publish fixes++++

aviaviavi · aviaviavi · commit a9dd8083ce2d · 2025-11-15T15:43:15.000Z
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -60,6 +60,14 @@ jobs:
           echo "allow-loopback-pinentry" >> ~/.gnupg/gpg-agent.conf
           gpgconf --kill gpg-agent || true
 
+      - name: Detect GPG fingerprint
+        id: gpg
+        run: |
+          FPR=$(gpg --list-secret-keys --with-colons | awk -F: '/^fpr:/ {print $10; exit}')
+          if [ -z "$FPR" ]; then echo "No GPG secret key found" >&2; exit 1; fi
+          echo "fingerprint=$FPR" >> "$GITHUB_OUTPUT"
+          echo "Using GPG fingerprint ${FPR}"
+
       - name: Set project version from tag
         run: |
           mvn -q -B versions:set -DnewVersion=${{ steps.vars.outputs.version }} -DgenerateBackupPoms=false
@@ -71,4 +79,4 @@ jobs:
           GPG_TTY: $(tty)
           GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
         run: |
-          mvn -B -s $GITHUB_WORKSPACE/maven-settings.xml -P release -DskipTests -Dgpg.passphrase=$GPG_PASSPHRASE clean verify central-publishing:publish
+          mvn -B -s $GITHUB_WORKSPACE/maven-settings.xml -P release -DskipTests -Dgpg.passphrase=$GPG_PASSPHRASE -Dgpg.keyname=${{ steps.gpg.outputs.fingerprint }} clean verify central-publishing:publish
diff --git a/README.md b/README.md
@@ -154,6 +154,10 @@ The `Release` workflow will:
 
 Troubleshooting
 - If you see `base64: invalid input` or `gpg: no valid OpenPGP data found`, paste the ASCII‑armored private key directly into the `GPG_PRIVATE_KEY` secret (not base64). The workflow auto‑detects and imports either format.
+- If Central reports invalid signature or cannot find your public key by fingerprint:
+  - Upload your public key to a supported keyserver, e.g. `keys.openpgp.org`, and verify the email identity used for the key (you will receive a verification email).
+  - Alternatively, add the same public key in the Sonatype Central portal under your account’s PGP keys.
+  - Make sure the key fingerprint in CI matches the one you uploaded (the workflow prints it during release).
 
 
 License
diff --git a/pom.xml b/pom.xml
@@ -129,6 +129,7 @@
                         <artifactId>maven-gpg-plugin</artifactId>
                         <version>3.2.4</version>
                         <configuration>
+                            <keyname>${gpg.keyname}</keyname>
                             <gpgArguments>
                                 <arg>--pinentry-mode</arg>
                                 <arg>loopback</arg>
