From 2be80c471e4034e750b5f20f479f0f295b0ce2e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D0=BB=D0=B5=D0=BA=D1=81=D0=B0=D0=BD=D0=B4=D1=8A?= =?UTF-8?q?=D1=80=20=D0=9A=D1=83=D1=80=D1=82=D0=B0=D0=BA=D0=BE=D0=B2?= Date: Thu, 5 Sep 2024 23:27:36 +0300 Subject: [PATCH] GPG sign only --- Jenkinsfile | 14 ++------------ pom.xml | 48 ---------------------------------------------- repository/pom.xml | 3 ++- 3 files changed, 4 insertions(+), 61 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 8fd82996c7..69068ab2d0 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -57,16 +57,6 @@ spec: GITHUB_API_CREDENTIALS_ID = 'github-bot-token' } stages { - stage('initialize PGP') { - steps { - container('container') { - withCredentials([file(credentialsId: 'secret-subkeys.asc', variable: 'KEYRING')]) { - sh 'gpg --batch --import "${KEYRING}"' - sh 'for fpr in $(gpg --list-keys --with-colons | awk -F: \'/fpr:/ {print $10}\' | sort -u); do echo -e "5\ny\n" | gpg --batch --command-fd 0 --expert --edit-key ${fpr} trust; done' - } - } - } - } stage('Prepare-environment') { steps { container('container') { @@ -81,10 +71,10 @@ spec: stage('Build') { steps { container('container') { - withCredentials([string(credentialsId: 'gpg-passphrase', variable: 'KEYRING_PASSPHRASE')]) { + withCredentials([file(credentialsId: 'secret-subkeys.asc', variable: 'KEYRING'), string(credentialsId: 'gpg-passphrase', variable: 'KEYRING_PASSPHRASE')]) { withCredentials([string(credentialsId: "${GITHUB_API_CREDENTIALS_ID}", variable: 'GITHUB_API_TOKEN')]) { wrap([$class: 'Xvnc', useXauthority: true]) { - sh """mvn clean verify -B -fae -Ddownload.cache.skip=true -Dmaven.test.error.ignore=true -Dmaven.test.failure.ignore=true -Psign -Dmaven.repo.local=$WORKSPACE/.m2/repository -Dgithub.api.token="${GITHUB_API_TOKEN}" -Dgpg.passphrase="${KEYRING_PASSPHRASE}" """ + sh '''mvn clean verify -B -fae -Ddownload.cache.skip=true -Dmaven.test.error.ignore=true -Dmaven.test.failure.ignore=true -Psign -Dmaven.repo.local=$WORKSPACE/.m2/repository -Dgithub.api.token="${GITHUB_API_TOKEN}" -Dgpg.passphrase="${KEYRING_PASSPHRASE}" -Dtycho.pgp.signer.bc.secretKeys="${KEYRING}" ''' } } } diff --git a/pom.xml b/pom.xml index df8f2f08ba..6237af6001 100644 --- a/pom.xml +++ b/pom.xml @@ -189,45 +189,6 @@ - - sign - - - - org.eclipse.cbi.maven.plugins - eclipse-jarsigner-plugin - 1.4.3 - - - sign - package - - sign - - - - - - org.eclipse.tycho - tycho-p2-plugin - ${tycho-version} - - - p2-metadata - package - - p2-metadata - - - - - false - - - - - - macos @@ -243,11 +204,6 @@ - - cbi - https://repo.eclipse.org/content/groups/cbi - true - dash-licenses-snapshots https://repo.eclipse.org/content/repositories/dash-licenses/ @@ -258,9 +214,5 @@ true - - tycho-snapshots - https://repo.eclipse.org/content/repositories/tycho-snapshots/ - diff --git a/repository/pom.xml b/repository/pom.xml index c0c52c912e..306115ebc2 100644 --- a/repository/pom.xml +++ b/repository/pom.xml @@ -57,8 +57,9 @@ sign-p2-artifacts + bc 9BC06FC97ED4ED26 - true + false