CI release test with manual approval

Author: satran004

.github/workflows/create-release-tag.yml

@@ -0,0 +1,51 @@
+name: Create Release Tag from gradle.properties
+
+on:
+  workflow_dispatch:
+
+jobs:
+  create-tag:
+    name: Create and Push v<version> Tag
+    environment: maven-central-release
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+
+      - name: Read version from gradle.properties
+        id: get_version
+        run: |
+          VERSION=$(grep "^version=" gradle.properties | cut -d'=' -f2 | tr -d '[:space:]')
+          echo "VERSION=$VERSION"
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+      - name: Check that version is not a SNAPSHOT
+        run: |
+          VERSION="${{ steps.get_version.outputs.version }}"
+          echo "Checking version: $VERSION"
+          if [[ "$VERSION" =~ -SNAPSHOT$ ]]; then
+            echo "❌ Refusing to create tag for SNAPSHOT version: $VERSION"
+            exit 1
+          fi
+          echo "✅ Version is valid for release."
+
+      - name: Check if tag already exists
+        run: |
+          VERSION="${{ steps.get_version.outputs.version }}"
+          TAG="v$VERSION"
+          echo "Checking if tag $TAG already exists..."
+          if git ls-remote --tags origin | grep -q "refs/tags/$TAG"; then
+            echo "❌ Tag $TAG already exists on remote. Aborting."
+            exit 1
+          fi
+          echo "✅ Tag does not exist yet."
+
+      - name: Create and push v${{ steps.get_version.outputs.version }} tag
+        run: |
+          VERSION="${{ steps.get_version.outputs.version }}"
+          TAG="v$VERSION"
+          git config user.name "GitHub Actions"
+          git config user.email "actions@github.com"
+          git tag "$TAG"
+          git push origin "$TAG"

.github/workflows/release.yml

@@ -24,47 +24,43 @@ jobs:
           echo "${{secrets.SIGNING_KEY}}" > ~/.gradle/secring.gpg.b64
           base64 -d ~/.gradle/secring.gpg.b64 > ~/.gradle/secring.gpg
       - name: Publish package
-        run: ./gradlew publishToSonatype closeStagingRepositories -Psigning.keyId=${{ secrets.SIGNING_KEY_ID }} -Psigning.password=${{ secrets.SIGNING_PASSWORD }} -Psigning.secretKeyRingFile=$(echo ~/.gradle/secring.gpg) --warn --stacktrace
+        run: ./gradlew publishToSonatype closeSonatypeStagingRepository -Psigning.keyId=${{ secrets.SIGNING_KEY_ID }} -Psigning.password=${{ secrets.SIGNING_PASSWORD }} -Psigning.secretKeyRingFile=$(echo ~/.gradle/secring.gpg) --warn --stacktrace
         env:
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
-#      - name: Close And Release Repository
-#        run: ./gradlew closeAndReleaseRepository
+
+#  verify:
+#    name: Verify Staged Release
+#    runs-on: ubuntu-latest
+#    needs: publish-and-close
+#    steps:
+#      - uses: actions/checkout@v4
+#      # Example checks you can add here:
+#      # - Run dependency scanner (osv-scanner)
+#      # - Run license checks
+#      # - Run static code analysis
+#
+#      - name: Dummy check (replace with real checks)
+#        run: |
+#          echo "Run your security / quality checks here."
+#
+#  release:
+#    name: Release Staging Repo
+#    environment: maven-central-release
+#    runs-on: ubuntu-latest
+#    needs: verify
+#    steps:
+#      - uses: actions/checkout@v4
+#
+#      - name: Set up JDK 11
+#        uses: actions/setup-java@v4
+#        with:
+#          java-version: '11'
+#          distribution: 'temurin'
+#
+#      - name: Release Staging Repo
 #        env:
 #          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-#          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
-  verify:
-    name: Verify Staged Release
-    runs-on: ubuntu-latest
-    needs: publish-and-close
-    steps:
-      - uses: actions/checkout@v4
-      # Example checks you can add here:
-      # - Run dependency scanner (osv-scanner)
-      # - Run license checks
-      # - Run static code analysis
-
-      - name: Dummy check (replace with real checks)
-        run: |
-          echo "Run your security / quality checks here."
-
-  release:
-    name: Release Staging Repo
-    environment: maven-central-release
-    runs-on: ubuntu-latest
-    needs: verify
-    steps:
-      - uses: actions/checkout@v4
-
-      - name: Set up JDK 11
-        uses: actions/setup-java@v4
-        with:
-          java-version: '11'
-          distribution: 'temurin'
-
-      - name: Release Staging Repo
-        env:
-          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
-          MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
-        run: |
-          ./gradlew releaseStagingRepositories
+#          MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
+#        run: |
+#          ./gradlew releaseSonatypeStagingRepository