[build] automate the new java release publish

[titusfortner]

User description

I couldn't actually get what Diego put in the wiki to work. This rake command works.

---

PR Type

Enhancement

---

Description

• Add automated Java release publishing to Sonatype Maven repository

• Implement HTTP-based validation POST to Central Portal

• Integrate Base64 encoding for authentication credentials

• Conditionally invoke publish task during release workflow

---

Diagram Walkthrough

flowchart LR
  A["Java Release Task"] --> B["Package & Build Artifacts"]
  B --> C["Release to Maven Repo"]
  C --> D{Is Nightly?}
  D -->|No| E["Invoke Publish Task"]
  E --> F["Authenticate with Credentials"]
  F --> G["POST to Central Portal"]
  G --> H{Success?}
  H -->|Yes| I["Log Success"]
  H -->|No| J["Log Error & Exit"]

Loading

File Walkthrough

Relevant files

Enhancement

Rakefile Add automated Sonatype Maven repository publishing              Rakefile Added require 'base64' and require 'net/http' for HTTP authentication and requests Added conditional invocation of java:publish task in the release workflow Implemented new publish task that authenticates with Sonatype credentials and sends HTTP POST request to Central Portal Added error handling to validate HTTP response and exit on failure +33/-0

---

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Credential handling Description: Basic authentication credentials are constructed and sent over the network; while HTTPS is used, ensure no logging or unintended exposure of MAVEN_USER/MAVEN_PASSWORD, and verify that environment variables are handled securely in CI (masking and non-printing). Rakefile [993-1004] Referred Code read_m2_user_pass unless ENV['MAVEN_PASSWORD'] && ENV['MAVEN_USER'] user = ENV.fetch('MAVEN_USER') pass = ENV.fetch('MAVEN_PASSWORD') uri = URI('https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/org.seleniumhq') encoded = Base64.strict_encode64("#{user}:#{pass}") puts 'Triggering validation POST to Central Portal...' req = Net::HTTP::Post.new(uri) req['Authorization'] = "Basic #{encoded}" req['Accept'] = '*/*' req['Content-Length'] = '0'
	Operational robustness Description: Network timeouts are set but there is no retry/backoff, making the release pipeline susceptible to transient failure causing exits that may be abused for DoS against the build process; consider limited retries with jitter. Rakefile [1006-1017] Referred Code res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true, open_timeout: 10, read_timeout: 60) do |http| http.request(req) end if res.is_a?(Net::HTTPSuccess) puts "Manual upload triggered successfully (HTTP #{res.code})" else warn "Manual upload failed (HTTP #{res.code}): #{res.code} #{res.message}" warn res.body if res.body && !res.body.empty? exit(1) end
Ticket Compliance
⚪	🎫 No ticket provided - [ ] Create ticket/issue <!-- /create_ticket --create_ticket=true --> </details></td></tr>
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
⚪	No custom compliance provided Follow the guide to enable custom compliance check.
Update

