auth0 · tanya732 · Jan 22, 2025 · Jan 22, 2025 · Jan 22, 2025 · Jan 22, 2025
@@ -1,20 +1,16 @@
 name: Publish release to Java
 
 inputs:
+  java-version:
+    required: true
   ossr-username:
     required: true
-  ossr-password:
+  ossr-token:
     required: true
   signing-key:
     required: true
   signing-password:
     required: true
-  java-version:
-    required: true
-  is-android:
-    required: true
-  version:
-    required: true
 
 runs:
   using: composite
@@ -33,12 +29,11 @@ runs:
 
     - uses: gradle/wrapper-validation-action@56b90f209b02bf6d1deae490e9ef18b21a389cd4 # pin@1.1.0
 
-    - name: Publish Java
-      shell: bash
-      if: inputs.is-android == 'false'
-      run: ./gradlew clean assemble sign publishMavenJavaPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
-
-    - name: Publish Android
+    - name: Publish Android/Java Packages to Maven
       shell: bash
-      if: inputs.is-android == 'true'
-      run: ./gradlew clean assemble sign publishAndroidLibraryPublicationToMavenRepository -PisSnapshot=false -Pversion="${{ inputs.version }}" -PossrhUsername="${{ inputs.ossr-username }}" -PossrhPassword="${{ inputs.ossr-password }}" -PsigningKey="${{ inputs.signing-key }}" -PsigningPassword="${{ inputs.signing-password }}"
+      run: ./gradlew publish -PisSnapshot=false --stacktrace
+      env:
+        MAVEN_USERNAME: ${{ inputs.ossr-username }}
+        MAVEN_PASSWORD: ${{ inputs.ossr-token }}
+        SIGNING_KEY: ${{ inputs.signing-key}}
+        SIGNING_PASSWORD: ${{ inputs.signing-password}}
@@ -6,13 +6,10 @@ on:
       java-version:
         required: true
         type: string
-      is-android:
-        required: true
-        type: string
     secrets:
       ossr-username:
         required: true
-      ossr-password:
+      ossr-token:
         required: true
       signing-key:
         required: true
@@ -70,10 +67,8 @@ jobs:
       - uses: ./.github/actions/maven-publish
         with:
           java-version: ${{ inputs.java-version }}
-          is-android: ${{ inputs.is-android }}
-          version: ${{ steps.get_version.outputs.version }}
           ossr-username: ${{ secrets.ossr-username }}
-          ossr-password: ${{ secrets.ossr-password }}
+          ossr-token: ${{ secrets.ossr-token }}
           signing-key: ${{ secrets.signing-key }}
           signing-password: ${{ secrets.signing-password }}
 

