1 package org.apache.maven.plugin.gpg; 2 3 /* 4 * Licensed to the Apache Software Foundation (ASF) under one 5 * or more contributor license agreements. See the NOTICE file 6 * distributed with this work for additional information 7 * regarding copyright ownership. The ASF licenses this file 8 * to you under the Apache License, Version 2.0 (the 9 * "License"); you may not use this file except in compliance 10 * with the License. You may obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, 15 * software distributed under the License is distributed on an 16 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 17 * KIND, either express or implied. See the License for the 18 * specific language governing permissions and limitations 19 * under the License. 20 */ 21 22 import java.io.File; 23 import java.io.IOException; 24 import java.util.List; 25 26 import org.apache.maven.plugin.AbstractMojo; 27 import org.apache.maven.plugin.MojoExecutionException; 28 import org.apache.maven.plugin.MojoFailureException; 29 import org.apache.maven.plugins.annotations.Parameter; 30 import org.apache.maven.project.MavenProject; 31 32 /** 33 * @author Benjamin Bentmann 34 */ 35 public abstract class AbstractGpgMojo 36 extends AbstractMojo 37 { 38 39 /** 40 * The directory from which gpg will load keyrings. If not specified, gpg will use the value configured for its 41 * installation, e.g. <code>~/.gnupg</code> or <code>%APPDATA%/gnupg</code>. 42 * 43 * @since 1.0 44 */ 45 @Parameter( property = "gpg.homedir" ) 46 private File homedir; 47 48 /** 49 * The passphrase to use when signing. 50 */ 51 @Parameter( property = "gpg.passphrase" ) 52 private String passphrase; 53 54 /** 55 * The "name" of the key to sign with. Passed to gpg as <code>--local-user</code>. 56 */ 57 @Parameter( property = "gpg.keyname" ) 58 private String keyname; 59 60 /** 61 * Passes <code>--use-agent</code> or <code>--no-use-agent</code> to gpg. If using an agent, the passphrase is 62 * optional as the agent will provide it. 63 * For gpg2, specify true as --no-use-agent was removed in gpg2 and doesn't ask for a passphrase anymore. 64 */ 65 @Parameter( property = "gpg.useagent", defaultValue = "true") 66 private boolean useAgent; 67 68 /** 69 */ 70 @Parameter( defaultValue = "${settings.interactiveMode}", readonly = true) 71 private boolean interactive; 72 73 /** 74 * The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on 75 * the operating system. 76 * 77 * @since 1.1 78 */ 79 @Parameter( property = "gpg.executable" ) 80 private String executable; 81 82 /** 83 * Whether to add the default keyrings from gpg's home directory to the list of used keyrings. 84 * 85 * @since 1.2 86 */ 87 @Parameter( property = "gpg.defaultKeyring", defaultValue = "true" ) 88 private boolean defaultKeyring; 89 90 /** 91 * The path to a secret keyring to add to the list of keyrings. By default, only the {@code secring.gpg} from gpg's 92 * home directory is considered. Use this option (in combination with {@link #publicKeyring} and 93 * {@link #defaultKeyring} if required) to use a different secret key. <em>Note:</em> Relative paths are resolved 94 * against gpg's home directory, not the project base directory. 95 * 96 * @since 1.2 97 */ 98 @Parameter( property = "gpg.secretKeyring" ) 99 private String secretKeyring; 100 101 /** 102 * The path to a public keyring to add to the list of keyrings. By default, only the {@code pubring.gpg} from gpg's 103 * home directory is considered. Use this option (and {@link #defaultKeyring} if required) to use a different public 104 * key. <em>Note:</em> Relative paths are resolved against gpg's home directory, not the project base directory. 105 * 106 * @since 1.2 107 */ 108 @Parameter( property = "gpg.publicKeyring" ) 109 private String publicKeyring; 110 111 /** 112 * The lock mode to use when invoking gpg. By default no lock mode will be specified. Valid values are {@code once}, 113 * {@code multiple} and {@code never}. The lock mode gets translated into the corresponding {@code --lock-___} 114 * command line argument. Improper usage of this option may lead to data and key corruption. 115 * 116 * @see <a href="http://www.gnupg.org/documentation/manuals/gnupg/GPG-Configuration-Options.html">the --lock-* 117 * options</a> 118 * @since 1.5 119 */ 120 @Parameter( property = "gpg.lockMode" ) 121 private String lockMode; 122 123 /** 124 * Sets the arguments to be passed to gpg. Example: 125 * <pre> 126 * <gpgArguments> 127 * <arg>--no-random-seed-file</arg> 128 * <arg>--no-permission-warning</arg> 129 * </gpgArguments> 130 * </pre> 131 * @since 1.5 132 */ 133 @Parameter 134 private List<String> gpgArguments; 135 136 AbstractGpgSigner newSigner( MavenProject project ) 137 throws MojoExecutionException, MojoFailureException 138 { 139 AbstractGpgSigner signer = new GpgSigner( executable ); 140 141 signer.setLog( getLog() ); 142 signer.setInteractive( interactive ); 143 signer.setKeyName( keyname ); 144 signer.setUseAgent( useAgent ); 145 signer.setHomeDirectory( homedir ); 146 signer.setDefaultKeyring( defaultKeyring ); 147 signer.setSecretKeyring( secretKeyring ); 148 signer.setPublicKeyring( publicKeyring ); 149 signer.setLockMode( lockMode ); 150 signer.setArgs( gpgArguments ); 151 152 signer.setPassPhrase( passphrase ); 153 if ( null == passphrase && !useAgent ) 154 { 155 if ( !interactive ) 156 { 157 throw new MojoFailureException( "Cannot obtain passphrase in batch mode" ); 158 } 159 try 160 { 161 signer.setPassPhrase( signer.getPassphrase( project ) ); 162 } 163 catch ( IOException e ) 164 { 165 throw new MojoExecutionException( "Exception reading passphrase", e ); 166 } 167 } 168 169 return signer; 170 } 171 172 }