Need help signing a file that's generated by a non-archive task


(Scott Babcock) #1

I have a build script that defines a task that produces a file, which happens to be a fully-specified POM file. In order to publish this file, I need to sign it. Although I specify this file as an artifact, and request signing of this file, no signing is performed when I build my project. If I attempt to perform a release, the signing process occurs before the file is created, resulting in a “file not found” failure.

artifacts {
  archives tasks["${profile}Jar"]
  archives tasks["${profile}SourcesJar"]
  archives tasks["${profile}JavadocJar"]
  archives(pomCopy.ext.pomFile) {
    builtBy pomCopy
  }
}

signing {
  sign tasks["${profile}Jar"]
  sign tasks["${profile}SourcesJar"]
  sign tasks["${profile}JavadocJar"]
  sign file(tasks['pomCopy'].ext.pomFile)
}

I’m producing a custom POM because the dependencies declared in the auto-generated POM are inaccurate. Is it possible to sign my custom POM file with the Gradle Signing plugin? If so, how?

For reference, the JARs specified in the signing profile do get signed. Also, if I change the task that produces the POM to type “Tar”, the resulting file gets signed, but it also gets compressed… not what I want.


(Scott Babcock) #2

I’ve now created a new class that extends the “Tar” class, but duplicates the implementation from the “Copy” task. This gets me most of the way there, but Gradle skips the Signing task associated with this “Copy/Archive” task unless the content of the file being signed has changed - even if the “asc” file that’s supposed to be created by the Signing task is absent from the destination folder.


(Scott Babcock) #3

Never mind… It appears that the issue is that the Signing plugin is considered “up-to-date” if the content of the POM file is unchanged from the last build, even if the “asc” file the Signing plugin should produce is missing. I worked around the issue by adding a property to the POM file that I fill in with the current time every time I need to build it. I also added my own “up-to-date” implementation to control the activation of the “Copy/Archive” task.