From 468a86a22f1ff9119e9b53c1da98d13d1ff61842 Mon Sep 17 00:00:00 2001 From: Hiroyuki Wada Date: Tue, 1 Jul 2025 21:54:14 +0900 Subject: [PATCH 1/2] fix: handle GitHub SCIM empty array limitation --- .../kohsuke/github/SCIMPatchOperations.java | 36 ++++++++++++++++--- 1 file changed, 32 insertions(+), 4 deletions(-) diff --git a/src/main/java/org/kohsuke/github/SCIMPatchOperations.java b/src/main/java/org/kohsuke/github/SCIMPatchOperations.java index dff695a..e0c8230 100644 --- a/src/main/java/org/kohsuke/github/SCIMPatchOperations.java +++ b/src/main/java/org/kohsuke/github/SCIMPatchOperations.java @@ -3,9 +3,7 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties; import com.fasterxml.jackson.annotation.JsonProperty; -import java.util.ArrayList; -import java.util.Collections; -import java.util.List; +import java.util.*; import java.util.stream.Collectors; @JsonIgnoreProperties(ignoreUnknown = true) @@ -67,10 +65,40 @@ public void replace(SCIMRole value) { } private Operation removeAllOp(String path) { + // GitHub SCIM API workaround for removing optional multi-valued attributes: + // Use [{"value": ""}] to remove roles attribute. + // + // Standard approaches that don't work: + // + // 1. Empty array + // {"op": "replace", "path": "roles", "value": []} + // → Error 400: {"scimType": "invalidSyntax", + // "detail": "Misconfigured IdP, missing or misconfigured attributes:\n + // No subschema in \"oneOf\" matched.\n + // For 'oneOf/0', [] is not a string.\n + // For 'oneOf/1', [] is not a boolean.\n + // For 'oneOf/2', [] is not an object.\n + // 1 item required; only 0 were supplied."} + // + // 2. Remove operation: + // {"op": "remove", "path": "roles"} + // → HTTP 200 OK (success response) but roles attribute is NOT removed + // + // Workaround results: + // - roles (optional): [{"value": ""}] → Success, attribute removed + // - emails (required): [{"value": ""}] → Error 400: + // {"scimType": "invalidSyntax", + // "detail": "Email values must be valid email addresses."} Operation op = new Operation(); op.op = "replace"; op.path = path; - op.value = Collections.emptyList(); + + List> values = new ArrayList<>(); + Map valueMap = new HashMap<>(); + valueMap.put("value", ""); + values.add(valueMap); + + op.value = values; return op; } From f8d8508064766d1452f6f998b62c11485b8c0013 Mon Sep 17 00:00:00 2001 From: Hiroyuki Wada Date: Tue, 1 Jul 2025 21:54:37 +0900 Subject: [PATCH 2/2] build: migrate from OSSRH to Maven Central Portal --- .github/workflows/pull_request.yml | 10 +++++----- .github/workflows/release.yml | 10 +++++----- pom.xml | 24 ++++++------------------ 3 files changed, 16 insertions(+), 28 deletions(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 32f5dd5..b0a0227 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -19,9 +19,9 @@ jobs: distribution: 'corretto' java-version: 11 cache: 'maven' - server-id: ossrh - server-username: OSSRH_JIRA_USERNAME - server-password: OSSRH_JIRA_PASSWORD + server-id: central + server-username: MAVEN_USERNAME + server-password: MAVEN_PASSWORD gpg-private-key: ${{ secrets.OSSRH_GPG_SECRET_KEY }} gpg-passphrase: OSSRH_GPG_SECRET_KEY_PASSWORD @@ -32,7 +32,7 @@ jobs: run: mvn -B -DskipTests deploy env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - OSSRH_JIRA_USERNAME: ${{ secrets.OSSRH_JIRA_USERNAME }} - OSSRH_JIRA_PASSWORD: ${{ secrets.OSSRH_JIRA_PASSWORD }} + MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c654698..c28d7c5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,9 +24,9 @@ jobs: distribution: 'corretto' java-version: 11 cache: 'maven' - server-id: ossrh - server-username: OSSRH_JIRA_USERNAME - server-password: OSSRH_JIRA_PASSWORD + server-id: central + server-username: MAVEN_USERNAME + server-password: MAVEN_PASSWORD gpg-private-key: ${{ secrets.OSSRH_GPG_SECRET_KEY }} gpg-passphrase: OSSRH_GPG_SECRET_KEY_PASSWORD @@ -44,7 +44,7 @@ jobs: @semantic-release/git@10 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - OSSRH_JIRA_USERNAME: ${{ secrets.OSSRH_JIRA_USERNAME }} - OSSRH_JIRA_PASSWORD: ${{ secrets.OSSRH_JIRA_PASSWORD }} + MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} OSSRH_GPG_SECRET_KEY_PASSWORD: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} diff --git a/pom.xml b/pom.xml index fcfc62c..9c3eb23 100644 --- a/pom.xml +++ b/pom.xml @@ -46,17 +46,6 @@ https://github.com/openstandia/connector-github - - - ossrh - https://oss.sonatype.org/content/repositories/snapshots - - - ossrh - https://oss.sonatype.org/service/local/staging/deploy/maven2/ - - - jp.openstandia.connector.github GitHubConnector @@ -103,15 +92,14 @@ - org.sonatype.plugins - nexus-staging-maven-plugin - 1.6.8 + org.sonatype.central + central-publishing-maven-plugin + 0.8.0 true - ossrh - https://oss.sonatype.org/ - true - 30 + true + published + https://central.sonatype.com/repository/maven-snapshots