Skip to content

Commit

Permalink
build: specify the key to use when invoking gpg:sign-and-deploy-file (#…
Browse files Browse the repository at this point in the history
  • Loading branch information
ligi authored and fjl committed May 8, 2018
1 parent c4a4613 commit eab6e5a
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 8 deletions.
21 changes: 13 additions & 8 deletions build/ci.go
Original file line number Diff line number Diff line change
Expand Up @@ -755,14 +755,18 @@ func doAndroidArchive(cmdline []string) {
os.Rename(archive, meta.Package+".aar")
if *signer != "" && *deploy != "" {
// Import the signing key into the local GPG instance
if b64key := os.Getenv(*signer); b64key != "" {
key, err := base64.StdEncoding.DecodeString(b64key)
if err != nil {
log.Fatalf("invalid base64 %s", *signer)
}
gpg := exec.Command("gpg", "--import")
gpg.Stdin = bytes.NewReader(key)
build.MustRun(gpg)
b64key := os.Getenv(*signer)
key, err := base64.StdEncoding.DecodeString(b64key)
if err != nil {
log.Fatalf("invalid base64 %s", *signer)
}
gpg := exec.Command("gpg", "--import")
gpg.Stdin = bytes.NewReader(key)
build.MustRun(gpg)

keyID, err := build.PGPKeyID(string(key))
if err != nil {
log.Fatal(err)
}
// Upload the artifacts to Sonatype and/or Maven Central
repo := *deploy + "/service/local/staging/deploy/maven2"
Expand All @@ -771,6 +775,7 @@ func doAndroidArchive(cmdline []string) {
}
build.MustRunCommand("mvn", "gpg:sign-and-deploy-file", "-e", "-X",
"-settings=build/mvn.settings", "-Durl="+repo, "-DrepositoryId=ossrh",
"-Dgpg.keyname="+keyID,
"-DpomFile="+meta.Package+".pom", "-Dfile="+meta.Package+".aar")
}
}
Expand Down
12 changes: 12 additions & 0 deletions internal/build/pgp.go
Original file line number Diff line number Diff line change
Expand Up @@ -57,3 +57,15 @@ func PGPSignFile(input string, output string, pgpkey string) error {
// Generate the signature and return
return openpgp.ArmoredDetachSign(out, keys[0], in, nil)
}

// PGPKeyID parses an armored key and returns the key ID.
func PGPKeyID(pgpkey string) (string, error) {
keys, err := openpgp.ReadArmoredKeyRing(bytes.NewBufferString(pgpkey))
if err != nil {
return "", err
}
if len(keys) != 1 {
return "", fmt.Errorf("key count mismatch: have %d, want %d", len(keys), 1)
}
return keys[0].PrimaryKey.KeyIdString(), nil
}

0 comments on commit eab6e5a

Please sign in to comment.