Sigining inside subprojects

lepe · April 28, 2020, 5:41am

Using gradle 6.3:
I would like to sign and upload some subprojects, the current structure is:

common
    | ---- core
    | ---- etc
    | ---- crypt
   ....

When compiling, the following jars are generated:

core-version.jar
etc-version.jar
crypt-version.jar
… and so on …

Note: the root project (common) has no sources, so I don’t need to produce a jar of it.

I moved the repository to sonatype but I’m having an issue with the signing plugin as it is not signing the jars, this is the important part:

    subprojects {
      apply plugin: 'signing'
      ...
      signing {
            sign configuration.artifacts
      }
    }

The line sign configuration.artifacts shows the following warning:

'sign' in 'org.gradle.plugins.signing.SigningExtension' cannot be applied to '(org.gradle.api.artifacts.PublishArtifactSet)'

The following is the complete gradle.properties:

plugins {
    id 'idea'
    id 'groovy'
    id 'maven'
}

def currentVersion = "2.7.11"

allprojects {
    group = groupName
    version = currentVersion
    repositories {
        mavenLocal()
        mavenCentral()
    }
}

subprojects {
    apply plugin: 'groovy'
    apply plugin: 'idea'
    apply plugin: 'maven'
    apply plugin: 'signing'

    dependencies {
        compile 'com.intellisrc:groovy-extend:2.5.6.4'
        testCompile 'org.spockframework:spock-unitils:1.3-groovy-2.5'
        testCompile 'net.bytebuddy:byte-buddy:1.10.2'
    }

    uploadArchives {
        repositories {
            mavenDeployer {
                beforeDeployment { deployment -> signing.signPom(deployment) }

                repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2") {
                    authentication(userName: ossrhUsername, password: ossrhPassword)
                }
                snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots") {
                    authentication(userName: ossrhUsername, password: ossrhPassword)
                }

                pom.project {
                       ..... omitted for simplicity .....
                }
            }
        }
    }

    task sourceJar(type: Jar) {
        archiveClassifier = "sources"
        from sourceSets.main.allSource
    }

    task javadocJar(type: Jar) {
        archiveClassifier = "javadoc"
        dependsOn("groovydoc")
        from tasks.groovydoc.destinationDir
    }

    jar.dependsOn( sourceJar, javadocJar )
    test.dependsOn( jar )

    artifacts {
        archives jar, sourceJar, javadocJar
    }

    signing {
        sign configuration.artifacts
    }

}```

How can I sign the subprojects?

Thank you.

lepe · May 4, 2020, 3:52am

The solution so far that I was able to come with is:

task signJars {
    dependsOn( jar, sourceJar, javadocJar )
    signing {
        doLast {
            [jar, javadocJar, sourceJar].each {
                Task task ->
                    File file = task.archiveFile.get().asFile
                    if (file.exists()) {
                        sign file
                    } else {
                        println "Jar : " + file.name + " doesn't exists"
                    }
            }
        }
    }
}

The jars are successfully signed inside each module. I feel it’s a little bit inefficient but its working.

Topic		Replies	Views
Signing plugin unable to find subkey Old Forum Archive	3	1272	October 22, 2013
Using Gradle's signing plugin Help/Discuss	0	427	February 2, 2022
Signing info not inside jar META-INF Help/Discuss plugins	1	693	November 16, 2016
Use of signing plugin with GPG agent fails with Gradle >= 5.x Help/Discuss	1	971	November 23, 2020
Publish source and javadoc jars for Gradle to maven central Old Forum Archive	22	3972	June 26, 2013

Sigining inside subprojects

Related topics