Commit 74b66313 authored by Denis Konovalyenko's avatar Denis Konovalyenko

Artifacts signed before pushing to the packages repo.

parent 46c9eff5
......@@ -7,8 +7,9 @@ stages:
- status
variables:
MAVEN_SETTINGS: "./ci/gitlab/.m2/settings.xml"
MAVEN_CLI_OPTS: "--settings ${MAVEN_SETTINGS} --batch-mode --update-snapshots"
CI_GITLAB_PATH: "ci/gitlab"
MAVEN_CLI_OPTS: "--settings ${CI_GITLAB_PATH}/.m2/settings.xml --batch-mode --update-snapshots"
# OPENSSL_CLI_OPTS: "enc aes-256-cbc -K ${OPENSSL_ENC_KEY} -iv ${OPENSSL_ENC_IV}"
# CI_DEBUG_TRACE: "true"
cache:
......@@ -26,7 +27,14 @@ snaphot:
script:
# - echo "${GPG_KEY_SECRET}" | gpg --allow-secret-key-import --import
# - gpg --list-keys
- mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release --quiet
# - openssl ${OPENSSL_CLI_OPTS} -d -in ${CI_GITLAB_PATH}/code-signing-key.asc.enc -out ${CI_GITLAB_PATH}/code-signing-key.asc
# - gpg --fast-import ${CI_GITLAB_PATH}/code-signing-key.asc
# - gpg -h
- echo "${GPG_KEY}" | gpg --batch --armor --import
- echo "use-agent" >> ${HOME}/.gnupg/gpg.conf
- echo "pinentry-mode loopback" >> ${HOME}/.gnupg/gpg.conf
- echo "allow-loopback-pinentry" >> ${HOME}/.gnupg/gpg-agent.conf
- mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release #--debug
# only:
# - dev
except:
......@@ -36,8 +44,10 @@ snaphot:
release:
stage: release
script:
# - echo "${GPG_KEY_SECRET}" | gpg --allow-secret-key-import --import
# - gpg --list-keys
- echo "${GPG_KEY}" | gpg --batch --armor --import
- echo "use-agent" >> ${HOME}/.gnupg/gpg.conf
- echo "pinentry-mode loopback" >> ${HOME}/.gnupg/gpg.conf
- echo "allow-loopback-pinentry" >> ${HOME}/.gnupg/gpg-agent.conf
- mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release --quiet
only:
- tags
......
......@@ -34,8 +34,13 @@
<argLine>-Djdk.net.URLClassPath.disableClassPathURLCheck=true</argLine>
</properties>
</profile>
<!--<profile>-->
<!--<id>release</id>-->
<profile>
<id>release</id>
<properties>
<gpg.executable>gpg</gpg.executable>
<!--<gpg.keyname>${GPG_KEY_NAME}</gpg.keyname>-->
<gpg.passphrase>${GPG_PASSPHRASE}</gpg.passphrase>
</properties>
<!--<repositories>-->
<!--<repository>-->
<!--<id>ossrh</id>-->
......@@ -54,6 +59,6 @@
<!--</snapshots>-->
<!--</repository>-->
<!--</repositories>-->
<!--</profile>-->
</profile>
</profiles>
</settings>
......@@ -187,38 +187,41 @@
</execution>
</executions>
</plugin>
<!--<plugin>-->
<!--<groupId>org.apache.maven.plugins</groupId>-->
<!--<artifactId>maven-gpg-plugin</artifactId>-->
<!--<version>1.5</version>-->
<!--<executions>-->
<!--<execution>-->
<!--<id>sign-artifacts</id>-->
<!--<phase>verify</phase>-->
<!--<goals>-->
<!--<goal>sign</goal>-->
<!--</goals>-->
<!--</execution>-->
<!--</executions>-->
<!--<configuration>-->
<!--<skip>false</skip>-->
<!--<lockMode>never</lockMode>-->
<!--<defaultKeyring>false</defaultKeyring>-->
<!--<useAgent>false</useAgent>-->
<!--<gpgArguments>-->
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.5</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
<configuration>
<skip>false</skip>
<lockMode>never</lockMode>
<defaultKeyring>false</defaultKeyring>
<useAgent>false</useAgent>
<!--<passphrase>${GPG_PASSPHRASE}</passphrase>-->
<gpgArguments>
<gpgArgument>--batch</gpgArgument>
<gpgArgument>--no-tty</gpgArgument>
<!--<arg>&#45;&#45;no-random-seed-file</arg>-->
<!--<arg>&#45;&#45;no-permission-warning</arg>-->
<!--</gpgArguments>-->
<!--</configuration>-->
<!--</plugin>-->
<!--<plugin>-->
<!--<groupId>org.apache.maven.plugins</groupId>-->
<!--<artifactId>maven-deploy-plugin</artifactId>-->
</gpgArguments>
</configuration>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<!--<version>2.8.2</version>-->
<!--<configuration>-->
<!--<skip>true</skip>-->
<!--</configuration>-->
<!--</plugin>-->
<configuration>
<skip>true</skip>
</configuration>
</plugin>
<plugin>
<groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment