From f1d7d0dc62fda473526fc80c2c50455e7e6d2abe Mon Sep 17 00:00:00 2001
From: oSumAtrIX <johan.melkonyan1@web.de>
Date: Wed, 14 Feb 2024 05:09:42 +0100
Subject: [PATCH] build: Sign release artifacts

---
 .github/workflows/release.yml |  7 +++++
 .releaserc                    |  2 +-
 build.gradle.kts              | 55 ++++++++++++++++++++++-------------
 3 files changed, 43 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 970ac34..9c384f3 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -41,6 +41,13 @@ jobs:
       - name: Install dependencies
         run: npm install
 
+      - name: Import GPG key
+        uses: crazy-max/ghaction-import-gpg@v6
+        with:
+          gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}
+          passphrase: ${{ secrets.GPG_PASSPHRASE }}
+          fingerprint: ${{ env.GPG_FINGERPRINT }}
+
       - name: Release
         env:
           GITHUB_TOKEN: ${{ secrets.REPOSITORY_PUSH_ACCESS }}
diff --git a/.releaserc b/.releaserc
index 85c3f70..308430b 100644
--- a/.releaserc
+++ b/.releaserc
@@ -31,7 +31,7 @@
       {
         "assets": [
           {
-            "path": "build/libs/*all.jar"
+            "path": "build/libs/*-all*"
           }
         ],
         successComment: false
diff --git a/build.gradle.kts b/build.gradle.kts
index fc12ab7..ca583a0 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -1,15 +1,29 @@
 plugins {
-    kotlin("jvm") version "1.9.10"
+    alias(libs.plugins.kotlin)
     alias(libs.plugins.shadow)
+    application
+    `maven-publish`
+    signing
 }
 
 group = "app.revanced"
 
+application {
+    mainClass = "app.revanced.cli.command.MainCommandKt"
+}
+
 repositories {
     mavenCentral()
     mavenLocal()
     google()
-    maven { url = uri("https://jitpack.io") }
+    maven {
+        // A repository must be speficied for some reason. "registry" is a dummy.
+        url = uri("https://maven.pkg.github.com/revanced/registry")
+        credentials {
+            username = project.findProperty("gpr.user") as String? ?: System.getenv("GITHUB_ACTOR")
+            password = project.findProperty("gpr.key") as String? ?: System.getenv("GITHUB_TOKEN")
+        }
+    }
 }
 
 dependencies {
@@ -36,9 +50,6 @@ tasks {
     }
 
     shadowJar {
-        manifest {
-            attributes("Main-Class" to "app.revanced.cli.command.MainCommandKt")
-        }
         minimize {
             exclude(dependency("org.jetbrains.kotlin:.*"))
             exclude(dependency("org.bouncycastle:.*"))
@@ -46,25 +57,29 @@ tasks {
         }
     }
 
-    build {
+    publish {
         dependsOn(shadowJar)
     }
+}
 
-    /*
-    Dummy task to hack gradle-semantic-release-plugin to release this project.
+// Needed by gradle-semantic-release-plugin.
+// Tracking: https://github.com/KengoTODA/gradle-semantic-release-plugin/issues/435
 
-    Explanation:
-    SemVer is a standard for versioning libraries.
-    For that reason the semantic-release plugin uses the "publish" task to publish libraries.
-    However, this subproject is not a library, and the "publish" task is not available for this subproject.
-    Because semantic-release is not designed to handle this case, we need to hack it.
+// The maven-publish is also necessary to make the signing plugin work.
+publishing {
+    repositories {
+        mavenLocal()
+    }
 
-    RE: https://github.com/KengoTODA/gradle-semantic-release-plugin/issues/435
-     */
-
-    register<DefaultTask>("publish") {
-        group = "publishing"
-        description = "Dummy task to hack gradle-semantic-release-plugin to release ReVanced CLI"
-        dependsOn(build)
+    publications {
+        create<MavenPublication>("revanced-cli-publication") {
+            from(components["java"])
+        }
     }
 }
+
+signing {
+    useGpgCmd()
+
+    sign(publishing.publications["revanced-cli-publication"])
+}