Show HN: Simple(R) GitHub Action for Publishing to MavenCentral

1 point

a year ago

I dislike trusting my signing keys and MavenCentral tokens to logic used for normal builds. I use Gradle, but Maven suffers from the same problem; there is altogether too much code alive during a build that I cannot trust or review myself.

So I have written my own action that publishes already-built artifacts. This means signing and publishing secrets are subject to a much smaller set of executing code. Actually, review-able amounts of code (IMO).

The Action is implemented in Java, using no external dependencies (well, except for the JDK and gpg).

You can find it at https://github.com/jskov/action-maven-publish

I have just updated the Action to use the new Publish Portal (v1) API. This meant I had to write a small, simple (and partial) JSON parser to keep avoiding external dependencies. This was fun. But probably also the first thing to break, if the API returns something I did not expect.

Should you want to take a look, I have tried to make it easy to review: https://github.com/jskov/action-maven-publish/blob/main/READ...

If you spot anything dumb, please comment! I would (perversely) love, if it turns out I have made something worse than what I am trying to avoid :)

Using the Action is pretty simple. The readme contains links to two of my other repositories that use it for publishing.

Thanks!