GPG sign only

Jenkinsfile

@@ -57,16 +57,6 @@ spec:
 		GITHUB_API_CREDENTIALS_ID = 'github-bot-token'
 	}
 	stages {
-		stage('initialize PGP') {
-			steps {
-				container('container') {
-				withCredentials([file(credentialsId: 'secret-subkeys.asc', variable: 'KEYRING')]) {
-					sh 'gpg --batch --import "${KEYRING}"'
-					sh 'for fpr in $(gpg --list-keys --with-colons  | awk -F: \'/fpr:/ {print $10}\' | sort -u); do echo -e "5\ny\n" |  gpg --batch --command-fd 0 --expert --edit-key ${fpr} trust; done'
-				}
-				}
-			}
-		}
 		stage('Prepare-environment') {
 			steps {
 				container('container') {
@@ -81,10 +71,10 @@ spec:
 		stage('Build') {
 			steps {
 				container('container') {
-					withCredentials([string(credentialsId: 'gpg-passphrase', variable: 'KEYRING_PASSPHRASE')]) {
+					withCredentials([file(credentialsId: 'secret-subkeys.asc', variable: 'KEYRING'), string(credentialsId: 'gpg-passphrase', variable: 'KEYRING_PASSPHRASE')]) {
 						withCredentials([string(credentialsId: "${GITHUB_API_CREDENTIALS_ID}", variable: 'GITHUB_API_TOKEN')]) {
 							wrap([$class: 'Xvnc', useXauthority: true]) {
-								sh """mvn clean verify -B -fae -Ddownload.cache.skip=true -Dmaven.test.error.ignore=true -Dmaven.test.failure.ignore=true -Psign -Dmaven.repo.local=$WORKSPACE/.m2/repository -Dgithub.api.token="${GITHUB_API_TOKEN}" -Dgpg.passphrase="${KEYRING_PASSPHRASE}" """
+								sh '''mvn clean verify -B -fae -Ddownload.cache.skip=true -Dmaven.test.error.ignore=true -Dmaven.test.failure.ignore=true -Psign -Dmaven.repo.local=$WORKSPACE/.m2/repository -Dgithub.api.token="${GITHUB_API_TOKEN}" -Dgpg.passphrase="${KEYRING_PASSPHRASE}" -Dtycho.pgp.signer.bc.secretKeys="${KEYRING}" '''
 							}
 						}
 					}

pom.xml

@@ -189,45 +189,6 @@
 	</build>
 
 	<profiles>
-		<profile>
-			<id>sign</id>
-			<build>
-				<plugins>
-					<plugin>
-						<groupId>org.eclipse.cbi.maven.plugins</groupId>
-						<artifactId>eclipse-jarsigner-plugin</artifactId>
-						<version>1.4.3</version>
-						<executions>
-							<execution>
-								<id>sign</id>
-								<phase>package</phase>
-								<goals>
-									<goal>sign</goal>
-								</goals>
-							</execution>
-						</executions>
-					</plugin>
-					<plugin>
-						<groupId>org.eclipse.tycho</groupId>
-						<artifactId>tycho-p2-plugin</artifactId>
-						<version>${tycho-version}</version>
-						<executions>
-							<execution>
-								<id>p2-metadata</id>
-								<phase>package</phase>
-								<goals>
-									<goal>p2-metadata</goal>
-								</goals>
-							</execution>
-						</executions>
-						<configuration>
-							<defaultP2Metadata>false</defaultP2Metadata>
-						</configuration>
-					</plugin>
-				</plugins>
-			</build>
-		</profile>
-
 		<!-- Automatic profile for Mac-specific settings -->
 		<profile>
 			<id>macos</id>
@@ -243,11 +204,6 @@
 	</profiles>
 
 	<pluginRepositories>
-		<pluginRepository>
-			<id>cbi</id>
-			<url>https://repo.eclipse.org/content/groups/cbi</url>
-			<snapshots><enabled>true</enabled></snapshots>
-		</pluginRepository>
 		<pluginRepository>
 			<id>dash-licenses-snapshots</id>
 			<url>https://repo.eclipse.org/content/repositories/dash-licenses/</url>
@@ -258,9 +214,5 @@
 				<enabled>true</enabled>
 			</releases>
 		</pluginRepository>
-		<pluginRepository>
-			<id>tycho-snapshots</id>
-			<url>https://repo.eclipse.org/content/repositories/tycho-snapshots/</url>
-		</pluginRepository>
 	</pluginRepositories>
 </project>

repository/pom.xml

@@ -57,8 +57,9 @@
 									<goal>sign-p2-artifacts</goal>
 								</goals>
 								<configuration>
+									<signer>bc</signer>
 									<keyname>9BC06FC97ED4ED26</keyname>
-									<skipIfJarsigned>true</skipIfJarsigned>
+									<skipIfJarsigned>false</skipIfJarsigned>
 								</configuration>
 							</execution>
 						</executions>