z ##[endgroup]
2022-04-16T06:16:58.5785029Z Importing GPG key…
2022-04-16T06:16:58.5864817Z gpg: directory '/home/runner/.gnupg' created
2022-04-16T06:16:58.5868159Z gpg: keybox '/home/runner/.gnupg/pubring.kbx' created
2022-04-16T06:16:58.5884350Z gpg: /home/runner/.gnupg/trustdb.gpg: trustdb created
2022-04-16T06:16:58.5885782Z gpg: key 0F13D5631D6AF36D: public key "Krishnan Mahadevan (***-key) <[email protected]>" imported
2022-04-16T06:16:58.5970714Z gpg: Total number processed: 1
2022-04-16T06:16:58.5971416Z gpg:               imported: 1

Doesn't this mean that the keys were imported?

[juherr]

Gpg should be used during the build step in order to sign the jar file.
It could explain the issue.

[rr-nick-tan]

@krmahadevan since i don't have the access of the keys for further diagnosing.
could you try with this command being used by the GHA step:

 mvn clean deploy --batch-mode --activate-profiles deploy --settings /home/runner/work/_actions/samuelmeuli/action-maven-publish/v1/settings.xml 

NOTE: you have to create a temporary settings.xml with the gpg configured there, remember to use the actual path of settings.xml on your local
Thanks

[krmahadevan]

@rr-nick-tan - Can you please let me know if there's a template settings.xml that I can refer to for creating this file locally? I will try this out later today or over the week and post back the results.

[rr-nick-tan]

@krmahadevan , right, this is the template https://github.com/samuelmeuli/action-maven-publish/blob/master/settings.xml used by the samuelmeuli/action-maven-publish https://github.com/samuelmeuli/action-maven-publish/blob/master/index.js#L6

[juherr]

Hi,
Any update about this subject? I had a look and everything looks good. I don't understand why it is not working as expected.

[krmahadevan]

Hi,

Any update about this subject? I had a look and everything looks good. I don't understand why it is not working as expected.

I haven't been able to get to it. Currently dealing with a health crisis and yet to be discharged from hospital.

In case you have a pair of credentials that can be used can you please try using that @juherr ?

[juherr]

@missedone It is working better but it is not yet perfect. I don't understand the auth issue with the last package only.

@krmahadevan Take care of yourself

[rr-nick-tan]

@krmahadevan take care

[missedone]

@juherr @krmahadevan to unblock the issue, i'm going to use the github package as the maven repository, we can think about the sync to central maven repo later.

to be able to use github package, I have to enable it on the public repo

let me know if you're OK.

[missedone]

@krmahadevan @juherr , the gpg signing issue is solved, but now got 401 error when uploading artifacts to OSSRH, is it a different credentials on the maven central repo?

Error: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.13:deploy (injected-nexus-deploy) on project testng-remote-test: Failed to deploy artifacts: Could not transfer artifact org.testng.testng-remote:testng-remote6_9_7:jar:javadoc:1.5.0-20230604.233739-1 from/to ossrh (https://s01.oss.sonatype.org/content/repositories/snapshots): Transfer failed for https://s01.oss.sonatype.org/content/repositories/snapshots/org/testng/testng-remote/testng-remote6_9_7/1.5.0-SNAPSHOT/testng-remote6_9_7-1.5.0-20230604.233739-1-javadoc.jar 401 Unauthorized -> [Help 1]

https://github.com/testng-team/testng-remote/actions/runs/5171772022/jobs/9315501084

I'm following the publishing procedure per the articles:

• https://bjansen.github.io/java/2021/02/03/deploying-to-maven-central-using-github-actions.html
• https://central.sonatype.org/publish/publish-guide/#a-complete-example-pom

[krmahadevan]

@missedone - I haven't changed anything on the Nexus credentials

I think its still referring to @cbeust credentials (since we are still publishing to org.testng space which is owned by cedric).

Do you remember what user id we were using to publish testng remote ?

[missedone]

@krmahadevan i have no idea whose user ID is used. If you have nexus credentials, could you enter your nexus user name and password in this repo’s secrets ?

[krmahadevan]

@missedone - I have added my credentials as seen below

But I am not sure if they work in this case, because I think the credentials are tied to the group id into which publishing is being done.
My credentials can publish into com.rationaleemotions but we are trying to publish into org.testng.

[missedone]

right, the credentials tie to the group ID

BTW, I noticed the group id org.testng is not available on the s01.oss snapshot repo, it might be the issue.
https://s01.oss.sonatype.org/content/repositories/snapshots/org/testng

[krmahadevan]

I am not sure what would be the url for the snapshot repo. But I tried oss.sonatype url and it says directory browsing disabled

But the search UI on sonatype shows that the snapshot group id for testng is available

[missedone]

oh man, you saved my day, the trick worked

[missedone]

@krmahadevan @juherr , pls review the PR

i'm going to create a separate PR for the release job

[krmahadevan]

@missedone - I will go ahead and delete those credential keys that I added to this repo, so that we dont cause any additional confusions ?