kiota-java icon indicating copy to clipboard operation
kiota-java copied to clipboard
verified publisher icon microsoft

security - automate the OSS portal steps

Open baywet opened this issue 1 year ago • 0 comments

In the current releasing process, we manually go to the maven central portal to close and release the artifacts our CI uploaded. Not only this is time consuming, it's a security concern (since this platform doesn't support organizations, we're sharing credentials)

We should explore automating those steps, and once we have the recipe, replicate on other java repositories.

https://central.sonatype.org/publish/publish-gradle/#releasing-the-deployment-to-the-central-repository https://github.com/gradle-nexus/publish-plugin/

Note: this wouldn't be necessary if ESRP release was available for GHA.

  • [ ] Remove approval steps on the maven central GitHub environment

baywet avatar May 02 '24 13:05 baywet