I am not very keen on the idea storing my passphrase in a gradle.properties file in clear text. The Signing plugin should at least provide a convenient way to enter the passphrase or, even better, make use of a running gpg-agent instance.
I am surprised that this feature request hasn’t popped up already. At least my searches found none.
Yep, that’s what I’m using atm. I see that the signing plugin uses bouncycastle for signing. That may explains why where is no GnuPG agent support (yet). I sure would contribute if I find the time to hack something together that’s good enough. Thanks for your answer.
Another use case (where i am kind of stuck now) is that I do use gpg-agent because my gpg key is stored in a simcard. So when i invoke gpg it uses the card to perform the signing tasks and no passwords are required. This does not work with gradle since it always requires a password to be provided and if i do so it will not work since I don’t have a password…