gpg:sign

Full name:

org.apache.maven.plugins:maven-gpg-plugin:1.6:sign

Description:

Sign project artifact, the POM, and attached artifacts with GnuPG for deployment.

Attributes:

  • Requires a Maven project to be executed.
  • The goal is thread-safe and supports parallel builds.
  • Binds by default to the lifecycle phase: verify.

Optional Parameters

Name Type Since Description
ascDirectory File 1.0-alpha-4 The directory where to store signature files.
Default value is: ${project.build.directory}/gpg.
defaultKeyring boolean 1.2 Whether to add the default keyrings from gpg's home directory to the list of used keyrings.
Default value is: true.
User property is: gpg.defaultKeyring.
excludes String[] 1.0-alpha-4 A list of files to exclude from being signed. Can contain Ant-style wildcards and double wildcards. The default excludes are **/*.md5 **/*.sha1 **/*.asc.
executable String 1.1 The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on the operating system.
User property is: gpg.executable.
gpgArguments List 1.5 Sets the arguments to be passed to gpg. Example:
<gpgArguments>
  <arg>--no-random-seed-file</arg>
  <arg>--no-permission-warning</arg>
</gpgArguments>

homedir File 1.0 The directory from which gpg will load keyrings. If not specified, gpg will use the value configured for its installation, e.g. ~/.gnupg or %APPDATA%/gnupg.
User property is: gpg.homedir.
keyname String - The "name" of the key to sign with. Passed to gpg as --local-user.
User property is: gpg.keyname.
lockMode String 1.5 The lock mode to use when invoking gpg. By default no lock mode will be specified. Valid values are once, multiple and never. The lock mode gets translated into the corresponding --lock-___ command line argument. Improper usage of this option may lead to data and key corruption.
User property is: gpg.lockMode.
passphrase String - The passphrase to use when signing. If not given, look up the value under Maven settings using server id at 'passphraseServerKey' configuration.
User property is: gpg.passphrase.
passphraseServerId String 1.6 Server id to lookup the passphrase under Maven settings.
Default value is: gpg.passphrase.
User property is: gpg.passphraseServerId.
publicKeyring String 1.2 The path to a public keyring to add to the list of keyrings. By default, only the pubring.gpg from gpg's home directory is considered. Use this option (and defaultKeyring if required) to use a different public key. Note: Relative paths are resolved against gpg's home directory, not the project base directory.
User property is: gpg.publicKeyring.
secretKeyring String 1.2 The path to a secret keyring to add to the list of keyrings. By default, only the secring.gpg from gpg's home directory is considered. Use this option (in combination with publicKeyring and defaultKeyring if required) to use a different secret key. Note: Relative paths are resolved against gpg's home directory, not the project base directory.
User property is: gpg.secretKeyring.
skip boolean - Skip doing the gpg signing.
Default value is: false.
User property is: gpg.skip.
useAgent boolean - Passes --use-agent or --no-use-agent to gpg. If using an agent, the passphrase is optional as the agent will provide it. For gpg2, specify true as --no-use-agent was removed in gpg2 and doesn't ask for a passphrase anymore.
Default value is: true.
User property is: gpg.useagent.

Parameter Details

ascDirectory:

The directory where to store signature files.
  • Type: java.io.File
  • Since: 1.0-alpha-4
  • Required: No
  • Default: ${project.build.directory}/gpg

defaultKeyring:

Whether to add the default keyrings from gpg's home directory to the list of used keyrings.
  • Type: boolean
  • Since: 1.2
  • Required: No
  • User Property: gpg.defaultKeyring
  • Default: true

excludes:

A list of files to exclude from being signed. Can contain Ant-style wildcards and double wildcards. The default excludes are **/*.md5 **/*.sha1 **/*.asc.
  • Type: java.lang.String[]
  • Since: 1.0-alpha-4
  • Required: No

executable:

The path to the GnuPG executable to use for artifact signing. Defaults to either "gpg" or "gpg.exe" depending on the operating system.
  • Type: java.lang.String
  • Since: 1.1
  • Required: No
  • User Property: gpg.executable

gpgArguments:

Sets the arguments to be passed to gpg. Example:
<gpgArguments>
  <arg>--no-random-seed-file</arg>
  <arg>--no-permission-warning</arg>
</gpgArguments>
  • Type: java.util.List
  • Since: 1.5
  • Required: No

homedir:

The directory from which gpg will load keyrings. If not specified, gpg will use the value configured for its installation, e.g. ~/.gnupg or %APPDATA%/gnupg.
  • Type: java.io.File
  • Since: 1.0
  • Required: No
  • User Property: gpg.homedir

keyname:

The "name" of the key to sign with. Passed to gpg as --local-user.
  • Type: java.lang.String
  • Required: No
  • User Property: gpg.keyname

lockMode:

The lock mode to use when invoking gpg. By default no lock mode will be specified. Valid values are once, multiple and never. The lock mode gets translated into the corresponding --lock-___ command line argument. Improper usage of this option may lead to data and key corruption.
  • Type: java.lang.String
  • Since: 1.5
  • Required: No
  • User Property: gpg.lockMode

passphrase:

The passphrase to use when signing. If not given, look up the value under Maven settings using server id at 'passphraseServerKey' configuration.
  • Type: java.lang.String
  • Required: No
  • User Property: gpg.passphrase

passphraseServerId:

Server id to lookup the passphrase under Maven settings.
  • Type: java.lang.String
  • Since: 1.6
  • Required: No
  • User Property: gpg.passphraseServerId
  • Default: gpg.passphrase

publicKeyring:

The path to a public keyring to add to the list of keyrings. By default, only the pubring.gpg from gpg's home directory is considered. Use this option (and defaultKeyring if required) to use a different public key. Note: Relative paths are resolved against gpg's home directory, not the project base directory.
  • Type: java.lang.String
  • Since: 1.2
  • Required: No
  • User Property: gpg.publicKeyring

secretKeyring:

The path to a secret keyring to add to the list of keyrings. By default, only the secring.gpg from gpg's home directory is considered. Use this option (in combination with publicKeyring and defaultKeyring if required) to use a different secret key. Note: Relative paths are resolved against gpg's home directory, not the project base directory.
  • Type: java.lang.String
  • Since: 1.2
  • Required: No
  • User Property: gpg.secretKeyring

skip:

Skip doing the gpg signing.
  • Type: boolean
  • Required: No
  • User Property: gpg.skip
  • Default: false

useAgent:

Passes --use-agent or --no-use-agent to gpg. If using an agent, the passphrase is optional as the agent will provide it. For gpg2, specify true as --no-use-agent was removed in gpg2 and doesn't ask for a passphrase anymore.
  • Type: boolean
  • Required: No
  • User Property: gpg.useagent
  • Default: true