Skip to content

Fix Gradle publish signing failure in release workflow#7

Merged
CyAScott merged 2 commits into
mainfrom
copilot/fix-publish-gradle-package-job
May 25, 2026
Merged

Fix Gradle publish signing failure in release workflow#7
CyAScott merged 2 commits into
mainfrom
copilot/fix-publish-gradle-package-job

Conversation

Copilot AI commented May 25, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

The Publish Gradle Package job was failing in :signMavenJavaPublication because the signing key ID provided via workflow secret did not match the Gradle signing plugin’s required key-id format. This PR updates the workflow so Gradle signing relies on in-memory key material without forcing invalid key-id parsing.

  • Root cause addressed

    • Removed SIGNING_KEY_ID from the publish-gradle job environment in .github/workflows/release-and-publish.yml.
    • Kept SIGNING_KEY and SIGNING_PASSWORD unchanged for in-memory signing.

  • Why this unblocks publishing

    • Gradle no longer attempts to parse an invalid/masked key ID for signMavenJavaPublication.
    • Signing continues through the existing in-memory key path.

  • Workflow delta (snippet)

    env:
  MAVEN_REPOSITORY_URL: ${{ secrets.MAVEN_REPOSITORY_URL }}
  MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
  MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
  SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
  SIGNING_PASSWORD: ${{ secrets.SIGNING_PASSWORD }}

Copilot AI changed the title [WIP] Fix failing GitHub Actions job Publish Gradle Package Fix Gradle publish signing failure in release workflow May 25, 2026
Copilot AI requested a review from CyAScott May 25, 2026 20:42
@CyAScott CyAScott marked this pull request as ready for review May 25, 2026 20:49
Copilot AI review requested due to automatic review settings May 25, 2026 20:49
@CyAScott CyAScott merged commit 1b4ed68 into main May 25, 2026
9 checks passed
@CyAScott CyAScott deleted the copilot/fix-publish-gradle-package-job branch May 25, 2026 20:49
Copilot AI reviewed May 25, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Removes the SIGNING_KEY_ID secret from the release/publish GitHub Actions workflow environment.

Changes:

  • Dropped SIGNING_KEY_ID from the job env passed into the release step.

Comment thread .github/workflows/release-and-publish.yml
@@ -308,7 +308,6 @@ jobs:
MAVEN_REPOSITORY_URL: ${{ secrets.MAVEN_REPOSITORY_URL }}
MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments
@CyAScott CyAScott Awaiting requested review from CyAScott

Assignees

@CyAScott CyAScott

Copilot code review Copilot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@CyAScott