added option to sign rpm and deb packages

2026-03-05 11:50:58 +01:00 · 2020-05-15 11:29:48 +02:00
parent cb746c8e18
commit 72be52405c
2 changed files with 63 additions and 5 deletions
--- a/scm-packaging/deb/pom.xml
+++ b/scm-packaging/deb/pom.xml
@@ -24,7 +24,8 @@
    SOFTWARE.

 -->
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">

  <modelVersion>4.0.0</modelVersion>

@@ -86,7 +87,7 @@
                  <version>1.1.0</version>
                  <type>tar.gz</type>
                  <fileMappers>
-                    <org.codehaus.plexus.components.io.filemappers.FlattenFileMapper />
+                    <org.codehaus.plexus.components.io.filemappers.FlattenFileMapper/>
                  </fileMappers>
                </artifactItem>
              </artifactItems>
@@ -356,4 +357,33 @@
    </plugins>
  </build>

+  <profiles>
+    <profile>
+      <id>sign</id>
+      <activation>
+        <property>
+          <name>gpg.scm.keyring</name>
+        </property>
+      </activation>
+      <build>
+        <plugins>
+          <plugin>
+            <artifactId>jdeb</artifactId>
+            <groupId>org.vafer</groupId>
+            <version>1.8</version>
+            <configuration>
+              <signRole>builder</signRole>
+              <signPackage>true</signPackage>
+              <keyring>${gpg.scm.keyring}</keyring>
+              <key>${gpg.scm.key}</key>
+              <passphrase>${gpg.scm.passphrase}</passphrase>
+            </configuration>
+          </plugin>
+
+        </plugins>
+
+      </build>
+    </profile>
+  </profiles>
+
 </project>
--- a/scm-packaging/rpm/pom.xml
+++ b/scm-packaging/rpm/pom.xml
@@ -129,6 +129,7 @@
          <packageName>scm-server</packageName>
          <group>Development/Tools</group>
          <license>MIT</license>
+          <skipSigning>true</skipSigning>

          <requires>
            <require>java-11-openjdk-headless</require>
@@ -141,6 +142,7 @@
          <beforeInstallation>
            <file>src/main/scripts/before-installation.sh</file>
          </beforeInstallation>
+
          <afterInstallation>
            <file>src/main/scripts/after-installation.sh</file>
          </afterInstallation>
@@ -388,8 +390,34 @@
    </plugins>
  </build>

-  <properties>
-    <rpm.skipSigning>true</rpm.skipSigning>
-  </properties>
+  <profiles>
+    <profile>
+      <id>sign</id>
+      <activation>
+        <property>
+          <name>gpg.scm.keyring</name>
+        </property>
+      </activation>
+      <build>
+        <plugins>
+
+          <plugin>
+            <groupId>de.dentrassi.maven</groupId>
+            <artifactId>rpm</artifactId>
+            <version>1.5.0</version>
+            <configuration>
+              <skipSigning>false</skipSigning>
+              <signature>
+                <keyringFile>${gpg.scm.keyring}</keyringFile>
+                <keyId>${gpg.scm.key}</keyId>
+                <passphrase>${gpg.scm.passphrase}</passphrase>
+              </signature>
+            </configuration>
+          </plugin>
+
+        </plugins>
+      </build>
+    </profile>
+  </profiles>

 </project>