Use in-memory PGP key for signing.

Use secret file and text via Jenkins, set Gradle properties via specially named environment variables.

Author: greenrobot-team

Jenkinsfile

@@ -22,6 +22,10 @@ pipeline {
                         "-PpreferredUsername=$MVN_REPO_LOGIN_USR " +
                         "-PpreferredPassword=$MVN_REPO_LOGIN_PSW " +
                         "-PversionPostFix=$versionPostfix"
+        // Note: for key use Jenkins secret file with PGP key as text in ASCII-armored format.
+        ORG_GRADLE_PROJECT_signingKeyFile = credentials('objectbox_signing_key')
+        ORG_GRADLE_PROJECT_signingKeyId = credentials('objectbox_signing_key_id')
+        ORG_GRADLE_PROJECT_signingPassword = credentials('objectbox_signing_key_password')
     }
 
     options {

build.gradle

@@ -82,8 +82,11 @@ configure(subprojects.findAll { projectNamesToPublish.contains(it.name) }) {
     }
 
     signing {
-        if (project.hasProperty('signing.keyId') && project.hasProperty('signing.password') &&
-                project.hasProperty('signing.secretKeyRingFile')) {
+        if (project.hasProperty('signingKeyId')
+                && project.hasProperty('signingKeyFile')
+                && project.hasProperty('signingPassword')) {
+            String signingKey = new File(signingKeyFile).text
+            useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
             sign configurations.archives
         } else {
             println "Signing information missing/incomplete for ${project.name}"