MobilityData
diff --git a/‎.github/workflows/publish_assets.yml
Lines changed: 17 additions & 16 deletions b/‎.github/workflows/publish_assets.yml
Lines changed: 17 additions & 16 deletions
diff --git a/‎.github/workflows/publish_snapshots.yml
Lines changed: 50 additions & 0 deletions b/‎.github/workflows/publish_snapshots.yml
Lines changed: 50 additions & 0 deletions
diff --git a/‎README.md
Lines changed: 1 addition & 1 deletion b/‎README.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎build.gradle
Lines changed: 66 additions & 27 deletions b/‎build.gradle
Lines changed: 66 additions & 27 deletions
diff --git a/‎docs/ACCEPTANCE_TESTS.md
Lines changed: 1 addition & 1 deletion b/‎docs/ACCEPTANCE_TESTS.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/BRANCHING.md
Lines changed: 1 addition & 1 deletion b/‎docs/BRANCHING.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/CONTRIBUTING.md
Lines changed: 2 additions & 2 deletions b/‎docs/CONTRIBUTING.md
Lines changed: 2 additions & 2 deletions
@@ -14,7 +14,13 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
+        with:
+          # We need to download all tags so that the axion-release-plugin can resolve the most recent version tag.
+          # This is useful only for the manual trigger.
+          # For the release trigger, the tag is available on the current commit.
+          fetch-depth: 0
+
       # Get the version from the commit. This will depend on the trigger of the workflow
       # If the trigger is release, the version will be the tag on the commit.
       # If the trigger is a workflow_dispatch, the version will be the branch name, which is
@@ -91,27 +97,22 @@ jobs:
           asset_name: javadocs.zip
           asset_content_type: application/zip
 
-      # The following steps will publish artifacts to a sonatype staging repo with the aim of promoting them to maven central
-      # Pretty much everything is done through gradle.
-      # The version used will be according to the axion-release-plugin, meaning it will take a tag if present.
-      # The tag should follow semantic versioning, e.g. v1.2.3. There could be a suffix, e.g. v1.2.3-TEST
-      # gradle will build, sign then upload artifacts to a Sonatype staging repo.
-      # See https://s01.oss.sonatype.org for accessing these repos.
-      # At this point it should manually be closed, which will trigger acceptance tests for maven central (but not transfer yet)
-      # Once closed, the repo is available for testing.
-      # After testing, it can be manually promoted on the sonatype site, which will then publish to maven central.
-      # Note than once in maven central a release cannot be removed or altered.
-
       - name: Load secrets from 1Password
         id: onepw_secrets
         uses: ./.github/actions/extract-1password-secret
         with:
           OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} # This is required to connect to the vault in our 1Password account.
-          VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, SONATYPE_TOKEN_USERNAME, SONATYPE_TOKEN_PASSWORD'
+          VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME, MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD'
           ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
 
-      - name: Build and Publish to Sonatype
+      - name: Build and Publish to Maven Central
         run: |
-          # Don't verify since it has already been done when the PR was created.
-          ./gradlew publish --rerun-tasks -x spotlessCheck
+          # Publishing to Maven Central will fail if the version is a snapshot, i.e. there is no version tag
+          # directly on the current commit.
+          # See https://repo1.maven.org/maven2/org/mobilitydata/gtfs-validator/ for the maven central repository.
+          # Once this step is done, the artefacts will be validated but not yet published.
+          # See https://central.sonatype.com/publishing/deployments (you need to login as mobilitydata)
+          # From this page you can examine the list of artefacts, and either drop them or release them.
+          # Note that once released, the artefacts cannot be removed or altered.
+          ./gradlew publishToMavenCentral
 