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
High-level	Use Sonatype's official staging API The current implementation uses a fragile, undocumented /manual/upload endpoint. For a more robust solution, this should be replaced with Sonatype's official, documented REST API for managing and releasing staging repositories. Examples: Rakefile [991-1018] desc 'Publish to sonatype' task :publish do |_task| read_m2_user_pass unless ENV['MAVEN_PASSWORD'] && ENV['MAVEN_USER'] user = ENV.fetch('MAVEN_USER') pass = ENV.fetch('MAVEN_PASSWORD') uri = URI('https://ossrh-staging-api.central.sonatype.com/manual/upload/defaultRepository/org.seleniumhq') encoded = Base64.strict_encode64("#{user}:#{pass}") puts 'Triggering validation POST to Central Portal...' ... (clipped 18 lines) Solution Walkthrough: Before: # Rakefile task :publish do uri = URI('https://ossrh-staging-api.central.sonatype.com/manual/upload/...') req = Net::HTTP::Post.new(uri) # ... set auth headers ... res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) do |http| http.request(req) end if res.is_a?(Net::HTTPSuccess) puts "Manual upload triggered successfully" else warn "Manual upload failed" exit(1) end end After: # Rakefile (conceptual) # Using the documented Sonatype Staging REST API task :publish do # 1. Find the staging repository ID for the current artifacts # (e.g., GET /service/local/staging/profile_repositories) # 2. Close the staging repository to trigger validation # (e.g., POST /service/local/staging/bulk/close with repo ID) # 3. Poll for validation results until completion # (e.g., GET /service/local/staging/repository/{repoId}) # 4. If validation is successful, promote/release the repository # (e.g., POST /service/local/staging/bulk/promote with repo ID) end Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies a critical design flaw where the PR relies on a brittle, undocumented API, and proposes using the official, robust REST API, which is essential for the long-term stability of the release automation.	High
Possible issue	Add network error handling Wrap the Net::HTTP.start call in a begin...rescue block to handle potential network errors, such as timeouts or connection failures. Rakefile [1006-1009] -res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true, - open_timeout: 10, read_timeout: 60) do |http| - http.request(req) +begin + res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true, + open_timeout: 10, read_timeout: 60) do |http| + http.request(req) + end +rescue StandardError => e + warn "Failed to connect to Central Portal: #{e.message}" + exit(1) end Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies that network-level errors are unhandled and could crash the script, proposing a standard rescue block to improve robustness and provide a better error message.	Medium
	Validate credentials before use Replace ENV.fetch with ENV[] and add an explicit check to ensure MAVEN_USER and MAVEN_PASSWORD are set, exiting with a clear error message if they are missing. Rakefile [993-995] read_m2_user_pass unless ENV['MAVEN_PASSWORD'] && ENV['MAVEN_USER'] -user = ENV.fetch('MAVEN_USER') -pass = ENV.fetch('MAVEN_PASSWORD') +user = ENV['MAVEN_USER'] +pass = ENV['MAVEN_PASSWORD'] +unless user && pass + warn 'MAVEN_USER and MAVEN_PASSWORD must be set' + exit(1) +end + Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly points out that ENV.fetch will crash if credentials are not found, and proposes a more robust check that provides a clearer error message to the user.	Medium
Update

[qodo-code-review]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: Ruby / Unit Tests (3.2.8, macos) / Unit Tests (3.2.8, macos)

Failed stage: Run Bazel [❌]

Failed test name: //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel

Failure summary: The action failed because one Bazel test target timed out: - Test target //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel hit the timeout after ~1800s and was marked TIMEOUT (see lines 934–941, 1011–1013). - Overall: 67 tests were executed, 66 passed, and 1 failed due to timeout, causing the job to exit with code 3. - Test log path: /Users/runner/.bazel/execroot/_main/bazel-out/darwin_arm64-fastbuild/testlogs/rb/spec/unit/selenium/webdriver/common/interactions/pointer_cancel/test.log.

