Try to fix signing of publication artifacts

.github/workflows/DEPLOY.yml

@@ -18,9 +18,10 @@ on:
 env:
   CI: true
   FORCED_VERSION: ${{ inputs.forced_version || github.ref }}
-  ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ORG_GRADLE_PROJECT_SIGNINGKEY }}
-  ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ORG_GRADLE_PROJECT_SIGNINGPASSWORD }}
-  # Vanniktech maven-publish plugin reads these Gradle project properties for Central Portal auth
+  # Vanniktech maven-publish plugin reads these exact Gradle project property names for signing
+  ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.ORG_GRADLE_PROJECT_SIGNINGKEY }}
+  ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.ORG_GRADLE_PROJECT_SIGNINGPASSWORD }}
+  # Vanniktech maven-publish plugin reads these for Central Portal auth
   ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.ORG_KORGE_SONATYPE_USERNAME }}
   ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.ORG_KORGE_SONATYPE_PASSWORD }}
   JAVA_VERSION: 21
@@ -37,10 +38,10 @@ jobs:
           - { os: ubuntu-latest, publishTask: "publishAndroidReleasePublicationToMavenCentral" }
           - { os: ubuntu-latest, publishTask: "publishKotlinMultiplatformPublicationToMavenCentral publishJvmPublicationToMavenCentral" }
           - { os: ubuntu-latest, publishTask: "publishJsPublicationToMavenCentral publishWasmJsPublicationToMavenCentral" }
-          - { os: macos-13, publishTask: "publishMacosX64PublicationToMavenCentral publishMacosArm64PublicationToMavenCentral" }
-          - { os: macos-13, publishTask: "publishTvosArm64PublicationToMavenCentral publishTvosSimulatorArm64PublicationToMavenCentral publishTvosX64PublicationToMavenCentral" }
-          - { os: macos-13, publishTask: "publishIosArm64PublicationToMavenCentral publishIosSimulatorArm64PublicationToMavenCentral publishIosX64PublicationToMavenCentral" }
-          - { os: macos-13, publishTask: "publishWatchosArm64PublicationToMavenCentral publishWatchosArm32PublicationToMavenCentral publishWatchosDeviceArm64PublicationToMavenCentral publishWatchosSimulatorArm64PublicationToMavenCentral" }
+          - { os: macos-latest, publishTask: "publishMacosX64PublicationToMavenCentral publishMacosArm64PublicationToMavenCentral" }
+          - { os: macos-latest, publishTask: "publishTvosArm64PublicationToMavenCentral publishTvosSimulatorArm64PublicationToMavenCentral publishTvosX64PublicationToMavenCentral" }
+          - { os: macos-latest, publishTask: "publishIosArm64PublicationToMavenCentral publishIosSimulatorArm64PublicationToMavenCentral publishIosX64PublicationToMavenCentral" }
+          - { os: macos-latest, publishTask: "publishWatchosArm64PublicationToMavenCentral publishWatchosArm32PublicationToMavenCentral publishWatchosDeviceArm64PublicationToMavenCentral publishWatchosSimulatorArm64PublicationToMavenCentral" }
     timeout-minutes: 300
     runs-on: ${{ matrix.os }}
     steps:

.github/workflows/DOCS.yml

@@ -24,7 +24,7 @@ concurrency:
 env:
   CI: true
   FORCED_VERSION: ${{ inputs.forced_version || github.ref }}
-  JAVA_VERSION: 17
+  JAVA_VERSION: 21
   JAVA_DISTRIBUTION: zulu
 
 jobs:
@@ -37,6 +37,6 @@ jobs:
       - { name: Use Node.js 20.x, uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b, with: { node-version: 20.x } } # https://github.com/actions/setup-node/releases/tag/v4.0.3
       - { name: Prepare Gradle, uses: gradle/actions/setup-gradle@d9c87d481d55275bb5441eef3fe0e46805f9ef70 } # https://github.com/gradle/actions/releases/tag/v3.5.0
       - { name: Initialize Gradle, run: ./gradlew --no-configuration-cache }
-      - { name: Build Documentation, run: ./gradlew --no-configuration-cache dokkaHtmlMultiModule }
-      - { name: Upload artifact, uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa, with: { path: 'build/dokka/htmlMultiModule' } } # https://github.com/actions/upload-pages-artifact/releases/tag/v3.0.1
+      - { name: Build Documentation, run: ./gradlew --no-configuration-cache dokkaGenerateHtml }
+      - { name: Upload artifact, uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa, with: { path: 'build/dokka/html' } } # https://github.com/actions/upload-pages-artifact/releases/tag/v3.0.1
       - { name: Deploy 🚀 to GitHub Pages, id: deployment, uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e} # https://github.com/actions/deploy-pages/releases/tag/v4.0.5

