Signing plugin unable to find subkey


(crotwell) #1

I am trying to use the signing plugin to sign my jars before uploading to the sonatype maven repository, but using a subkey instead of the master. If I use the master key id, then it works fine, but if I try to use the subkey id, I get an error:

:signArchives
  FAILURE: Build failed with an exception.
  * What went wrong:
did not find secret key for id 'XXXXXXXX' in key source 'file: /Users/crotwell/.gnupg/secring.gpg'

The subkey is present in the ring file, I can see it with

gpg --list-secret-keys --list-options show-keyring and I have the correct values set up for signing.keyId and signing.secretKeyRingFile. I am able to sign files manually with the subkey using gpg --detach-sig.

It seems like the signArchives task can only use the master key instead of a subkey?

I suppose a workaround might be to make a separate keyring that only contains the subkey, but that seems like it should not be required.


(Luke Daley) #2

This is just a shortcoming. The plugin would have to be updated to support subkeys.


(crotwell) #3

OK, thanks.

Is there a jira issue for this?

thanks Philip


(Luke Daley) #4

GRADLE-2927.