Deploy Signed Artifacts
Without this plugin you deploy your project like this:
mvn deploy
If you have configured this plugin according to the instructions in the usage page, you just need to specify the passphrase for your private key on the command line like this:
mvn deploy -Dgpg.passphrase=thephrase
If you don't specify a passphrase, it will prompt for one.
Install/Deploy without configuring the plugin in the POM
Currently this is not easily accomplished. gpg signs the artifacts attached to the build at the point that gpg runs. However, we want to "inject" the gpg into the phases. What MIGHT work is:
mvn verify gpg:sign install:install deploy:deploy
However, if there are other plugins configured for phases after the verify
phase, they will not be run.