Comments (5)
I may have found "the problem", though no idea why it is a problem. The signing happens on our CI server, so it was not immediately obvious. But digging through the Jenkins console I see this:
* What went wrong:
A problem was found with the configuration of task ':hibernate-jpamodelgen:signPublishedArtifactsPublication' (type 'Sign').
- In plugin 'org.gradle.signing' type 'org.gradle.plugins.signing.Sign' property 'signatory.keyId' doesn't have a configured value.
Reason: This property isn't marked as optional and no value has been configured.
Possible solutions:
1. Assign a value to 'signatory.keyId'.
2. Mark property 'signatory.keyId' as optional.
But these should be picked up by command line properties, right? I have the following:
./gradlew sign -x test --no-scan \
-Psigning.password=$SIGNING_PASS -Psigning.keyId=$SIGNING_KEY -Psigning.secretKeyRingFile=$SIGNING_KEYRING \
-Psignatory.password=$SIGNING_PASS -Psignatory.keyId=$SIGNING_KEY -Psignatory.secretKeyRingFile=$SIGNING_KEYRING \
where $SIGNING_PASS, $SIGNING_KEY and $SIGNING_KEYRING come from Jenkin's Credentials plugin. They get used in other (Maven) builds so I know they are correct values.
from nexus-publish-e2e-minimal.
Someone on StackOverflow[1] indicated that the property names have change from signing.*
to signing.gnupg.*
. I have tried with both and same failures. I should also mention I have tried all of these:
- Project properties (-P)
- System props (-D)
- Environment variables
All fail. Every combination fails.
[1] https://stackoverflow.com/questions/32816003/how-to-sign-with-gradle-and-gpg2
from nexus-publish-e2e-minimal.
-Psigning.keyId=$SIGNING_KEY
You use signing.keyId
, but signingKey
is expected by findProperty('signingKey')
. I propose to log the values to stdout (log or println) to verify they are resolved properly. In addition, signing is performed in the Gradle execution with publishToSonatype closeAndReleaseSonatypeStagingRepository
(you do not need to call gradlew sign
before and you need to use -P... in the second call).
from nexus-publish-e2e-minimal.
Thanks for the reply @szpak !
That was a different iteration. Like I said, I was trying to just use the "new" settings someone mentioned on Stack Overflow. In that second iteration I have:
signing {
useGpgCmd()
sign publishing.publications.publishedArtifacts
}
and then have the command line I mentioned:
./gradlew sign -x test --no-scan \
-Psigning.password=$SIGNING_PASS -Psigning.keyId=$SIGNING_KEY -Psigning.secretKeyRingFile=$SIGNING_KEYRING
and also tried (per SO post):
./gradlew sign -x test --no-scan \
-Psigning.gnupg.password=$SIGNING_PASS -Psigning.gnupg.keyId=$SIGNING_KEY -Psigning.gnupg.secretKeyRingFile=$SIGNING_KEYRING
Neither command line worked.
from nexus-publish-e2e-minimal.
The best for CI would be useInMemoryPgpKeys()
- see my blog post or the official documentation. We use it in this project and it works fine.
For your first configuration, remember that signingKey
is not a key ID, but the key itself.
Having it failing on CI, please paste the command you call (on CI) and the error you have.
Btw, make sure you don't use a SNAPSHOT version as you explicitly disable signing for SNAPSHOTs.
from nexus-publish-e2e-minimal.
Related Issues (1)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nexus-publish-e2e-minimal.