Commit 74b66313 authored by Denis Konovalyenko's avatar Denis Konovalyenko

Artifacts signed before pushing to the packages repo.

parent 46c9eff5
...@@ -7,8 +7,9 @@ stages: ...@@ -7,8 +7,9 @@ stages:
- status - status
variables: variables:
MAVEN_SETTINGS: "./ci/gitlab/.m2/settings.xml" CI_GITLAB_PATH: "ci/gitlab"
MAVEN_CLI_OPTS: "--settings ${MAVEN_SETTINGS} --batch-mode --update-snapshots" MAVEN_CLI_OPTS: "--settings ${CI_GITLAB_PATH}/.m2/settings.xml --batch-mode --update-snapshots"
# OPENSSL_CLI_OPTS: "enc aes-256-cbc -K ${OPENSSL_ENC_KEY} -iv ${OPENSSL_ENC_IV}"
# CI_DEBUG_TRACE: "true" # CI_DEBUG_TRACE: "true"
cache: cache:
...@@ -26,7 +27,14 @@ snaphot: ...@@ -26,7 +27,14 @@ snaphot:
script: script:
# - echo "${GPG_KEY_SECRET}" | gpg --allow-secret-key-import --import # - echo "${GPG_KEY_SECRET}" | gpg --allow-secret-key-import --import
# - gpg --list-keys # - gpg --list-keys
- mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release --quiet # - openssl ${OPENSSL_CLI_OPTS} -d -in ${CI_GITLAB_PATH}/code-signing-key.asc.enc -out ${CI_GITLAB_PATH}/code-signing-key.asc
# - gpg --fast-import ${CI_GITLAB_PATH}/code-signing-key.asc
# - gpg -h
- echo "${GPG_KEY}" | gpg --batch --armor --import
- echo "use-agent" >> ${HOME}/.gnupg/gpg.conf
- echo "pinentry-mode loopback" >> ${HOME}/.gnupg/gpg.conf
- echo "allow-loopback-pinentry" >> ${HOME}/.gnupg/gpg-agent.conf
- mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release #--debug
# only: # only:
# - dev # - dev
except: except:
...@@ -36,8 +44,10 @@ snaphot: ...@@ -36,8 +44,10 @@ snaphot:
release: release:
stage: release stage: release
script: script:
# - echo "${GPG_KEY_SECRET}" | gpg --allow-secret-key-import --import - echo "${GPG_KEY}" | gpg --batch --armor --import
# - gpg --list-keys - echo "use-agent" >> ${HOME}/.gnupg/gpg.conf
- echo "pinentry-mode loopback" >> ${HOME}/.gnupg/gpg.conf
- echo "allow-loopback-pinentry" >> ${HOME}/.gnupg/gpg-agent.conf
- mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release --quiet - mvn deploy ${MAVEN_CLI_OPTS} -DskipITs -Dmaven.test.skip=true --activate-profiles release --quiet
only: only:
- tags - tags
......
...@@ -34,8 +34,13 @@ ...@@ -34,8 +34,13 @@
<argLine>-Djdk.net.URLClassPath.disableClassPathURLCheck=true</argLine> <argLine>-Djdk.net.URLClassPath.disableClassPathURLCheck=true</argLine>
</properties> </properties>
</profile> </profile>
<!--<profile>--> <profile>
<!--<id>release</id>--> <id>release</id>
<properties>
<gpg.executable>gpg</gpg.executable>
<!--<gpg.keyname>${GPG_KEY_NAME}</gpg.keyname>-->
<gpg.passphrase>${GPG_PASSPHRASE}</gpg.passphrase>
</properties>
<!--<repositories>--> <!--<repositories>-->
<!--<repository>--> <!--<repository>-->
<!--<id>ossrh</id>--> <!--<id>ossrh</id>-->
...@@ -54,6 +59,6 @@ ...@@ -54,6 +59,6 @@
<!--</snapshots>--> <!--</snapshots>-->
<!--</repository>--> <!--</repository>-->
<!--</repositories>--> <!--</repositories>-->
<!--</profile>--> </profile>
</profiles> </profiles>
</settings> </settings>
...@@ -187,38 +187,41 @@ ...@@ -187,38 +187,41 @@
</execution> </execution>
</executions> </executions>
</plugin> </plugin>
<!--<plugin>--> <plugin>
<!--<groupId>org.apache.maven.plugins</groupId>--> <groupId>org.apache.maven.plugins</groupId>
<!--<artifactId>maven-gpg-plugin</artifactId>--> <artifactId>maven-gpg-plugin</artifactId>
<!--<version>1.5</version>--> <version>1.5</version>
<!--<executions>--> <executions>
<!--<execution>--> <execution>
<!--<id>sign-artifacts</id>--> <id>sign-artifacts</id>
<!--<phase>verify</phase>--> <phase>verify</phase>
<!--<goals>--> <goals>
<!--<goal>sign</goal>--> <goal>sign</goal>
<!--</goals>--> </goals>
<!--</execution>--> </execution>
<!--</executions>--> </executions>
<!--<configuration>--> <configuration>
<!--<skip>false</skip>--> <skip>false</skip>
<!--<lockMode>never</lockMode>--> <lockMode>never</lockMode>
<!--<defaultKeyring>false</defaultKeyring>--> <defaultKeyring>false</defaultKeyring>
<!--<useAgent>false</useAgent>--> <useAgent>false</useAgent>
<!--<gpgArguments>--> <!--<passphrase>${GPG_PASSPHRASE}</passphrase>-->
<gpgArguments>
<gpgArgument>--batch</gpgArgument>
<gpgArgument>--no-tty</gpgArgument>
<!--<arg>&#45;&#45;no-random-seed-file</arg>--> <!--<arg>&#45;&#45;no-random-seed-file</arg>-->
<!--<arg>&#45;&#45;no-permission-warning</arg>--> <!--<arg>&#45;&#45;no-permission-warning</arg>-->
<!--</gpgArguments>--> </gpgArguments>
<!--</configuration>--> </configuration>
<!--</plugin>--> </plugin>
<!--<plugin>--> <plugin>
<!--<groupId>org.apache.maven.plugins</groupId>--> <groupId>org.apache.maven.plugins</groupId>
<!--<artifactId>maven-deploy-plugin</artifactId>--> <artifactId>maven-deploy-plugin</artifactId>
<!--<version>2.8.2</version>--> <!--<version>2.8.2</version>-->
<!--<configuration>--> <configuration>
<!--<skip>true</skip>--> <skip>true</skip>
<!--</configuration>--> </configuration>
<!--</plugin>--> </plugin>
<plugin> <plugin>
<groupId>org.sonatype.plugins</groupId> <groupId>org.sonatype.plugins</groupId>
<artifactId>nexus-staging-maven-plugin</artifactId> <artifactId>nexus-staging-maven-plugin</artifactId>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment