Simplify release workflow with tag trigger and setup-java

- Trigger on tag push (v*) instead of branch push
- Use setup-java built-in GPG and server credential support
- Run mvn deploy to actually publish to Maven Central
- Remove manual GPG import and -Prelease flag

https://claude.ai/code/session_01KxvyXRVVZaLrgTZshvsZY6

Author: claude

.github/workflows/release.yml

@@ -2,7 +2,7 @@ name: Release
 
 on:
   push:
-    branches: [ releases ]
+    tags: [ 'v*' ]
 
 jobs:
   release:
@@ -15,6 +15,11 @@ jobs:
         with:
           java-version: '11'
           distribution: 'temurin'
+          server-id: maven-central-staging
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }}
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE
 
       - name: Cache Maven packages
         uses: actions/cache@v4
@@ -24,14 +29,9 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-maven-
 
-      - name: Import GPG key
+      - name: Deploy to Maven Central
         env:
-          GPG_PRIVATE_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
-          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-        run: echo "$GPG_PRIVATE_KEY" | gpg --import --batch --yes
-
-      - name: Package and Sign
-        env:
-          GPG_KEY_NAME: ${{ secrets.GPG_KEY_NAME }}
-          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
-        run: mvn package verify -Prelease -DskipTests=true -Dgpg.keyname=$GPG_KEY_NAME -Dgpg.passphrase=$GPG_PASSPHRASE
+          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+        run: mvn deploy -DskipTests=true