/** Copyright (c) 2024 John Ahlroos Creative Commons Attribution-NoDerivatives 4.0 International Public License By exercising the Licensed Rights (defined below), You accept and agree to be bound by the terms and conditions of this Creative Commons Attribution-NoDerivatives 4.0 International Public License ("Public License"). To the extent this Public License may be interpreted as a contract, You are granted the Licensed Rights in consideration of Your acceptance of these terms and conditions, and the Licensor grants You such rights in consideration of benefits the Licensor receives from making the Licensed Material available under these terms and conditions. Refer to LICENSE file or https://creativecommons.org/licenses/by-nd/4.0 for full license. */ import com.google.common.hash.HashCode import com.google.common.hash.Hashing import com.google.common.io.Files import java.nio.charset.StandardCharsets buildscript { repositories { mavenCentral() } dependencies { classpath 'com.google.guava:guava:33.3.1-jre' } } ext { hasSignatureKey = findProperty("DEVSOAP_GPG_KEY_BASE64") != null sonatypeToken = findProperty("SONATYPE_TOKEN") as String devsoapToken = findProperty("DEVSOAP_DEPLOY_TOKEN") as String signingKeyBase64 = (findProperty("DEVSOAP_GPG_KEY_BASE64") as String)?.getBytes(StandardCharsets.UTF_8) signingKey = hasSignatureKey ? new String(Base64.decoder.decode(signingKeyBase64)) : "" signingPassword = hasSignatureKey ? findProperty("DEVSOAP_GPG_PASSWORD") : "" } signing { if (hasSignatureKey) { useInMemoryPgpKeys(signingKey, signingPassword) } } publishing { repositories { maven { name = "DSCode" url = uri("https://code.devsoap.com/api/packages/john/maven") credentials(HttpHeaderCredentials) { name = "Authorization" value = "token ${devsoapToken}" } authentication { header(HttpHeaderAuthentication) } } } publications { mavenJava(MavenPublication) { from components.java pom { groupId = 'com.devsoap' name = 'assertj-json' description = 'Fluent JSON API for AssertJ' url = 'https://code.devsoap.com/john/assertj-json' licenses { license { name = 'CC BY-ND 4.0' url = 'https://creativecommons.org/licenses/by-nd/4.0/' } } scm { url = 'https://code.devsoap.com/john/assertj-json' connection = 'scm:git://code.devsoap.com/john/assertj-json.git' developerConnection = 'scm:git://code.devsoap.com/john/assertj-json.git' } developers { developer { id = 'john' name = 'John Ahlroos' email = 'john@devsoap.com' organizationUrl = 'https://devsoap.com' } } } } } } /** * Generates a ZIP archive compatible for uploading to Sonatype Maven Portal */ tasks.register('generateMavenCentralBundle', Zip) { group 'publishing' dependsOn tasks.withType(Sign) def workdir = "${project.group.replace('.', '/')}/${project.name}/$version" from jar.outputs.files into workdir from javadocJar.outputs.files into workdir from sourcesJar.outputs.files into workdir from generateChecksumsMd5.outputs.files into workdir from generateChecksumsSha256.outputs.files into workdir from generateChecksumsSha1.outputs.files into workdir from (generatePomFileForMavenJavaPublication.outputs.files) { include "pom-default.xml" rename { "${project.name}-${project.version}.pom"} } if (hasSignatureKey) { from (signFiles.outputs.files) { exclude "pom-default.xml.asc" } from (signFiles.outputs.files) { include "pom-default.xml.asc" rename { "${project.name}-${project.version}.pom.asc"} } } archiveBaseName = "maven-central-bundle" destinationDirectory = layout.buildDirectory.dir('sonatype') } /** * Creates MD5 checksums for all artifacts */ tasks.register('generateChecksumsMd5') { group 'signatures' Provider outputDir def function = Hashing.md5() def algorithm = 'md5' configure { inputs.files jar.outputs.files inputs.files sourcesJar.outputs.files inputs.files javadocJar.outputs.files inputs.files generatePomFileForMavenJavaPublication.outputs.files outputs.dir(outputDir = layout.buildDirectory.dir("sonatype/checksums/${algorithm}")) } doLast { inputs.files.forEach {file -> def filename = file.name.startsWith("pom-default") ? "${project.name}-${project.version}.pom" : file.name HashCode hashCode = Files.asByteSource(file).hash(function) Files.write(hashCode.toString().getBytes(StandardCharsets.UTF_8), new File(outputDir.get().asFile, "${filename}.${algorithm}")) } } } /** * Creates SHA1 checksums for all artifacts */ tasks.register('generateChecksumsSha1') { group 'signatures' Provider outputDir def function = Hashing.sha1() def algorithm = 'sha1' configure { inputs.files jar.outputs.files inputs.files sourcesJar.outputs.files inputs.files javadocJar.outputs.files inputs.files generatePomFileForMavenJavaPublication.outputs.files outputs.dir(outputDir = layout.buildDirectory.dir("sonatype/checksums/${algorithm}")) } doLast { inputs.files.forEach {file -> def filename = file.name.startsWith("pom-default") ? "${project.name}-${project.version}.pom" : file.name HashCode hashCode = Files.asByteSource(file).hash(function) Files.write(hashCode.toString().getBytes(StandardCharsets.UTF_8), new File(outputDir.get().asFile, "${filename}.${algorithm}")) } } } /** * Creates SHA256 checksums for all artifacts */ tasks.register('generateChecksumsSha256') { group 'signatures' Provider outputDir def function = Hashing.sha256() def algorithm = 'sha256' configure { inputs.files jar.outputs.files inputs.files sourcesJar.outputs.files inputs.files javadocJar.outputs.files inputs.files generatePomFileForMavenJavaPublication.outputs.files outputs.dir(outputDir = layout.buildDirectory.dir("sonatype/checksums/${algorithm}")) } doLast { inputs.files.forEach {file -> def filename = file.name.startsWith("pom-default") ? "${project.name}-${project.version}.pom" : file.name HashCode hashCode = Files.asByteSource(file).hash(function) Files.write(hashCode.toString().getBytes(StandardCharsets.UTF_8), new File(outputDir.get().asFile, "${filename}.${algorithm}")) } } } /** * Uploads the ZIP bundle to Maven Central via the Maven Central Portal API */ tasks.register('publishToMavenCentral', Exec) { onlyIf { hasSignatureKey } group 'publishing' dependsOn(generateMavenCentralBundle) executable "curl" standardOutput = new ByteArrayOutputStream() doFirst { args = [ "--request", "POST", "--header", "Authorization: Bearer $sonatypeToken", "--form", "bundle=@${generateMavenCentralBundle.outputs.files.first()}", "https://central.sonatype.com/api/v1/publisher/upload?name=${project.group}.${project.name}:${project.version}&publishingType=USER_MANAGED" ] } doLast { println standardOutput.toString() } } /** * Generates GPG signatures for all files */ tasks.register('signFiles', Sign) { group 'signatures' dependsOn jar, sourcesJar, javadocJar, generatePomFileForMavenJavaPublication inputs.file project.file('build/publications/mavenJava/pom-default.xml') inputs.files jar.outputs.files.singleFile, sourcesJar.outputs.files.singleFile, javadocJar.outputs.files.singleFile inputs.files.each {sign it } } /** * Remove extra Version field in GPG signatures generated by GNU GPG */ tasks.withType(Sign).configureEach { onlyIf { hasSignatureKey } doLast { signatureFiles.each {file -> file.text = file.readLines().findAll { !it.startsWith("Version")}.join("\n") } } }