You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Christian Schulte (JIRA)" <ji...@codehaus.org> on 2009/03/30 23:26:12 UTC
[jira] Issue Comment Edited: (MJAVADOC-228) Please add support for
signing javadoc jar files.
[ http://jira.codehaus.org/browse/MJAVADOC-228?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=171449#action_171449 ]
Christian Schulte edited comment on MJAVADOC-228 at 3/30/09 4:24 PM:
---------------------------------------------------------------------
If nobody else wants to provide such a plugin, I'll prepare a maven-signer-plugin patch to have something to start with and attach it to this issue. Thinking about it, should such a mojo also contain the functionality of the maven-gpg-plugin ? If a general maven-signer-plugin would be available, I see no reason why not make it provide different signing strategies (jarsigner, gpg, what else?) Is there already some ArtifactSigner component available or something like this ? What would be the preferred design ? Provide an ArtifactSigner component in group org.apache.maven.shared.something and use that in the plugin ?
For consistency with the other plugins, I am just missing a maven-jarsigner-plugin, I think, which can be executed independently of the maven-jar-plugin. There is a policy here to sign all jar files during release. For this, I added a release profile like:
{code}
<profile>
<id>release</id>
<activation>
<activeByDefault>false</activeByDefault>
</activation>
<build>
<plugins>
<plugin>
<inherited>true</inherited>
<artifactId>maven-jar-plugin</artifactId>
<executions>
<execution>
<id>sign</id>
<phase>package</phase>
<goals>
<goal>sign</goal>
</goals>
<configuration>
<storepass>${jarsign.storepass}</storepass>
<keypass>${jarsign.keypass}</keypass>
<alias>${jarsign.alias}</alias>
<jarPath>${project.build.directory}/${project.build.finalName}.jar</jarPath>
</configuration>
</execution>
</executions>
</plugin>
<plugin>
<inherited>true</inherited>
<artifactId>maven-gpg-plugin</artifactId>
</plugin>
<plugin>
<inherited>true</inherited>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-source-plugin</artifactId>
<executions>
<execution>
<id>attach-sources</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<inherited>true</inherited>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-javadoc-plugin</artifactId>
<executions>
<execution>
<id>attach-javadocs</id>
<goals>
<goal>jar</goal>
</goals>
</execution>
</executions>
</plugin>
<plugin>
<inherited>true</inherited>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-deploy-plugin</artifactId>
<configuration>
<updateReleaseInfo>true</updateReleaseInfo>
</configuration>
</plugin>
</plugins>
</build>
</profile>
{code}
This does not work for signing the source and javadoc jars since the jar:sign goal will be run before the source and javadoc plugins were run.
maven-jar-plugin: Plugin for the jar command line tool.
maven-gpg-plugin: Plugin for the gpg command line tool.
maven-jarsigner-plugin: Plugin for the jarsigner command line tool.
So create a maven-jarsigner-plugin based on the maven-jar-plugin's sign goal and deprecated jar:sign in favour of that ? WDYT
was (Author: schulte2005):
If nobody else wants to provide such a plugin, I'll prepare a maven-signer-plugin patch to have something to start with and attach it to this issue. Thinking about it, should such a mojo also contain the functionality of the maven-gpg-plugin ? If a general maven-signer-plugin would be available, I see no reason why not make it provide different signing strategies (jarsigner, gpg, what else?) Is there already some ArtifactSigner component available or something like this ? What would be the preferred design ? Provide an ArtifactSigner component in group org.apache.maven.shared.something and use that in the plugin ? WDYT
> Please add support for signing javadoc jar files.
> -------------------------------------------------
>
> Key: MJAVADOC-228
> URL: http://jira.codehaus.org/browse/MJAVADOC-228
> Project: Maven 2.x Javadoc Plugin
> Issue Type: Wish
> Affects Versions: 2.5
> Environment: Maven version: 2.0.10
> Java version: 1.5.0_17
> OS name: "linux" version: "2.6.29" arch: "i386" Family: "unix"
> Reporter: Christian Schulte
>
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira