From 8a25e9b46fa1fe5d5e58040df30390a3ca8c8b37 Mon Sep 17 00:00:00 2001 From: Jay McNallie Date: Thu, 9 Apr 2026 20:35:19 -0700 Subject: [PATCH 1/2] Switch to Nexus (repo.codice.org) --- .github/workflows/ci.yml | 43 +++++------------------------------ .github/workflows/release.yml | 6 +++-- 2 files changed, 10 insertions(+), 39 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3d4c9a3..50462fd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -66,9 +66,6 @@ jobs: (github.ref == 'refs/heads/master' || contains(github.ref, '.x')) runs-on: ubuntu-latest environment: production - permissions: - id-token: write - contents: read steps: - name: Checkout uses: actions/checkout@v4 @@ -80,46 +77,18 @@ jobs: distribution: 'temurin' cache: maven - - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@v4 - with: - role-to-assume: arn:aws:iam::072882638589:role/github-actions-codeartifact - aws-region: us-east-1 - - - name: Get CodeArtifact token - run: | - CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token \ - --domain codice \ - --domain-owner 072882638589 \ - --query authorizationToken \ - --output text) - echo "CODEARTIFACT_AUTH_TOKEN=$CODEARTIFACT_AUTH_TOKEN" >> $GITHUB_ENV - - name: Create Maven Settings + env: + NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }} + NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }} run: | mkdir -p ~/.m2 - cat > ~/.m2/settings.xml << 'EOF' - - - - releases - aws - ${env.CODEARTIFACT_AUTH_TOKEN} - - - snapshots - aws - ${env.CODEARTIFACT_AUTH_TOKEN} - - - - EOF + printf '\n \n \n releases\n %s\n %s\n \n \n snapshots\n %s\n %s\n \n \n\n' "$NEXUS_USERNAME" "$NEXUS_PASSWORD" "$NEXUS_USERNAME" "$NEXUS_PASSWORD" > ~/.m2/settings.xml - name: Deploy run: | - CODEARTIFACT_URL=https://codice-072882638589.d.codeartifact.us-east-1.amazonaws.com/maven mvn deploy $MAVEN_CLI_OPTS \ -DskipTests=true \ -DretryFailedDeploymentCount=10 \ - -Dreleases.repository.url="${CODEARTIFACT_URL}/releases/" \ - -Dsnapshots.repository.url="${CODEARTIFACT_URL}/snapshots/" + -Dreleases.repository.url=https://repo.codice.org/repository/maven-releases/ \ + -Dsnapshots.repository.url=https://repo.codice.org/repository/maven-snapshots/ diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c516183..5398d0b 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,7 +3,9 @@ on: workflow_dispatch: permissions: contents: read - id-token: write jobs: deploy: - uses: codice/release-pipelines/.github/workflows/maven-manual-deploy.yml@aws-codeartifact + uses: codice/release-pipelines/.github/workflows/maven-manual-deploy.yml@nexus-deploy + secrets: + nexus_username: ${{ secrets.NEXUS_USERNAME }} + nexus_password: ${{ secrets.NEXUS_PASSWORD }} From ec5c8a69ca54f8cd758a881ea05d465082abd70e Mon Sep 17 00:00:00 2001 From: Jay McNallie Date: Thu, 9 Apr 2026 21:35:08 -0700 Subject: [PATCH 2/2] Point workflows at main --- .github/workflows/release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5398d0b..4f99059 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -5,7 +5,7 @@ permissions: contents: read jobs: deploy: - uses: codice/release-pipelines/.github/workflows/maven-manual-deploy.yml@nexus-deploy + uses: codice/release-pipelines/.github/workflows/maven-manual-deploy.yml@main secrets: nexus_username: ${{ secrets.NEXUS_USERNAME }} nexus_password: ${{ secrets.NEXUS_PASSWORD }}