build.gradle.kts

@@ -248,24 +248,51 @@ open class DenoTestTask : AbstractTestTask() {
 }
 
 private fun Project.configureCentralPortalCompatibilityProps() {
-    // Keep previous env/property names working while using Vanniktech Central Portal publishing.
-    val legacySigningKey = System.getenv("ORG_GRADLE_PROJECT_signingKey") ?: findProperty("signing.signingKey")?.toString()
-    val legacySigningPassword = System.getenv("ORG_GRADLE_PROJECT_signingPassword") ?: findProperty("signing.password")?.toString()
-    val legacySonatypeUser = System.getenv("SONATYPE_USERNAME") ?: rootProject.findProperty("SONATYPE_USERNAME")?.toString() ?: findProperty("sonatypeUsername")?.toString()
-    val legacySonatypePassword = System.getenv("SONATYPE_PASSWORD") ?: rootProject.findProperty("SONATYPE_PASSWORD")?.toString() ?: findProperty("sonatypePassword")?.toString()
-
+    // Map legacy env/property names to the exact names the Vanniktech plugin expects.
+    // Vanniktech reads: signingInMemoryKey, signingInMemoryKeyPassword, mavenCentralUsername, mavenCentralPassword
     val extras = extensions.extraProperties
-    if (!extras.has("signingInMemoryKey") && legacySigningKey != null) extras["signingInMemoryKey"] = legacySigningKey
-    if (!extras.has("signingInMemoryKeyPassword") && legacySigningPassword != null) extras["signingInMemoryKeyPassword"] = legacySigningPassword
-    if (!extras.has("mavenCentralUsername") && legacySonatypeUser != null) extras["mavenCentralUsername"] = legacySonatypeUser
-    if (!extras.has("mavenCentralPassword") && legacySonatypePassword != null) extras["mavenCentralPassword"] = legacySonatypePassword
+
+    fun mapIfAbsent(targetKey: String, vararg sources: () -> String?) {
+        // Skip if already set to a non-blank value via extras or project properties
+        if (extras.has(targetKey) && extras[targetKey]?.toString().isNullOrBlank().not()) return
+        if (findProperty(targetKey)?.toString().isNullOrBlank().not()) return
+        // Find the first non-blank value among the sources
+        val value = sources.firstNotNullOfOrNull { it()?.takeIf { v -> v.isNotBlank() } } ?: return
+        extras[targetKey] = value
+    }
+
+    mapIfAbsent("signingInMemoryKey",
+        { System.getenv("ORG_GRADLE_PROJECT_signingInMemoryKey") },
+        { System.getenv("ORG_GRADLE_PROJECT_signingKey") },
+        { findProperty("signing.signingKey")?.toString() }
+    )
+    mapIfAbsent("signingInMemoryKeyPassword",
+        { System.getenv("ORG_GRADLE_PROJECT_signingInMemoryKeyPassword") },
+        { System.getenv("ORG_GRADLE_PROJECT_signingPassword") },
+        { findProperty("signing.password")?.toString() }
+    )
+    mapIfAbsent("mavenCentralUsername",
+        { System.getenv("ORG_GRADLE_PROJECT_mavenCentralUsername") },
+        { System.getenv("SONATYPE_USERNAME") },
+        { rootProject.findProperty("SONATYPE_USERNAME")?.toString() },
+        { findProperty("sonatypeUsername")?.toString() }
+    )
+    mapIfAbsent("mavenCentralPassword",
+        { System.getenv("ORG_GRADLE_PROJECT_mavenCentralPassword") },
+        { System.getenv("SONATYPE_PASSWORD") },
+        { rootProject.findProperty("SONATYPE_PASSWORD")?.toString() },
+        { findProperty("sonatypePassword")?.toString() }
+    )
 }
 
 private fun Project.hasSigningCredentials(): Boolean {
-    return findProperty("signingInMemoryKey") != null ||
-        findProperty("signing.secretKeyRingFile") != null ||
-        System.getenv("ORG_GRADLE_PROJECT_signingInMemoryKey") != null ||
-        System.getenv("ORG_GRADLE_PROJECT_signingKey") != null
+    // A credential is only considered present when it resolves to a non-blank string.
+    fun String?.isPresent() = !isNullOrBlank()
+    return System.getenv("ORG_GRADLE_PROJECT_signingInMemoryKey").isPresent() ||
+        System.getenv("ORG_GRADLE_PROJECT_signingKey").isPresent() ||
+        findProperty("signingInMemoryKey")?.toString().isPresent() ||
+        findProperty("signing.secretKeyRingFile")?.toString().isPresent() ||
+        extensions.extraProperties.runCatching { get("signingInMemoryKey")?.toString() }.getOrNull().isPresent()
 }
 
 subprojects {
@@ -419,8 +446,8 @@ subprojects {
 
     // Publishing
     extensions.configure<MavenPublishBaseExtension> {
-        publishToMavenCentral()
         if (project.hasSigningCredentials()) {
+            publishToMavenCentral()
             signAllPublications()
         }
 

gradle.properties

@@ -1,4 +1,5 @@
 org.gradle.jvmargs=-Xmx3g
+org.jetbrains.dokka.experimental.gradle.pluginMode=V2Enabled
 kotlin.daemon.jvmargs=-Xmx4g
 #org.gradle.jvmargs=-Xmx2g
 #org.gradle.jvmargs=-Xmx2800M -Dkotlin.daemon.jvm.options="-Xmx2800M" -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8