## Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
## SPDX-License-Identifier: Apache-2.0

version: 0.2

env:
  variables:
    BRANCH: "main"
  secrets-manager:
    GPG_KEY: Maven-GPG-Keys-Release-Credentials:Keyname
    GPG_PASS: Maven-GPG-Keys-Release-Credentials:Passphrase
    SONA_USERNAME: Sonatype-Team-Account:Username 
    SONA_PASSWORD: Sonatype-Team-Account:Password

phases:
  install:
    runtime-versions:
      java: corretto11
  pre_build:
    commands:
      # Test execution environment variables
      - export AWS_S3EC_TEST_BUCKET=s3ec-release-test-bucket
      - export AWS_S3EC_TEST_KMS_KEY_ID=arn:aws:kms:us-west-2:${ACCOUNT}:key/af4ce40a-05ab-4f7c-b3fa-97bd0c9b7fb1
      - export AWS_S3EC_TEST_KMS_KEY_ALIAS=arn:aws:kms:us-west-2:${ACCOUNT}:alias/S3EC-Release-Testing-KMS-Key
      - export AWS_REGION=us-west-2
      - git checkout $BRANCH
      - export SETTINGS_FILE=$(pwd)/codebuild/release/settings.xml
      - aws secretsmanager get-secret-value --region us-west-2 --secret-id Maven-GPG-Keys-Release --query SecretBinary --output text | base64 -d > ~/mvn_gpg.tgz
      - tar -xvf ~/mvn_gpg.tgz -C ~
  build:
    commands:
      - |
        mvn deploy \
          -Ppublishing \
          -DskipTests \
          -DperformRelease \
          -Dgpg.homedir="$HOME/mvn_gpg" \
          -DautoReleaseAfterClose=true \
          -Dgpg.keyname="$GPG_KEY" \
          -Dgpg.passphrase="$GPG_PASS" \
          -Dsonatype.username="$SONA_USERNAME" \
          -Dsonatype.password="$SONA_PASSWORD" \
          --no-transfer-progress \
          -s $SETTINGS_FILE