update workflow actions for gpg signing #31

	# This workflow will build a Java project with Maven, and cache/restore any dependencies to improve the workflow execution time
	# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-java-with-maven

	# This workflow uses actions that are not certified by GitHub. They are provided by a third-party and are governed by
	# separate terms of service, privacy policy, and support documentation.

	name: CI/CD Pipeline - Build and Test

	on:
	push:
	branches: [ "main" ]
	pull_request:
	branches: [ "main" ]

	permissions:
	checks: write

	jobs:
	build:
	name: Build, Test and Package
	# Using GitHub hosted Linux runner w/ 2CPUs, 7GB RAM, 14GB SSD
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up JDK 17
	uses: actions/setup-java@v4
	with:
	java-version: '17'
	distribution: 'zulu'
	cache: maven
	settings-path: ${{ github.workspace }}/.github
	gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}

	- name: Build, Test and Package
	run: mvn -B package -P FullBuild
	env:
	USER_NAME: ${{ secrets.USER_NAME }}
	PAT_TOKEN: ${{ secrets.PAT_TOKEN }}
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	- name: Publish Test Report
	uses: mikepenz/action-junit-report@v4.1.0
	if: success() \|\| failure() # always run even if the previous step fails
	with:
	report_paths: 'core/target/surefire-reports/TEST-*.xml'
	fail_on_failure: true

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	name: jar artifacts
	path: core/target/*.jar

Provide feedback