mirror of
https://github.com/octoleo/plantuml.git
synced 2024-12-22 10:59:01 +00:00
use gradle in-memory asci-armored keys to sign artifacts
on the commadn line this allows as before: gradle -q signMavenPublication signPdfJar -Psigning.gnupg.keyName=... - -Psigning.gnupg.passphrase=... on github this allows to put the key and password into environment variables: ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ARTIFACT_SIGNING_KEY }} ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }} gradle -q signMavenPublication signPdfJar
This commit is contained in:
parent
92e955ef03
commit
18e6c41bfb
23
.github/workflows/ci-gradle.yml
vendored
23
.github/workflows/ci-gradle.yml
vendored
@ -119,28 +119,13 @@ jobs:
|
||||
generateMetadataFileForMavenPublication generatePomFileForMavenPublication \
|
||||
-x test
|
||||
|
||||
- name: Setup gpg
|
||||
if: env.ARTIFACT_SIGNING_KEY
|
||||
id: gpg
|
||||
env:
|
||||
ARTIFACT_SIGNING_KEY: ${{ secrets.ARTIFACT_SIGNING_KEY }}
|
||||
run: |
|
||||
echo "Importing key ..."
|
||||
echo "${ARTIFACT_SIGNING_KEY}" | gpg --batch --import --import-options import-show
|
||||
|
||||
echo "Getting key id ..."
|
||||
key_id="$(echo "${ARTIFACT_SIGNING_KEY}" | gpg --batch --show-keys --with-colons | awk -F: '$1 == "sec" { print $5 }')"
|
||||
echo "::set-output name=key_id::${key_id}"
|
||||
|
||||
- name: Sign artifacts
|
||||
if: env.GPG_KEYNAME
|
||||
if: env.ORG_GRADLE_PROJECT_signingKey
|
||||
env:
|
||||
GPG_KEYNAME: ${{ steps.gpg.outputs.key_id }}
|
||||
GPG_PASSPHRASE: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
|
||||
ORG_GRADLE_PROJECT_signingKey: ${{ secrets.ARTIFACT_SIGNING_KEY }}
|
||||
ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.ARTIFACT_SIGNING_PASSPHRASE }}
|
||||
run: |
|
||||
gradle -q signMavenPublication signPdfJar \
|
||||
"-Psigning.gnupg.keyName=${GPG_KEYNAME}" \
|
||||
"-Psigning.gnupg.passphrase=${GPG_PASSPHRASE}"
|
||||
gradle -q signMavenPublication signPdfJar
|
||||
|
||||
- name: Upload artifacts
|
||||
uses: actions/upload-artifact@v2
|
||||
|
@ -122,8 +122,14 @@ val pdfJar by tasks.registering(Jar::class) {
|
||||
}
|
||||
|
||||
signing {
|
||||
if (hasProperty("signing.gnupg.passphrase")) {
|
||||
if (hasProperty("signing.gnupg.keyName") && hasProperty("signing.gnupg.passphrase")) {
|
||||
useGpgCmd()
|
||||
} else if (hasProperty("signingKey") && hasProperty("signingPassword")) {
|
||||
val signingKey: String? by project
|
||||
val signingPassword: String? by project
|
||||
useInMemoryPgpKeys(signingKey, signingPassword)
|
||||
}
|
||||
if (hasProperty("signing.gnupg.passphrase") || hasProperty("signingPassword")) {
|
||||
sign(publishing.publications["maven"])
|
||||
sign(closureOf<SignOperation> { sign(pdfJar.get()) })
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user