I am trying to use Gradle’s signing plugin with “in memory” keys[1], but am having difficulty understanding which values to use where. I have the following:
$ gpg --list-keys --keyid-format=long
...
----------------------------------
pub <PUB>
uid ...
sub <SUB>
$ export GPG_KEY=$(gpg --armor --export <PUB>)
along with this build fragment
signing {
sign publishing.publications.publishedArtifacts
def signingKeyId = findProperty('signingKeyId')
def signingKey = findProperty('signingKey')
def signingPassword = findProperty('signingPassword')
useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
}
I’m sure much of this is my limited knowledge of GPG and PGP, but as I understand it, when the plugin doc talks about “signingKey”, that is my $GPG_KEY variable.
I am a bit unclear about what the doc calls “signingKeyId” - whether that is <PUB> or <SUB>. I’ve tried both and get the same error either way.
$ gradlew sign -PsigningKeyId=<PUB> -PsigningKey="$GPG_KEY" -PsigningPassword=...
> Error while evaluating property 'signatory' of task ':hibernate-core:signPublishedArtifactsPublication'
> Could not read PGP secret key
I’ve also tried the form without passing a key-id - still same result. So I am clearly not understanding something here.
$ gradlew --version
------------------------------------------------------------
Gradle 7.3.3
------------------------------------------------------------
Build time: 2021-12-22 12:37:54 UTC
Revision: 6f556c80f945dc54b50e0be633da6c62dbe8dc71
Kotlin: 1.5.31
Groovy: 3.0.9
Ant: Apache Ant(TM) version 1.10.11 compiled on July 10 2021
JVM: 11.0.6 (AdoptOpenJDK 11.0.6+10)
OS: Linux 5.15.12-100.fc34.x86_64 amd64
Thank you in advance as this has blocked me since last week 
[1] either The Signing Plugin or The Signing Plugin