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 359: "enabled": true, 360: "files": [ 361: "./MODULE.bazel", 362: "./WORKSPACE.bazel", 363: "./WORKSPACE.bzlmod", 364: "./WORKSPACE" 365: ], 366: "name": "repository", 367: "paths": [ 368: "/Users/runner/.cache/bazel-repo" 369: ] 370: } 371: } 372: ##[endgroup] 373: ##[group]Restore cache for bazelisk 374: Failed to restore bazelisk cache 375: ##[endgroup] 376: ##[group]Restore cache for disk-rb-unit-test-3.2.8-macos 377: Failed to restore disk-rb-unit-test-3.2.8-macos cache 378: ##[endgroup] 379: ##[group]Restore cache for repository 380: Failed to restore repository cache 381: ##[endgroup] 382: ##[group]Restore cache for external-rb-unit-test-3.2.8-macos-manifest 383: Failed to restore external-rb-unit-test-3.2.8-macos-manifest cache 384: ##[endgroup] ... 928: �[32m[1,467 / 1,468]�[0m 66 / 67 tests;�[0m Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel; 1522s local, disk-cache 929: �[32m[1,467 / 1,468]�[0m 66 / 67 tests;�[0m Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel; 1586s local, disk-cache 930: �[32m[1,467 / 1,468]�[0m 66 / 67 tests;�[0m Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel; 1649s local, disk-cache 931: �[32m[1,467 / 1,468]�[0m 66 / 67 tests;�[0m Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel; 1714s local, disk-cache 932: �[32m[1,467 / 1,468]�[0m 66 / 67 tests;�[0m Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel; 1778s local, disk-cache 933: �[32m[1,467 / 1,468]�[0m 66 / 67 tests;�[0m Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel; 1800s local, disk-cache 934: �[31m�[1mTIMEOUT: �[0m//rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel (Summary) 935: ==================== Test output for //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel: 936: /Users/runner/.bazel/execroot/_main/bazel-out/darwin_arm64-fastbuild/testlogs/rb/spec/unit/selenium/webdriver/common/interactions/pointer_cancel/test.log 937: -- Test timed out at 2025-12-10 22:34:09 UTC -- 938: �[32mINFO: �[0mFrom Testing //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel: 939: ================================================================================ 940: �[32mINFO: �[0mFound 67 test targets... 941: �[32mINFO: �[0mElapsed time: 2473.783s, Critical Path: 1900.71s 942: �[32mINFO: �[0m1468 processes: 759 internal, 501 darwin-sandbox, 134 local, 74 worker. 943: �[32mINFO: �[0mBuild completed, 1 test FAILED, 1468 total actions 944: //rb/spec/unit/selenium:devtools �[0m�[32mPASSED�[0m in 1.5s ... 998: //rb/spec/unit/selenium/webdriver/ie:service �[0m�[32mPASSED�[0m in 1.6s 999: //rb/spec/unit/selenium/webdriver/remote:bridge �[0m�[32mPASSED�[0m in 1.1s 1000: //rb/spec/unit/selenium/webdriver/remote:capabilities �[0m�[32mPASSED�[0m in 1.3s 1001: //rb/spec/unit/selenium/webdriver/remote:driver �[0m�[32mPASSED�[0m in 1.1s 1002: //rb/spec/unit/selenium/webdriver/remote/http:common �[0m�[32mPASSED�[0m in 1.4s 1003: //rb/spec/unit/selenium/webdriver/remote/http:curb �[0m�[32mPASSED�[0m in 1.5s 1004: //rb/spec/unit/selenium/webdriver/remote/http:default �[0m�[32mPASSED�[0m in 1.4s 1005: //rb/spec/unit/selenium/webdriver/safari:driver �[0m�[32mPASSED�[0m in 1.3s 1006: //rb/spec/unit/selenium/webdriver/safari:options �[0m�[32mPASSED�[0m in 2.1s 1007: //rb/spec/unit/selenium/webdriver/safari:service �[0m�[32mPASSED�[0m in 1.2s 1008: //rb/spec/unit/selenium/webdriver/support:color �[0m�[32mPASSED�[0m in 1.3s 1009: //rb/spec/unit/selenium/webdriver/support:event_firing �[0m�[32mPASSED�[0m in 1.5s 1010: //rb/spec/unit/selenium/webdriver/support:select �[0m�[32mPASSED�[0m in 2.4s 1011: //rb/spec/unit/selenium/webdriver/common/interactions:pointer_cancel �[0m�[31m�[1mTIMEOUT�[0m in 1800.2s 1012: /Users/runner/.bazel/execroot/_main/bazel-out/darwin_arm64-fastbuild/testlogs/rb/spec/unit/selenium/webdriver/common/interactions/pointer_cancel/test.log 1013: Executed 67 out of 67 tests: 66 tests pass and �[0m�[31m�[1m1 fails locally�[0m. 1014: ##[error]Process completed with exit code 3. 1015: ##[group]Run actions/upload-artifact@v5 ... 