@@ -32,10 +32,9 @@ jobs:
     needs: rl-scanner
     with:
       java-version: 11.0.21-tem
-      is-android: false
     secrets:
       ossr-username: ${{ secrets.OSSR_USERNAME }}
-      ossr-password: ${{ secrets.OSSR_PASSWORD }}
+      ossr-token: ${{ secrets.OSSR_TOKEN }}
       signing-key: ${{ secrets.SIGNING_KEY }}
       signing-password: ${{ secrets.SIGNING_PASSWORD }}
       github-token: ${{ secrets.GITHUB_TOKEN }}
@@ -15,3 +15,24 @@ org.gradle.jvmargs=-Xmx1536m
 # This option should only be used with decoupled projects. More details, visit
 # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
 # org.gradle.parallel=true
+
+GROUP=com.auth0
+POM_ARTIFACT_ID=java-jwt
+
+POM_NAME=java jwt
+POM_DESCRIPTION=Java client library for the Auth0 platform
+POM_PACKAGING=jar
+
+POM_URL=https://github.com/auth0/java-jwt
+POM_SCM_URL=https://github.com/auth0/java-jwt
+
+POM_SCM_CONNECTION=scm:git:https://github.com/auth0/java-jwt.git
+POM_SCM_DEV_CONNECTION=scm:git:https://github.com/auth0/java-jwt.git
+
+POM_LICENCE_NAME=The MIT License (MIT)
+POM_LICENCE_URL=https://raw.githubusercontent.com/auth0/java-jwt/master/LICENSE
+POM_LICENCE_DIST=repo
+
+POM_DEVELOPER_ID=auth0
+POM_DEVELOPER_NAME=Auth0
+POM_DEVELOPER_EMAIL=oss@auth0.com
@@ -0,0 +1,113 @@
+apply plugin: 'maven-publish'
+apply plugin: 'signing'
+
+task('sourcesJar', type: Jar, dependsOn: classes) {
+    archiveClassifier = 'sources'
+    from sourceSets.main.allSource
+}
+
+task('javadocJar', type: Jar, dependsOn: javadoc) {
+    archiveClassifier = 'javadoc'
+    from javadoc.getDestinationDir()
+}
+tasks.withType(Javadoc).configureEach {
+    javadocTool = javaToolchains.javadocToolFor {
+        // Use latest JDK for javadoc generation
+        languageVersion = JavaLanguageVersion.of(17)
+    }
+}
+
+javadoc {
+    // Specify the Java version that the project will use
+    options.addStringOption('-release', "8")
+}
+artifacts {
+    archives sourcesJar, javadocJar
+}
+
+
+final releaseRepositoryUrl = "https://oss.sonatype.org/service/local/staging/deploy/maven2/"
+final snapshotRepositoryUrl = "https://oss.sonatype.org/content/repositories/snapshots/"
+
+publishing {
+    publications {
+        mavenJava(MavenPublication) {
+
+            groupId = GROUP
+            artifactId = POM_ARTIFACT_ID
+            version = getVersionName()
+
+            artifact("$buildDir/libs/${project.name}-${version}.jar")
+            artifact sourcesJar
+            artifact javadocJar
+
+            pom {
+                name = POM_NAME
+                packaging = POM_PACKAGING
+                description = POM_DESCRIPTION
+                url = POM_URL
+
+                licenses {
+                    license {
+                        name = POM_LICENCE_NAME
+                        url = POM_LICENCE_URL
+                        distribution = POM_LICENCE_DIST
+                    }
+                }
+
+                developers {
+                    developer {
+                        id = POM_DEVELOPER_ID
+                        name = POM_DEVELOPER_NAME
+                        email = POM_DEVELOPER_EMAIL
+                    }
+                }
+
+                scm {
+                    url = POM_SCM_URL
+                    connection = POM_SCM_CONNECTION
+                    developerConnection = POM_SCM_DEV_CONNECTION
+                }
+
+                pom.withXml {
+                    def dependenciesNode = asNode().appendNode('dependencies')
+
+                    project.configurations.implementation.allDependencies.each {
+                        def dependencyNode = dependenciesNode.appendNode('dependency')
+                        dependencyNode.appendNode('groupId', it.group)
+                        dependencyNode.appendNode('artifactId', it.name)
+                        dependencyNode.appendNode('version', it.version)
+                    }
+                }
+            }
+        }
+    }
+    repositories {
+        maven {
+            name = "sonatype"
+            url = version.endsWith('SNAPSHOT') ? snapshotRepositoryUrl : releaseRepositoryUrl
+            credentials {
+                username = System.getenv("MAVEN_USERNAME")
+                password = System.getenv("MAVEN_PASSWORD")
+            }
+        }
+    }
+}
+
+signing {
+    def signingKey = System.getenv("SIGNING_KEY")
+    def signingPassword = System.getenv("SIGNING_PASSWORD")
+    useInMemoryPgpKeys(signingKey, signingPassword)
+
+    sign publishing.publications.mavenJava
+}
+
+javadoc {
+    if(JavaVersion.current().isJava9Compatible()) {
+        options.addBooleanOption('html5', true)
+    }
+}
+
+tasks.named('publish').configure {
+    dependsOn tasks.named('assemble')
+}
@@ -0,0 +1,17 @@
+def getVersionFromFile() {
+    def versionFile = rootProject.file('.version')
+    return versionFile.text.readLines().first().trim()
+}
+
+def isSnapshot() {
+    return hasProperty('isSnapshot') ? isSnapshot.toBoolean() : true
+}
+
+def getVersionName() {
+    return isSnapshot() ? project.version+"-SNAPSHOT" : project.version
+}
+
+ext {
+    getVersionName = this.&getVersionName
+    getVersionFromFile = this.&getVersionFromFile
+}
@@ -1,9 +1,19 @@
+buildscript {
+    repositories {
+        jcenter()
+    }
+
+    dependencies {
+        // https://github.com/melix/japicmp-gradle-plugin/issues/36
+        classpath 'com.google.guava:guava:31.1-jre'
+    }
+}
 
 plugins {
     id 'java'
     id 'jacoco'
-    id 'com.auth0.gradle.oss-library.java'
     id 'checkstyle'
+    id 'me.champeau.gradle.japicmp' version '0.2.9'
 }
 
 sourceSets {
@@ -29,37 +39,69 @@ tasks.named("checkstyleJmh").configure({
     enabled = false
 })
 
