1 package org.apache.maven.plugin.gpg;
2
3 /*
4 * Licensed to the Apache Software Foundation (ASF) under one
5 * or more contributor license agreements. See the NOTICE file
6 * distributed with this work for additional information
7 * regarding copyright ownership. The ASF licenses this file
8 * to you under the Apache License, Version 2.0 (the
9 * "License"); you may not use this file except in compliance
10 * with the License. You may obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing,
15 * software distributed under the License is distributed on an
16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
17 * KIND, either express or implied. See the License for the
18 * specific language governing permissions and limitations
19 * under the License.
20 */
21
22 import java.io.File;
23 import java.io.IOException;
24 import java.util.List;
25
26 import org.apache.maven.plugin.AbstractMojo;
27 import org.apache.maven.plugin.MojoExecutionException;
28 import org.apache.maven.plugin.MojoFailureException;
29 import org.apache.maven.plugins.annotations.Parameter;
30 import org.apache.maven.project.MavenProject;
31
32 /**
33 * @author Benjamin Bentmann
34 */
35 public abstract class AbstractGpgMojo
36 extends AbstractMojo
37 {
38
39 /**
40 * The directory from which gpg will load keyrings. If not specified, gpg will use the value configured for its
41 * installation, e.g. <code>~/.gnupg</code> or <code>%APPDATA%/gnupg</code>.
42 *
43 * @since 1.0
44 */
45 @Parameter( property = "gpg.homedir" )
46 private File homedir;
47
48 /**
49 * The passphrase to use when signing.
50 */
51 @Parameter( property = "gpg.passphrase" )
52 private String passphrase;
53
54 /**
55 * The "name" of the key to sign with. Passed to gpg as <code>--local-user</code>.
56 */
57 @Parameter( property = "gpg.keyname" )
58 private String keyname;
59
60 /**
61 * Passes <code>--use-agent</code> or <code>--no-use-agent</code> to gpg. If using an agent, the passphrase is
62 * optional as the agent will provide it.
63 * For gpg2, specify true as --no-use-agent was removed in gpg2 and doesn't ask for a passphrase anymore.
64 */
65 @Parameter( property = "gpg.useagent", defaultValue = "true")
66 private boolean useAgent;
67
68 /**
69 */
70 @Parameter( defaultValue = "${settings.interactiveMode}", readonly = true)
71 private boolean interactive;
72
73 /**
74 * The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on
75 * the operating system.
76 *
77 * @since 1.1
78 */
79 @Parameter( property = "gpg.executable" )
80 private String executable;
81
82 /**
83 * Whether to add the default keyrings from gpg's home directory to the list of used keyrings.
84 *
85 * @since 1.2
86 */
87 @Parameter( property = "gpg.defaultKeyring", defaultValue = "true" )
88 private boolean defaultKeyring;
89
90 /**
91 * The path to a secret keyring to add to the list of keyrings. By default, only the {@code secring.gpg} from gpg's
92 * home directory is considered. Use this option (in combination with {@link #publicKeyring} and
93 * {@link #defaultKeyring} if required) to use a different secret key. <em>Note:</em> Relative paths are resolved
94 * against gpg's home directory, not the project base directory.
95 *
96 * @since 1.2
97 */
98 @Parameter( property = "gpg.secretKeyring" )
99 private String secretKeyring;
100
101 /**
102 * The path to a public keyring to add to the list of keyrings. By default, only the {@code pubring.gpg} from gpg's
103 * home directory is considered. Use this option (and {@link #defaultKeyring} if required) to use a different public
104 * key. <em>Note:</em> Relative paths are resolved against gpg's home directory, not the project base directory.
105 *
106 * @since 1.2
107 */
108 @Parameter( property = "gpg.publicKeyring" )
109 private String publicKeyring;
110
111 /**
112 * The lock mode to use when invoking gpg. By default no lock mode will be specified. Valid values are {@code once},
113 * {@code multiple} and {@code never}. The lock mode gets translated into the corresponding {@code --lock-___}
114 * command line argument. Improper usage of this option may lead to data and key corruption.
115 *
116 * @see <a href="http://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html">the --lock-*
117 * options</a>
118 * @since 1.5
119 */
120 @Parameter( property = "gpg.lockMode" )
121 private String lockMode;
122
123 /**
124 * Sets the arguments to be passed to gpg. Example:
125 * <pre>
126 * <gpgArguments>
127 * <arg>--no-random-seed-file</arg>
128 * <arg>--no-permission-warning</arg>
129 * </gpgArguments>
130 * </pre>
131 * @since 1.5
132 */
133 @Parameter
134 private List<String> gpgArguments;
135
136 AbstractGpgSigner newSigner( MavenProject project )
137 throws MojoExecutionException, MojoFailureException
138 {
139 AbstractGpgSigner signer = new GpgSigner( executable );
140
141 signer.setLog( getLog() );
142 signer.setInteractive( interactive );
143 signer.setKeyName( keyname );
144 signer.setUseAgent( useAgent );
145 signer.setHomeDirectory( homedir );
146 signer.setDefaultKeyring( defaultKeyring );
147 signer.setSecretKeyring( secretKeyring );
148 signer.setPublicKeyring( publicKeyring );
149 signer.setLockMode( lockMode );
150 signer.setArgs( gpgArguments );
151
152 signer.setPassPhrase( passphrase );
153 if ( null == passphrase && !useAgent )
154 {
155 if ( !interactive )
156 {
157 throw new MojoFailureException( "Cannot obtain passphrase in batch mode" );
158 }
159 try
160 {
161 signer.setPassPhrase( signer.getPassphrase( project ) );
162 }
163 catch ( IOException e )
164 {
165 throw new MojoExecutionException( "Exception reading passphrase", e );
166 }
167 }
168
169 return signer;
170 }
171
172 }