@@ -0,0 +1,50 @@
+name: Publish Jars Snapshots
+
+on:
+  push:
+    branches: [ master ]
+    paths:
+      - 'core/src/main/**'
+      - 'main/src/main/**'
+      - 'model/src/main/**'
+      - 'build.gradle'
+      - '.github/workflows/publish_snapshots.yml'
+  workflow_dispatch:
+
+env:
+  java_version: '17'
+  java_distribution: 'zulu'
+
+jobs:
+  publish-snapshots:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          # We need to download all tags so that the axion-release-plugin
+          # can resolve the most recent version tag.
+          fetch-depth: 0
+
+      - name: Set up JDK ${{ env.java_version }}-${{ env.java_distribution }}
+        uses: actions/setup-java@v3
+        with:
+          java-version: ${{ env.java_version }}
+          distribution: ${{ env.java_distribution }}
+
+      - name: Load secrets from 1Password
+        id: onepw_secrets
+        uses: ./.github/actions/extract-1password-secret
+        with:
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }} # This is required to connect to the vault in our 1Password account.
+          VARIABLES_TO_EXTRACT: 'MAVEN_GPG_PASSPHRASE, MAVEN_GPG_PRIVATE_KEY, MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME, MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD'
+          ONE_PASSWORD_SECRET_REFERENCES: ${{ vars.ONE_PASSWORD_SECRET_REFERENCES }}
+
+      - name: Build and Publish to the snapshot repository
+        run: |
+          # Publishing to the snapshot repository will fail if the current commit has a version tag.
+          # Which in effect makes it a release.
+          # See https://central.sonatype.com/service/rest/repository/browse/maven-snapshots/org/mobilitydata/gtfs-validator/
+          # for the snapshot repository.
+          ./gradlew publishToSnapshotRepository
+
@@ -63,7 +63,7 @@ To facilitate easier debugging and logging, we have made our user agent header e
 ### Run it
 Once installed, run the application and you will see the following screen:
 
-![Application-Windows](/docs/Application-Windows.png)
+![Application-Windows](/docs/images/Application-Windows.png)
 
 There are two primary options to set:
 
 
@@ -15,14 +15,15 @@
  */
 /*
  * A note about publishing and signing.
- * Maven central requires that artifacts be signed. And upload is done to Sonatype.
+ * Maven central requires that artifacts be signed. And upload is done via Maven Central Portal.
  * To publish you will need these environment variables defined:
- *       SONATYPE_TOKEN_USERNAME
- *       SONATYPE_TOKEN_PASSWORD
+ *       MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME
+ *       MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD
  *       MAVEN_GPG_PRIVATE_KEY
  *       MAVEN_GPG_PASSPHRASE
- * Suggestion is to put these in a shell script with restricted read permissions, then source it before calling
- * ./gradlew publish.
+ * If run manually, the suggestion is to put these in a shell script with restricted read permissions,
+ * then source it before calling ./gradlew
+ * If run from a Github action, make sure these environment variables are defined.
  */
 plugins {
     id 'java'
@@ -58,6 +59,7 @@ allprojects {
 
     tasks.withType(Javadoc) {
         options.encoding = 'UTF-8'
+        options.addStringOption('Xdoclint:none', '-quiet')
     }
 
     // All projects that include the 'java` plugin will have a Test task by default.
@@ -82,16 +84,6 @@ subprojects {
     apply plugin: 'java'
     apply plugin: libs.plugins.spotless.get().pluginId
 
-    // Cannot publish a SNAPSHOT. The provided sonatype url will not accept it.
-    tasks.withType(PublishToMavenRepository).all { task ->
-        task.onlyIf {
-            if (project.version.toString().contains('SNAPSHOT')) {
-                throw new GradleException("Publishing is not allowed for SNAPSHOT versions. Currently " + project.version)
-            }
-            true
-        }
-    }
-
     task javadocJar(type: Jar) {
         archiveClassifier.set('javadoc')
         from javadoc
@@ -111,24 +103,29 @@ subprojects {
 
     // These modules require the same publishing configuration, apart from the name of the module
     // Also we want to limit artefact publishing to these modules.
-    if (project.name == 'main' ||
-            project.name == 'core' ||
-            project.name == 'model') {
+    if (project.name == 'main'
+            || project.name == 'core'
+            || project.name == 'model'
+         ) {
         def fullProjectName = 'gtfs-validator-' + project.name
 