-logger.lifecycle("Using version ${version} for ${group}.${name}")
+apply from: rootProject.file('gradle/versioning.gradle')
+
+version = getVersionFromFile()
+group = GROUP
+logger.lifecycle("Using version ${version} for ${name} group $group")
 
-def signingKey = findProperty('signingKey')
-def signingKeyPwd = findProperty('signingPassword')
+import me.champeau.gradle.japicmp.JapicmpTask
 
-oss {
-    name "java jwt"
-    repository "java-jwt"
-    organization "auth0"
-    description "Java implementation of JSON Web Token (JWT)"
-    baselineCompareVersion "4.1.0"
-    skipAssertSigningConfiguration true
+project.afterEvaluate {
 
-    developers {
-        auth0 {
-            displayName = "Auth0"
-            email = "oss@auth0.com"
+    def versions = project.ext.testInJavaVersions
+    for (pluginJavaTestVersion in versions) {
+        def taskName = "testInJava-${pluginJavaTestVersion}"
+        tasks.register(taskName, Test) {
+            def versionToUse = taskName.split("-").getAt(1) as Integer
+            description = "Runs unit tests on Java version ${versionToUse}."
+            project.logger.quiet("Test will be running in ${versionToUse}")
+            group = 'verification'
+            javaLauncher.set(javaToolchains.launcherFor {
+                languageVersion = JavaLanguageVersion.of(versionToUse)
+            })
+            shouldRunAfter(tasks.named('test'))
         }
-        lbalmaceda {
-            displayName = "Luciano Balmaceda"
-            email = "luciano.balmaceda@auth0.com"
+        tasks.named('check') {
+            dependsOn(taskName)
         }
-        hzalaz {
-            displayName = "Hernan Zalazar"
-            email = "hernan@auth0.com"
+    }
+
+    project.configure(project) {
+        def baselineVersion = project.ext.baselineCompareVersion
+        task('apiDiff', type: JapicmpTask, dependsOn: 'jar') {
+            oldClasspath = files(getBaselineJar(project, baselineVersion))
+            newClasspath = files(jar.archiveFile)
+            onlyModified = true
+            failOnModification = true
+            ignoreMissingClasses = true
+            htmlOutputFile = file("$buildDir/reports/apiDiff/apiDiff.html")
+            txtOutputFile = file("$buildDir/reports/apiDiff/apiDiff.txt")
+            doLast {
+                project.logger.quiet("Comparing against baseline version ${baselineVersion}")
+            }
+        }
+    }
+}
+
+private static File getBaselineJar(Project project, String baselineVersion) {
+    // Use detached configuration: https://github.com/square/okhttp/blob/master/build.gradle#L270
+    def group = project.group
+    try {
+        def baseline = "${project.group}:${project.name}:$baselineVersion"
+        project.group = 'virtual_group_for_japicmp'
+        def dependency = project.dependencies.create(baseline + "@jar")
+        return project.configurations.detachedConfiguration(dependency).files.find {
+            it.name == "${project.name}-${baselineVersion}.jar"
         }
+    } finally {
+        project.group = group
     }
 }
 
-signing {
-    useInMemoryPgpKeys(signingKey, signingKeyPwd)
+ext {
+    baselineCompareVersion = '4.1.0'
+    testInJavaVersions = [8, 11, 17, 21]
 }
 
 java {
@@ -198,3 +240,4 @@ tasks.register('jmhHelp', JavaExec) {
     args '-h'
 }
 
+apply from: rootProject.file('gradle/maven-publish.gradle')
@@ -2,9 +2,6 @@ pluginManagement {
     repositories {
         gradlePluginPortal()
     }
-    plugins {
-        id 'com.auth0.gradle.oss-library.java' version '0.17.2'
-    }
 }
 
 include ':java-jwt'