You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@buildr.apache.org by do...@apache.org on 2012/12/16 02:06:59 UTC
svn commit: r1422445 - in /buildr/trunk: CHANGELOG addon/buildr/gpg.rb
Author: donaldp
Date: Sun Dec 16 01:06:58 2012
New Revision: 1422445
URL: http://svn.apache.org/viewvc?rev=1422445&view=rev
Log:
Create a 'buildr/gpg' addon that signs and uploads signatures when uploading artifacts. Inspired by a similar extension in apache-ode project by Tammo van Lessen.
Added:
buildr/trunk/addon/buildr/gpg.rb (with props)
Modified:
buildr/trunk/CHANGELOG
Modified: buildr/trunk/CHANGELOG
URL: http://svn.apache.org/viewvc/buildr/trunk/CHANGELOG?rev=1422445&r1=1422444&r2=1422445&view=diff
==============================================================================
--- buildr/trunk/CHANGELOG (original)
+++ buildr/trunk/CHANGELOG Sun Dec 16 01:06:58 2012
@@ -1,4 +1,7 @@
1.4.10 (Pending)
+* Added: Create a 'buildr/gpg' addon that signs and uploads signatures
+ when uploading artifacts. Inspired by a similar extension in
+ the Apache ODE project by Tammo van Lessen.
* Change: Updated dependency versions;
- jruby-openssl (0.8.2)
- atoulme-Antwrap (0.7.4)
Added: buildr/trunk/addon/buildr/gpg.rb
URL: http://svn.apache.org/viewvc/buildr/trunk/addon/buildr/gpg.rb?rev=1422445&view=auto
==============================================================================
--- buildr/trunk/addon/buildr/gpg.rb (added)
+++ buildr/trunk/addon/buildr/gpg.rb Sun Dec 16 01:06:58 2012
@@ -0,0 +1,78 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with this
+# work for additional information regarding copyright ownership. The ASF
+# licenses this file to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
+
+module Buildr
+
+ # Signs the packages using gpg and uploads signatures as part of the upload process.
+ #
+ # Require explicitly using <code>require "buildr/apg"</code>. This will result in all
+ # packages being signed. The user must specify the GPG_USER environment key to identify
+ # the key to use and may specify GPG_PASS if the key needs a password to access. e.g.
+ #
+ # $ GPG_USER=user@example.com GPG_PASSWD=secret buildr clean upload
+ #
+ module GPG
+ class << self
+
+ def sign_task(pkg)
+ raise "ENV['GPG_USER'] not specified" unless ENV['GPG_USER']
+ asc_filename = pkg.to_s + '.asc'
+ file(asc_filename => [pkg.to_s]) do
+ info "GPG signing #{pkg.to_spec}"
+
+ cmd = []
+ cmd << 'gpg'
+ cmd << '--local-user'
+ cmd << ENV['GPG_USER']
+ cmd << '--armor'
+ cmd << '--output'
+ cmd << pkg.to_s + '.asc'
+ if ENV['GPG_PASS']
+ cmd << '--passphrase'
+ cmd << ENV['GPG_PASS']
+ end
+ cmd << '--detach-sig'
+ cmd << pkg
+ trace(cmd.join(' '))
+ `#{cmd.join(' ')}`
+ raise "Unable to generate signature for #{pkg}" unless File.exist?(asc_filename)
+ end
+ end
+
+ def sign_and_upload(project, pkg)
+ sign = sign_task(pkg)
+ project.task(:upload).enhance([sign.name]) do
+ artifact = Buildr.artifact(pkg.to_spec_hash.merge(:type => "#{pkg.type}.asc"))
+ artifact.from(sign)
+ artifact.invoke
+ artifact.upload
+ end
+ end
+ end
+
+ module ProjectExtension
+ include Extension
+
+ after_define do |project|
+ project.packages.each { |pkg| Buildr::GPG.sign_and_upload(project, pkg) }
+ project.packages.map { |pkg| pkg.pom }.uniq.each { |pom| Buildr::GPG.sign_and_upload(project, pom) }
+ end
+ end
+ end
+end
+
+class Buildr::Project
+ include Buildr::GPG::ProjectExtension
+end
\ No newline at end of file
Propchange: buildr/trunk/addon/buildr/gpg.rb
------------------------------------------------------------------------------
svn:eol-style = native
Propchange: buildr/trunk/addon/buildr/gpg.rb
------------------------------------------------------------------------------
svn:mime-type = text/x-ruby