[ http://jira.codehaus.org/browse/MJAVADOC-228?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=171449#action_171449 ]
Christian Schulte edited comment on MJAVADOC-228 at 3/30/09 4:24 PM: --------------------------------------------------------------------- If nobody else wants to provide such a plugin, I'll prepare a maven-signer-plugin patch to have something to start with and attach it to this issue. Thinking about it, should such a mojo also contain the functionality of the maven-gpg-plugin ? If a general maven-signer-plugin would be available, I see no reason why not make it provide different signing strategies (jarsigner, gpg, what else?) Is there already some ArtifactSigner component available or something like this ? What would be the preferred design ? Provide an ArtifactSigner component in group org.apache.maven.shared.something and use that in the plugin ? For consistency with the other plugins, I am just missing a maven-jarsigner-plugin, I think, which can be executed independently of the maven-jar-plugin. There is a policy here to sign all jar files during release. For this, I added a release profile like: {code} <profile> <id>release</id> <activation> <activeByDefault>false</activeByDefault> </activation> <build> <plugins> <plugin> <inherited>true</inherited> <artifactId>maven-jar-plugin</artifactId> <executions> <execution> <id>sign</id> <phase>package</phase> <goals> <goal>sign</goal> </goals> <configuration> <storepass>${jarsign.storepass}</storepass> <keypass>${jarsign.keypass}</keypass> <alias>${jarsign.alias}</alias> <jarPath>${project.build.directory}/${project.build.finalName}.jar</jarPath> </configuration> </execution> </executions> </plugin> <plugin> <inherited>true</inherited> <artifactId>maven-gpg-plugin</artifactId> </plugin> <plugin> <inherited>true</inherited> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> <executions> <execution> <id>attach-sources</id> <goals> <goal>jar</goal> </goals> </execution> </executions> </plugin> <plugin> <inherited>true</inherited> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-javadoc-plugin</artifactId> <executions> <execution> <id>attach-javadocs</id> <goals> <goal>jar</goal> </goals> </execution> </executions> </plugin> <plugin> <inherited>true</inherited> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-deploy-plugin</artifactId> <configuration> <updateReleaseInfo>true</updateReleaseInfo> </configuration> </plugin> </plugins> </build> </profile> {code} This does not work for signing the source and javadoc jars since the jar:sign goal will be run before the source and javadoc plugins were run. maven-jar-plugin: Plugin for the jar command line tool. maven-gpg-plugin: Plugin for the gpg command line tool. maven-jarsigner-plugin: Plugin for the jarsigner command line tool. So create a maven-jarsigner-plugin based on the maven-jar-plugin's sign goal and deprecated jar:sign in favour of that ? WDYT was (Author: schulte2005): If nobody else wants to provide such a plugin, I'll prepare a maven-signer-plugin patch to have something to start with and attach it to this issue. Thinking about it, should such a mojo also contain the functionality of the maven-gpg-plugin ? If a general maven-signer-plugin would be available, I see no reason why not make it provide different signing strategies (jarsigner, gpg, what else?) Is there already some ArtifactSigner component available or something like this ? What would be the preferred design ? Provide an ArtifactSigner component in group org.apache.maven.shared.something and use that in the plugin ? WDYT > Please add support for signing javadoc jar files. > ------------------------------------------------- > > Key: MJAVADOC-228 > URL: http://jira.codehaus.org/browse/MJAVADOC-228 > Project: Maven 2.x Javadoc Plugin > Issue Type: Wish > Affects Versions: 2.5 > Environment: Maven version: 2.0.10 > Java version: 1.5.0_17 > OS name: "linux" version: "2.6.29" arch: "i386" Family: "unix" > Reporter: Christian Schulte > -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira