diff --git a/.github/workflows/e2e-publishing.yml b/.github/workflows/e2e-publishing.yml
index dd7bd435..57596fa7 100644
--- a/.github/workflows/e2e-publishing.yml
+++ b/.github/workflows/e2e-publishing.yml
@@ -36,6 +36,10 @@ jobs:
server-username: MAVEN_USERNAME
server-password: MAVEN_CENTRAL_TOKEN
gpg-passphrase: MAVEN_GPG_PASSPHRASE
+ env:
+ MAVEN_USERNAME: MAVEN_USERNAME
+ MAVEN_CENTRAL_TOKEN: MAVEN_CENTRAL_TOKEN
+ MAVEN_GPG_PASSPHRASE: MAVEN_GPG_PASSPHRASE
- name: Validate settings.xml
run: |
$xmlPath = Join-Path $HOME ".m2" "settings.xml"
@@ -43,11 +47,11 @@ jobs:
[xml]$xml = Get-Content $xmlPath
$servers = $xml.settings.servers.server
- if (($servers[0].id -ne 'maven') -or ($servers[0].username -ne '${env.MAVEN_USERNAME}') -or ($servers[0].password -ne '${env.MAVEN_CENTRAL_TOKEN}')) {
+ if (($servers[0].id -ne 'maven') -or ($servers[0].username -ne 'MAVEN_USERNAME') -or ($servers[0].password -ne 'MAVEN_CENTRAL_TOKEN')) {
throw "Generated XML file is incorrect"
}
- if (($servers[1].id -ne 'gpg.passphrase') -or ($servers[1].passphrase -ne '${env.MAVEN_GPG_PASSPHRASE}')) {
+ if (($servers[1].id -ne 'gpg.passphrase') -or ($servers[1].passphrase -ne 'MAVEN_GPG_PASSPHRASE')) {
throw "Generated XML file is incorrect"
}
@@ -77,6 +81,10 @@ jobs:
server-username: MAVEN_USERNAME
server-password: MAVEN_CENTRAL_TOKEN
gpg-passphrase: MAVEN_GPG_PASSPHRASE
+ env:
+ MAVEN_USERNAME: MAVEN_USERNAME
+ MAVEN_CENTRAL_TOKEN: MAVEN_CENTRAL_TOKEN
+ MAVEN_GPG_PASSPHRASE: MAVEN_GPG_PASSPHRASE
- name: Validate settings.xml is overwritten
run: |
$xmlPath = Join-Path $HOME ".m2" "settings.xml"
@@ -114,6 +122,10 @@ jobs:
server-password: MAVEN_CENTRAL_TOKEN
overwrite-settings: false
gpg-passphrase: MAVEN_GPG_PASSPHRASE
+ env:
+ MAVEN_USERNAME: MAVEN_USERNAME
+ MAVEN_CENTRAL_TOKEN: MAVEN_CENTRAL_TOKEN
+ MAVEN_GPG_PASSPHRASE: MAVEN_GPG_PASSPHRASE
- name: Validate that settings.xml is not overwritten
run: |
$xmlPath = Join-Path $HOME ".m2" "settings.xml"
@@ -145,6 +157,10 @@ jobs:
server-password: MAVEN_CENTRAL_TOKEN
gpg-passphrase: MAVEN_GPG_PASSPHRASE
settings-path: ${{ runner.temp }}
+ env:
+ MAVEN_USERNAME: MAVEN_USERNAME
+ MAVEN_CENTRAL_TOKEN: MAVEN_CENTRAL_TOKEN
+ MAVEN_GPG_PASSPHRASE: MAVEN_GPG_PASSPHRASE
- name: Validate settings.xml location
run: |
$path = Join-Path $env:RUNNER_TEMP "settings.xml"
diff --git a/__tests__/auth.test.ts b/__tests__/auth.test.ts
index 06591da7..bf5a8fce 100644
--- a/__tests__/auth.test.ts
+++ b/__tests__/auth.test.ts
@@ -1,8 +1,8 @@
-import * as io from '@actions/io';
import * as core from '@actions/core';
+import * as io from '@actions/io';
import * as fs from 'fs';
-import * as path from 'path';
import os from 'os';
+import * as path from 'path';
import * as auth from '../src/auth';
import {M2_DIR, MVN_SETTINGS_FILE} from '../src/constants';
@@ -10,6 +10,14 @@ import {M2_DIR, MVN_SETTINGS_FILE} from '../src/constants';
const m2Dir = path.join(__dirname, M2_DIR);
const settingsFile = path.join(m2Dir, MVN_SETTINGS_FILE);
+// escape xml special characters
+function escapeXml(unsafeStr: string) {
+ return unsafeStr
+ .replace(/&/g, '&')
+ .replace(//g, '>');
+}
+
describe('auth tests', () => {
let spyOSHomedir: jest.SpyInstance;
let spyInfo: jest.SpyInstance;
@@ -157,19 +165,22 @@ describe('auth tests', () => {
const username = 'USER';
const password = '&<>"\'\'"><&';
+ process.env['username'] = username;
+ process.env['password'] = password;
+
const expectedSettings = `
- ${id}
- \${env.${username}}
- \${env.&<>"''"><&}
+ ${escapeXml(id)}
+ ${escapeXml(username)}
+ ${escapeXml(password)}
`;
- expect(auth.generate(id, username, password)).toEqual(expectedSettings);
+ expect(auth.generate(id, 'username', 'password')).toEqual(expectedSettings);
});
it('generates valid settings.xml with additional configuration', () => {
@@ -178,23 +189,27 @@ describe('auth tests', () => {
const password = '&<>"\'\'"><&';
const gpgPassphrase = 'PASSPHRASE';
+ process.env['username'] = username;
+ process.env['password'] = password;
+ process.env['gpgPassphrase'] = gpgPassphrase;
+
const expectedSettings = `
- ${id}
- \${env.${username}}
- \${env.&<>"''"><&}
+ ${escapeXml(id)}
+ ${escapeXml(username)}
+ ${escapeXml(password)}
gpg.passphrase
- \${env.${gpgPassphrase}}
+ ${escapeXml(gpgPassphrase)}
`;
- expect(auth.generate(id, username, password, gpgPassphrase)).toEqual(
+ expect(auth.generate(id, 'username', 'password', 'gpgPassphrase')).toEqual(
expectedSettings
);
});
diff --git a/dist/setup/index.js b/dist/setup/index.js
index f8c70dab..edd7b373 100644
--- a/dist/setup/index.js
+++ b/dist/setup/index.js
@@ -122463,9 +122463,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
};
Object.defineProperty(exports, "__esModule", ({ value: true }));
exports.generate = exports.createAuthenticationSettings = exports.configureAuthentication = void 0;
-const path = __importStar(__nccwpck_require__(71017));
const core = __importStar(__nccwpck_require__(42186));
const io = __importStar(__nccwpck_require__(47351));
+const path = __importStar(__nccwpck_require__(71017));
const fs = __importStar(__nccwpck_require__(57147));
const os = __importStar(__nccwpck_require__(22037));
const xmlbuilder2_1 = __nccwpck_require__(70151);
@@ -122517,8 +122517,8 @@ function generate(id, username, password, gpgPassphrase) {
server: [
{
id: id,
- username: `\${env.${username}}`,
- password: `\${env.${password}}`
+ username: process.env[username],
+ password: process.env[password]
}
]
}
@@ -122527,7 +122527,7 @@ function generate(id, username, password, gpgPassphrase) {
if (gpgPassphrase) {
const gpgServer = {
id: 'gpg.passphrase',
- passphrase: `\${env.${gpgPassphrase}}`
+ passphrase: process.env[gpgPassphrase]
};
xmlObj.settings.servers.server.push(gpgServer);
}
diff --git a/docs/advanced-usage.md b/docs/advanced-usage.md
index ede356f9..8686a2fa 100644
--- a/docs/advanced-usage.md
+++ b/docs/advanced-usage.md
@@ -182,7 +182,7 @@ steps:
jdkFile: ${{ runner.temp }}/java_package.tar.gz
java-version: '11.0.0'
architecture: x64
-
+
- run: java -cp java HelloWorldApp
```
@@ -285,7 +285,10 @@ jobs:
server-password: MAVEN_CENTRAL_TOKEN # env variable for token in deploy
gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
-
+ env:
+ MAVEN_USERNAME: ${{ vars.MAVEN_USERNAME }} # set the env variable for username
+ MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }} # set the env variable for token
+ MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} # set the env variable for GPG private key passphrase
- name: Publish to Apache Maven Central
run: mvn deploy
env:
@@ -527,7 +530,7 @@ steps:
## Java-version file
If the `java-version-file` input is specified, the action will try to extract the version from the file and install it.
-Action is able to recognize all variants of the version description according to [jenv](https://github.com/jenv/jenv).
+Action is able to recognize all variants of the version description according to [jenv](https://github.com/jenv/jenv).
Valid entry options:
```
major versions: 8, 11, 16, 17, 21
diff --git a/src/auth.ts b/src/auth.ts
index c8ea6291..46d1bf7c 100644
--- a/src/auth.ts
+++ b/src/auth.ts
@@ -1,6 +1,6 @@
-import * as path from 'path';
import * as core from '@actions/core';
import * as io from '@actions/io';
+import * as path from 'path';
import * as fs from 'fs';
import * as os from 'os';
@@ -84,8 +84,8 @@ export function generate(
server: [
{
id: id,
- username: `\${env.${username}}`,
- password: `\${env.${password}}`
+ username: process.env[username],
+ password: process.env[password]
}
]
}
@@ -95,7 +95,7 @@ export function generate(
if (gpgPassphrase) {
const gpgServer = {
id: 'gpg.passphrase',
- passphrase: `\${env.${gpgPassphrase}}`
+ passphrase: process.env[gpgPassphrase]
};
xmlObj.settings.servers.server.push(gpgServer);
}