Merge branch '45-signing' into 'dev'

greenrobot-team · greenrobot-team · commit 0345d22db8e8 · 2020-04-28T12:44:51.000Z
Re-enable signing of artifacts

See merge request objectbox/objectbox-java!62
diff --git a/Jenkinsfile b/Jenkinsfile
@@ -22,6 +22,10 @@ pipeline {
                         "-PpreferredUsername=$MVN_REPO_LOGIN_USR " +
                         "-PpreferredPassword=$MVN_REPO_LOGIN_PSW " +
                         "-PversionPostFix=$versionPostfix"
+        // Note: for key use Jenkins secret file with PGP key as text in ASCII-armored format.
+        ORG_GRADLE_PROJECT_signingKeyFile = credentials('objectbox_signing_key')
+        ORG_GRADLE_PROJECT_signingKeyId = credentials('objectbox_signing_key_id')
+        ORG_GRADLE_PROJECT_signingPassword = credentials('objectbox_signing_key_password')
     }
 
     options {
diff --git a/build.gradle b/build.gradle
@@ -67,6 +67,12 @@ def projectNamesToPublish = [
         'objectbox-rxjava'
 ]
 
+def hasSigningProperties() {
+    return (project.hasProperty('signingKeyId')
+            && project.hasProperty('signingKeyFile')
+            && project.hasProperty('signingPassword'))
+}
+
 configure(subprojects.findAll { projectNamesToPublish.contains(it.name) }) {
     apply plugin: 'maven'
     apply plugin: 'signing'
@@ -82,8 +88,9 @@ configure(subprojects.findAll { projectNamesToPublish.contains(it.name) }) {
     }
 
     signing {
-        if (project.hasProperty('signing.keyId') && project.hasProperty('signing.password') &&
-                project.hasProperty('signing.secretKeyRingFile')) {
+        if (hasSigningProperties()) {
+            String signingKey = new File(signingKeyFile).text
+            useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
             sign configurations.archives
         } else {
             println "Signing information missing/incomplete for ${project.name}"
@@ -104,6 +111,10 @@ configure(subprojects.findAll { projectNamesToPublish.contains(it.name) }) {
                     } else if (preferredRepo != null
                             && project.hasProperty('preferredUsername') 
                             && project.hasProperty('preferredPassword')) {
+                        if (!hasSigningProperties()) {
+                            throw new InvalidUserDataException("To upload to repo signing is required.")
+                        }
+
                         configuration = configurations.deployerJars
 
                         // replace placeholders
