Deploy Signed Artifacts

Without this plugin you deploy your project like this:

mvn deploy

If you have configured this plugin according to the instructions in the usage page, you just need to specify the passphrase for your private key on the command line like this:

mvn deploy -Dgpg.passphrase=thephrase

If you don't specify a passphrase, it will prompt for one.

Install/Deploy without configuring the plugin in the POM

Currently this is not easily accomplished. gpg signs the artifacts attached to the build at the point that gpg runs. However, we want to "inject" the gpg into the phases. What MIGHT work is:

mvn verify gpg:sign install:install deploy:deploy

However, if there are other plugins configured for phases after the verify phase, they will not be run.