Hi security team members, I'm tison from OpenDAL Podling[1], a Rust lib providing Java binding.
I already verify that GitHub Actions work well for automatically deploying OpenDAL Java binding[2]. When integrating it with upstream (apache/incuabtor-opendal), I met a problem that deploying Maven projects requires NEXUS credentials. For my personal repo, I can config my Apache ID and password as secrets. For apache repos, it requires handing over the credentials to INFRA team member. Even I can trust the member, it's a bit less than awesome. Fortunately, INFRA provides two org-wise secrets NEXUS_USER and NEXUS_PW for doing so[3]. But it's limited to deploying snapshots only. INFRA member suggested me to consult security team for approval for such automatic deployment and they would help to grant related permissions if approved. Please help review the request to support ASF projects deploying Maven project via GitHub Actions. Best, tison. [1] http://github.com/apache/incubator-opendal [2] https://github.com/tisonkun/ci-opendal/actions/runs/5326589752 [3] https://github.com/apache/incubator-opendal/blob/f887b671c0aae523d8862762eec71e6179e0975c/.github/workflows/bindings_java.yml#L192
