I am trying to automatize the deployment of a java library to nexus ossrh with GitHub. I created the following release.yml:
jobs:
publish:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Java
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'adopt'
server-id: ossrh
settings-path: ${{ github.workspace }}
gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
gpg-passphrase: ${{ secrets.GPG_PASSPHRASE }}
server-username: ${{ secrets.OSSRH_USERNAME }}
server-password: ${{ secrets.OSSRH_PASSWORD }}
- name: Verify package
run: mvn clean verify
- name: Publish package
run: mvn clean deploy -P release -DskipTests
- name: Commit and push release
run: |
git add pom.xml target/*.jar
git commit -m "Release ${VERSION}"
git push
my pom.xml:
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-release-plugin</artifactId>
<version>2.5.3</version>
<configuration>
<arguments>-P release</arguments>
</configuration>
</plugin>
</plugins>
</build>
<profiles>
<profile>
<id>release</id>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<version>3.1.1</version>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<version>3.3.0</version>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar-no-fork</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.6.3</version>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>3.1.0</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
<version>1.6.13</version>
<extensions>true</extensions>
<configuration>
<serverId>ossrh</serverId>
<nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
<autoReleaseAfterClose>true</autoReleaseAfterClose>
</configuration>
</plugin>
</plugins>
</build>
</profile>
</profiles>
When I try to deploy manually from my PC using mvn clean deploy it is asking me for my gpg passphrase eventhough I have it registered in my settings.xml but at least the deployement is working.
settings.xml:
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
<servers>
<server>
<id>ossrh</id>
<username>my_username</username>
<password>my_pass</password>
</server>
</servers>
<profiles>
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.passphrase>my_pass</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>
The error I am getting in GitHib action is as follows:
...
[INFO] Signing 4 files with default secret key.
gpg: signing failed: Inappropriate ioctl for device
gpg: signing failed: Inappropriate ioctl for device
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 13.914 s
[INFO] Finished at: 2023-12-21T22:14:50Z
[INFO] ------------------------------------------------------------------------
Error: Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:3.1.0:sign (sign-artifacts) on project SomeProjectName: Exit code: 2 -> [Help 1]
Error:
Error: To see the full stack trace of the errors, re-run Maven with the -e switch.
Error: Re-run Maven using the -X switch to enable full debug logging.
Error:
Error: For more information about the errors and possible solutions, please read the following articles:
Error: [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
Error: Process completed with exit code 1.
I tried to add a setting.xml file in .github/workflows/ directory and to change the run in release.yml to run: mvn clean deploy -P release -DskipTests --settings .github/workflows/settings.xml but I'm still getting the same error.
How can I solve this issue?
The error "
gpg: signing failed: Inappropriate ioctl for device" usually means that GPG is trying to open apinentrydialog to get the passphrase, but in a headless environment (like GitHub Actions), this dialog cannot be displayed.So you should configure GPG to use a loopback mode for passphrase input.
See for illustration "Using Command-Line Passphrase Input for GPG with Git (for Windows)" by betakuang/人生リセット.
Modify your
release.ymlto configure GPG to use loopback mode. Add a step before thePublish packagestep:Make sure that the GPG key and passphrase are correctly set up in your GitHub Actions secrets and referenced in the
release.yml.And make sure your
settings.xmlis correctly referencing the GPG passphrase. That seems to be already done in your configuration.Update your
pom.xmlandrelease.ymlaccordingly, and then push these changes to trigger the GitHub Action again.Your
release.ymlshould be: