gpg:sign

Full name:

org.apache.maven.plugins:maven-gpg-plugin:1.1:sign

Description:

Sign project artifact, the POM, and attached artifacts with GnuPG for deployment.

Attributes:

  • Requires a Maven 2.0 project to be executed.
  • The goal is thread-safe and supports parallel builds.
  • Binds by default to the lifecycle phase: verify.

Optional Parameters

Name Type Since Description
ascDirectory File 1.0-alpha-4 The directory where to store signature files.
Default value is: ${project.build.directory}/gpg.
excludes String[] 1.0-alpha-4 A list of files to exclude from being signed. Can contain Ant-style wildcards and double wildcards. The default excludes are **/*.md5 **/*.sha1 **/*.asc.
executable String 1.1 The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on the operating system.
homedir File 1.0 The directory from which gpg will load keyrings. If not specified, gpg will use the value configured for its installation, e.g. ~/.gnupg or %APPDATA%/gnupg.
keyname String - The "name" of the key to sign with. Passed to gpg as --local-user.
passphrase String - The passphrase to use when signing.
skip boolean - Skip doing the gpg signing.
Default value is: false.
useAgent boolean - Passes --use-agent or --no-use-agent to gpg. If using an agent, the passphrase is optional as the agent will provide it. For gpg2, specify true as --no-use-agent was removed in gpg2 and doesn't ask for a passphrase anymore.
Default value is: false.

Parameter Details

ascDirectory:

The directory where to store signature files.
  • Type: java.io.File
  • Since: 1.0-alpha-4
  • Required: No
  • Default: ${project.build.directory}/gpg

excludes:

A list of files to exclude from being signed. Can contain Ant-style wildcards and double wildcards. The default excludes are **/*.md5 **/*.sha1 **/*.asc.
  • Type: java.lang.String[]
  • Since: 1.0-alpha-4
  • Required: No

executable:

The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on the operating system.
  • Type: java.lang.String
  • Since: 1.1
  • Required: No
  • Expression: ${gpg.executable}

homedir:

The directory from which gpg will load keyrings. If not specified, gpg will use the value configured for its installation, e.g. ~/.gnupg or %APPDATA%/gnupg.
  • Type: java.io.File
  • Since: 1.0
  • Required: No
  • Expression: ${gpg.homedir}

keyname:

The "name" of the key to sign with. Passed to gpg as --local-user.
  • Type: java.lang.String
  • Required: No
  • Expression: ${gpg.keyname}

passphrase:

The passphrase to use when signing.
  • Type: java.lang.String
  • Required: No
  • Expression: ${gpg.passphrase}

skip:

Skip doing the gpg signing.
  • Type: boolean
  • Required: No
  • Expression: ${gpg.skip}
  • Default: false

useAgent:

Passes --use-agent or --no-use-agent to gpg. If using an agent, the passphrase is optional as the agent will provide it. For gpg2, specify true as --no-use-agent was removed in gpg2 and doesn't ask for a passphrase anymore.
  • Type: boolean
  • Required: No
  • Expression: ${gpg.useagent}
  • Default: false