gpg:sign
Full name:
org.apache.maven.plugins:maven-gpg-plugin:3.0.1:sign
Description:
Sign project artifact, the POM, and attached artifacts with GnuPG
for deployment.
Attributes:
- Requires a Maven project to be executed.
- Binds by default to the lifecycle phase: verify.
Optional Parameters
| Name | Type | Since | Description |
|---|---|---|---|
| <ascDirectory> | File | 1.0-alpha-4 | The directory where to store signature files. Default value is: ${project.build.directory}/gpg. Alias is: outputDirectory. |
| <defaultKeyring> | boolean | 1.2 | Whether to add the default keyrings from gpg's home directory to
the list of used keyrings. Default value is: true. User property is: gpg.defaultKeyring. |
| <excludes> | String[] | 1.0-alpha-4 | A list of files to exclude from being signed. Can contain Ant-style
wildcards and double wildcards. The default excludes are
**/*.md5 **/*.sha1 **/*.sha256 **/*.sha512 **/*.asc. |
| <executable> | String | 1.1 | The path to the GnuPG executable to use for artifact signing.
Defaults to either "gpg" or "gpg.exe" depending on the operating
system. User property is: gpg.executable. |
| <gpgArguments> | List | 1.5 | Sets the arguments to be passed to gpg. Example:
<gpgArguments> <arg>--no-random-seed-file</arg> <arg>--no-permission-warning</arg> </gpgArguments> |
| <homedir> | File | 1.0 | The directory from which gpg will load keyrings. If not specified,
gpg will use the value configured for its installation, e.g.
~/.gnupg or %APPDATA%/gnupg. User property is: gpg.homedir. |
| <keyname> | String | - | The "name" of the key to sign with. Passed to gpg as
--local-user. User property is: gpg.keyname. |
| <lockMode> | String | 1.5 | The lock mode to use when invoking gpg. By default no lock mode
will be specified. Valid values are once,
multiple and never. The lock mode gets
translated into the corresponding --lock-___ command
line argument. Improper usage of this option may lead to data and
key corruption. User property is: gpg.lockMode. |
| <passphrase> | String | - | The passphrase to use when signing. If not given, look up the value
under Maven settings using server id at 'passphraseServerKey'
configuration. User property is: gpg.passphrase. |
| <passphraseServerId> | String | 1.6 | Server id to lookup the passphrase under Maven settings. Default value is: gpg.passphrase. User property is: gpg.passphraseServerId. |
| <publicKeyring> | String | 1.2 | The path to a public keyring to add to the list of keyrings. By
default, only the pubring.gpg from gpg's home
directory is considered. Use this option (and
defaultKeyring if required) to use a different public
key. Note: Relative paths are resolved against gpg's home
directory, not the project base directory. User property is: gpg.publicKeyring. |
| <secretKeyring> | String | 1.2 |
The path to a secret keyring to add to the list of keyrings. By default, only the secring.gpg from gpg's home directory is considered. Use this option (in combination with publicKeyring and defaultKeyring if required) to use a different secret key. Note: Relative paths are resolved against gpg's home directory, not the project base directory. NOTE: As of gpg 2.1 this is an obsolete option and ignored. All secret keys are stored in the 'private-keys-v1.d' directory below the GnuPG home directory.User property is: gpg.secretKeyring. |
| <skip> | boolean | - | Skip doing the gpg signing. Default value is: false. User property is: gpg.skip. |
| <useAgent> | boolean | - | Passes --use-agent or --no-use-agent to
gpg. If using an agent, the passphrase is optional as the agent
will provide it. For gpg2, specify true as --no-use-agent was
removed in gpg2 and doesn't ask for a passphrase anymore. Default value is: true. User property is: gpg.useagent. |
Parameter Details
<ascDirectory>
The directory where to store signature files.
- Type: java.io.File
- Since: 1.0-alpha-4
- Required: No
- Default: ${project.build.directory}/gpg
- Alias: outputDirectory
<defaultKeyring>
Whether to add the default keyrings from gpg's home directory to
the list of used keyrings.
- Type: boolean
- Since: 1.2
- Required: No
- User Property: gpg.defaultKeyring
- Default: true
<excludes>
A list of files to exclude from being signed. Can contain Ant-style
wildcards and double wildcards. The default excludes are
**/*.md5 **/*.sha1 **/*.sha256 **/*.sha512 **/*.asc.
- Type: java.lang.String[]
- Since: 1.0-alpha-4
- Required: No
<executable>
The path to the GnuPG executable to use for artifact signing.
Defaults to either "gpg" or "gpg.exe" depending on the operating
system.
- Type: java.lang.String
- Since: 1.1
- Required: No
- User Property: gpg.executable
<gpgArguments>
Sets the arguments to be passed to gpg. Example:
<gpgArguments> <arg>--no-random-seed-file</arg> <arg>--no-permission-warning</arg> </gpgArguments>
- Type: java.util.List
- Since: 1.5
- Required: No
<homedir>
The directory from which gpg will load keyrings. If not specified,
gpg will use the value configured for its installation, e.g.
~/.gnupg or %APPDATA%/gnupg.
- Type: java.io.File
- Since: 1.0
- Required: No
- User Property: gpg.homedir
<keyname>
The "name" of the key to sign with. Passed to gpg as
--local-user.
- Type: java.lang.String
- Required: No
- User Property: gpg.keyname
<lockMode>
The lock mode to use when invoking gpg. By default no lock mode
will be specified. Valid values are once,
multiple and never. The lock mode gets
translated into the corresponding --lock-___ command
line argument. Improper usage of this option may lead to data and
key corruption.
- Type: java.lang.String
- Since: 1.5
- Required: No
- User Property: gpg.lockMode
<passphrase>
The passphrase to use when signing. If not given, look up the value
under Maven settings using server id at 'passphraseServerKey'
configuration.
- Type: java.lang.String
- Required: No
- User Property: gpg.passphrase
<passphraseServerId>
Server id to lookup the passphrase under Maven settings.
- Type: java.lang.String
- Since: 1.6
- Required: No
- User Property: gpg.passphraseServerId
- Default: gpg.passphrase
<publicKeyring>
The path to a public keyring to add to the list of keyrings. By
default, only the pubring.gpg from gpg's home
directory is considered. Use this option (and
defaultKeyring if required) to use a different public
key. Note: Relative paths are resolved against gpg's home
directory, not the project base directory.
- Type: java.lang.String
- Since: 1.2
- Required: No
- User Property: gpg.publicKeyring
<secretKeyring>
The path to a secret keyring to add to the list of keyrings. By default, only the secring.gpg from gpg's home directory is considered. Use this option (in combination with publicKeyring and defaultKeyring if required) to use a different secret key. Note: Relative paths are resolved against gpg's home directory, not the project base directory.
NOTE: As of gpg 2.1 this is an obsolete option and ignored. All secret keys are stored in the 'private-keys-v1.d' directory below the GnuPG home directory.- Type: java.lang.String
- Since: 1.2
- Required: No
- User Property: gpg.secretKeyring
<skip>
Skip doing the gpg signing.
- Type: boolean
- Required: No
- User Property: gpg.skip
- Default: false
<useAgent>
Passes --use-agent or --no-use-agent to
gpg. If using an agent, the passphrase is optional as the agent
will provide it. For gpg2, specify true as --no-use-agent was
removed in gpg2 and doesn't ask for a passphrase anymore.
- Type: boolean
- Required: No
- User Property: gpg.useagent
- Default: true