Automate Publishing to Maven Central via CI

[stigi]

Change description

This is a simple setup to publish the SDKs to Mave Central. It automates signing and uploading the release.
Currently it is still necessary to promote the build manually in the Nexus Repository Manager. Open "Staging Repository" and promote the artifact (aka Open, Close and Release).

I set out with these goals while working on this PR:

Goals

1. Automate as much as possible
   See above. I'm still looking for ways to automate promoting the artifact to release
2. Keep the config as simple as possible
   I think this PR does this nicely, by not adding additional constraints between the differnt workflows
3. Only publish if tests are passing
   I tried solutions that would use worklow logic, and dependend jobs to make the release job fail if the existing build and test CI job failed, but that complicated things to much, so I've opted for running lint and test tasks inside the publish workflow as sanity checks.
4. Only publish after a release
   My first attempt was setting up the publish as a dependent workflow of the changesets workflow, by using workflow_call primitives, but this collided with goal 2. Using the on: release trigger is much simpler and should work equally well. 🤞
5. Don't repeat work
   It's hard to Gradle transfer build results between jobs (and convince Gradle to not redo the work!). I experimented with having only one gradle workflow, that does everything from building, testing and linting to (conditionally) publishing, but all that collided with goal 2.

Keeping goal 2 a priority, and considering that SDK release workflows don't run often, I generally opted for not optimizing job runtime, but rather to repeat some of the work.

Current State

I wasn't able to publish the current version using this workflow yet (see steps in testplan), but I hope it's just caused by the fact that version 2.0.0 is already published, and hope that it would work with the next version.

Here's the error, showing that PUT on version 2.0.0 failed.

| > Failed to publish publication 'release' to repository 'maven'
|    > Could not PUT 'https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/com/magicbell/magicbell-sdk/2.0.0/magicbell-sdk-2.0.0.aar'. Received status code 401 from server: Content access is protected by token

Test Plan

Tested that the flow runs locally by using act and providing the secrets.

act -P ubuntu-latest=catthehacker/ubuntu:full-latest \
  -s SIGNING_KEYID -s SIGNING_PASSWORD -s SIGNING_KEYRING \
  -s NEXUS_USERNAME -s NEXUS_PASSWORD \
release

Important: This assumes you have the full act runner image available, which have Android SDK support.

Type of Change

• Bug fix
• Feature
• Enhancement

Guidelines

• A changeset is included, or the change is not noteworthy enough to warrant one

[stigi]

@smeijer I can not be 100% certain that this works until we release the new version (#26)

If it doesn't work I'll fixup this workflow after #26 is merged.

[smeijer]

@stigi sounds good!

[stigi]

I've merged #26 and released version 3.0.0 via CI for the first time. The first try also failed with the same error, but after updating the Nexus username and password in action secrets it worked simply by rerunning the job.

Turns out Sonatype changed the requirements recently, so you can no longer use regular logins, but have to create an access token.