         afterEvaluate {
             publishing {
                 repositories {
-                    // This is the sonatype staging repo for maven.
-                    // Once uploaded, the repo needs to be manually closed, which will trigger acceptance tests for
-                    // maven central (but not transfer yet).
-                    // Once successfully closed, the repo is available for testing.
-                    // After testing, it can be manually promoted on the sonatype site, which will then publish to maven central.
                     maven {
-                        url = 'https://s01.oss.sonatype.org/service/local/staging/deploy/maven2'
-                        credentials {
-                            username System.getenv("SONATYPE_TOKEN_USERNAME")
-                            password System.getenv("SONATYPE_TOKEN_PASSWORD")
+                        // Snapshot uses a different repository than release.
+                        // The publish in that case will upload to Maven Central snapshot repository.
+                        if (version.endsWith('SNAPSHOT')) {
+                            url = 'https://central.sonatype.com/repository/maven-snapshots/'
+                            credentials {
+                                username = System.getenv("MAVEN_CENTRAL_PORTAL_TOKEN_USERNAME")
+                                password = System.getenv("MAVEN_CENTRAL_PORTAL_TOKEN_PASSWORD")
+                            }
+                        } else {
+                            // For releases, the publish task does not upload to MavenCentral.
+                            // It just the artifacts directory hierarchy on the local disk,
+                            // The actual zipping and uploading is done in the publishToMavenCentral task.
+                            url = "${buildDir}/local-repo"
                         }
                     }
                 }
@@ -172,9 +169,51 @@ subprojects {
                 useInMemoryPgpKeys(System.getenv('MAVEN_GPG_PRIVATE_KEY'), System.getenv('MAVEN_GPG_PASSPHRASE'))
                 sign publishing.publications.mavenJava
             }
+
+
+            tasks.register('publishToMavenCentral') {
+                // We want to do call the publish task only if the version is a release (ie not a snapshot).
+                // Without this conditional, with a snapshot it would do the publish first, then throw the Exception below.
+                // But since the dependsOn is within the conditional, the dependency is not created for snapshot versions
+                // so the publish in that case is never executed.
+                if (!version.toString().endsWith('SNAPSHOT')) {
+                    dependsOn tasks.publish
+                }
+                doFirst {
+                    if (version.toString().endsWith('SNAPSHOT')) {
+                        throw new GradleException("Version \"" + version +
+                                "\" is a snapshot. Cannot publish to Maven Central")
+                    }
+                }
+
+                doLast {
+                    exec {
+                        workingDir project.projectDir
+                        commandLine 'bash', "${project.rootDir}/scripts/publish_to_maven_central.sh", project.name, project.version
+                    }
+                }
+            }
+
+            tasks.register('publishToSnapshotRepository') {
+                // We want to do call the publish task only if the version is a snapshot.
+                // Without this conditional, with a release it would do the publish first, then throw the Exception below.
+                // But since the dependsOn is within the conditional, the dependency is not created for release versions
+                // so the publish in that case is never executed.
+                if (version.toString().endsWith('SNAPSHOT')) {
+                    dependsOn tasks.publish
+                }
+                doFirst {
+                    if (!version.toString().endsWith('SNAPSHOT')) {
+                        throw new GradleException("Version \"" + version +
+                                "\" is a NOT a snapshot. Cannot publish to the snapshot repository")
+                    }
+                }
+            }
         }
 
+
     }
+
     compileJava {
         options.compilerArgs << '-parameters'
     }
 
@@ -102,7 +102,7 @@ The source id can be used to find all datasets versions of a source on the [Mobi
 ## What do we do with the results?
 We follow this process:
 
-<img src="/docs/Acceptance-test-process.jpg" width="750">
+<img src="/docs/images/Acceptance-test-process.jpg" width="750">
 
 ## Performance metrics within the acceptance reports
 
 
@@ -16,7 +16,7 @@
   - A maintenance is created if some bug has to be corrected before the next scheduled release.
     - As an example see [#1663](https://github.com/MobilityData/gtfs-validator/pull/1653) in the gtfs-validator repository.
 
-![](BranchingDiagram.png)
+![](images/BranchingDiagram.png)
 
 ## Feature/fix branches
 
 
@@ -88,7 +88,7 @@ This process is described in more detail in the GitHub documentation [**Contribu
 
 This image shows the tests implemented in the Pull Request process.
 
-<img src="/docs/Pull-Request-process.jpg" width="700">
+<img src="/docs/images/Pull-Request-process.jpg" width="700">
 
 ## Pull Request comments and reviews
 Reviewing Pull Requests is a great way to get familiar with the code & architecture of this tool, and to make sure a functionality meets your needs. Each Pull Request has to be approved by at least one one core developer, but having community members helping with this process is significant for the MobilityData team. Additionally, having the eyes of people from different expertise and backgrounds on a contribution makes it higher quality (nobody can think of everything!).
@@ -131,7 +131,7 @@ A critical step in troubleshooting is being able to reproduce the problem. Instr
 
 The acceptance test is a key part of the Pull Request process. More information about this test is available in the [ACCEPTANCE_TEST.md](/docs/ACCEPTANCE_TESTS.md) file.
 
-<img src="/docs/Acceptance-test-process.jpg" width="650">
+<img src="/docs/images/Acceptance-test-process.jpg" width="650">
 
 **How to run tests locally?**