This is an automated email from the ASF dual-hosted git repository.
rjung pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/tomcat.git
The following commit(s) were added to refs/heads/main by this push:
new 0777a54cdf Refactor gpg init targets; add property gpg.sign.files to
disable gpg artefact signing (and only use it for release verification)
0777a54cdf is described below
commit 0777a54cdfd7d87e9f5472169a7401bad47aaa98
Author: Rainer Jung <[email protected]>
AuthorDate: Tue Nov 11 00:25:57 2025 +0100
Refactor gpg init targets; add property gpg.sign.files to disable gpg
artefact signing (and only use it for release verification)
---
build.properties.default | 2 ++
build.xml | 21 +++++++++++++--------
2 files changed, 15 insertions(+), 8 deletions(-)
diff --git a/build.properties.default b/build.properties.default
index b1791d274d..59901a672f 100644
--- a/build.properties.default
+++ b/build.properties.default
@@ -99,6 +99,8 @@ openssl.ffm.3=-DNoop3
# ----- Release build settings -----
# Location of GPG executable
gpg.exec=/path/to/gpg
+# Release artefact signing with gpg
+gpg.sign.files=true
# Code signing of Windows installer
# See https://infra.apache.org/digicert-use.html for setup instructions
diff --git a/build.xml b/build.xml
index 796696e9c5..e773724134 100644
--- a/build.xml
+++ b/build.xml
@@ -3000,26 +3000,31 @@ Configured for ${release.asfusername} to release Tomcat
${version.major}.${versi
</target>
<!-- Sets properties only required for releases -->
- <target name="release-init"
depends="release-version-check,gpg-init-1,gpg-init-2,gpg-init-3,compile" >
+ <target name="release-init"
depends="release-version-check,gpg-init-test-signing,compile" >
<taskdef name="forceUtcTimeZone"
classname="org.apache.tomcat.buildutil.ForceUtcTimeZone"
classpath="${tomcat.classes}" />
<forceUtcTimeZone />
</target>
- <target name="gpg-init-1">
+ <target name="gpg-init-available">
<available file="${gpg.exec}" property="gpg.exec.available"/>
</target>
- <target name="gpg-init-2" if="${gpg.exec.available}">
-<echo>gpg.exec.available=${gpg.exec.available}</echo>
-<echo>gpg.exec=${gpg.exec}</echo>
- <input addproperty="gpg.passphrase"><handler type="secure"/>Enter GPG
passphrase
-</input>
+ <target name="gpg-init-sign-files" depends="gpg-init-available"
if="${gpg.exec.available}">
+ <condition property="gpg.sign.files.available">
+ <istrue value="${gpg.sign.files}"/>
+ </condition>
+ </target>
+
+ <target name="gpg-init-passphrase" depends="gpg-init-sign-files"
if="${gpg.sign.files.available}">
+ <echo>gpg.exec.available=${gpg.exec.available}</echo>
+ <echo>gpg.exec=${gpg.exec}</echo>
+ <input addproperty="gpg.passphrase"><handler type="secure"/>Enter GPG
passphrase: </input>
</target>
<!-- Test GPG by signing build.xml as a sample file. -->
- <target name="gpg-init-3" if="gpg.passphrase">
+ <target name="gpg-init-test-signing" depends="gpg-init-passphrase"
if="gpg.passphrase">
<exec executable="${gpg.exec}"
inputstring="${gpg.passphrase}"
failonerror="true"
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