1083: Sent 4519337 of 407172521 (1.1%), 2.2 MBs/sec 1084: Sent 138737065 of 407172521 (34.1%), 44.1 MBs/sec 1085: Sent 340063657 of 407172521 (83.5%), 81.0 MBs/sec 1086: Sent 340063657 of 407172521 (83.5%), 64.8 MBs/sec 1087: Sent 340063657 of 407172521 (83.5%), 54.0 MBs/sec 1088: Sent 340063657 of 407172521 (83.5%), 46.3 MBs/sec 1089: Sent 340063657 of 407172521 (83.5%), 40.5 MBs/sec 1090: Sent 340063657 of 407172521 (83.5%), 36.0 MBs/sec 1091: Sent 340063657 of 407172521 (83.5%), 32.4 MBs/sec 1092: Sent 340063657 of 407172521 (83.5%), 29.4 MBs/sec 1093: Sent 407172521 of 407172521 (100.0%), 33.5 MBs/sec 1094: Successfully saved cache 1095: ##[endgroup] 1096: ##[group]Save cache for external-aspect_rules_js++pnpm+pnpm 1097: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1098: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-aspect_rules_js++pnpm+pnpm-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1099: Successfully saved cache 1100: ##[endgroup] 1101: ##[group]Save cache for external-com_google_javascript_closure_library 1102: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1103: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-com_google_javascript_closure_library-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1104: Successfully saved cache 1105: ##[endgroup] 1106: ##[group]Save cache for external-protobuf+ 1107: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1108: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-protobuf+-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1109: Successfully saved cache 1110: ##[endgroup] 1111: ##[group]Save cache for external-rules_java++toolchains+remote_java_tools 1112: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1113: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_java++toolchains+remote_java_tools-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1114: Successfully saved cache 1115: ##[endgroup] 1116: ##[group]Save cache for external-rules_java++toolchains+remote_java_tools_darwin_arm64 1117: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1118: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_java++toolchains+remote_java_tools_darwin_arm64-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1119: Successfully saved cache 1120: ##[endgroup] 1121: ##[group]Save cache for external-rules_java++toolchains+remotejdk21_macos_aarch64 1122: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1123: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_java++toolchains+remotejdk21_macos_aarch64-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1124: Successfully saved cache 1125: ##[endgroup] 1126: ##[group]Save cache for external-rules_kotlin+ 1127: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1128: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_kotlin+-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1129: Successfully saved cache 1130: ##[endgroup] 1131: ##[group]Save cache for external-rules_nodejs++node+nodejs_darwin_arm64 1132: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1133: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_nodejs++node+nodejs_darwin_arm64-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1134: Successfully saved cache 1135: ##[endgroup] 1136: ##[group]Save cache for external-rules_python++python+python_3_10_aarch64-apple-darwin 1137: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1138: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_python++python+python_3_10_aarch64-apple-darwin-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1139: Successfully saved cache 1140: ##[endgroup] 1141: ##[group]Save cache for external-rules_ruby++ruby+bundle 1142: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1143: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_ruby++ruby+bundle-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1144: Successfully saved cache 1145: ##[endgroup] 1146: ##[group]Save cache for external-rules_ruby++ruby+ruby 1147: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1148: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_ruby++ruby+ruby-4be0147ef94768ccd6bd41f3696f827feed7fb2abc081d610529c22099162b56, another job may be creating this cache. 1149: Successfully saved cache 1150: ##[endgroup] 1151: ##[group]Save cache for external-rules_rust+ 1152: [command]/opt/homebrew/bin/gtar --posix -cf cache.tzst --exclude cache.tzst -P -C /Users/runner/work/selenium/selenium --files-from manifest.txt --delay-directory-restore --use-compress-program zstdmt 1153: Failed to save: Unable to reserve cache with key setup-bazel-2-darwin-external-rules_rust+-8a444bed24370c9a79dd2f58c1a44c7b11050dbb8df6842acab6cc8cea3fc2de, another job may be creating this cache. 1154: Successfully saved cache