diff --git a/build-logic/publishing/build.gradle.kts b/build-logic/publishing/build.gradle.kts index 504044ea2..aa4fe403f 100644 --- a/build-logic/publishing/build.gradle.kts +++ b/build-logic/publishing/build.gradle.kts @@ -10,5 +10,6 @@ dependencies { implementation(project(":basics")) implementation(project(":jvm")) implementation("dev.sigstore.build-logic:gradle-plugin") + implementation("dev.sigstore:sigstore-gradle-sign-plugin:0.5.0") implementation("com.gradle.plugin-publish:com.gradle.plugin-publish.gradle.plugin:1.2.1") } diff --git a/build-logic/publishing/src/main/kotlin/build-logic.java-published-library.gradle.kts b/build-logic/publishing/src/main/kotlin/build-logic.java-published-library.gradle.kts index 1db560852..76e501952 100644 --- a/build-logic/publishing/src/main/kotlin/build-logic.java-published-library.gradle.kts +++ b/build-logic/publishing/src/main/kotlin/build-logic.java-published-library.gradle.kts @@ -3,6 +3,7 @@ plugins { id("build-logic.java-library") id("build-logic.reproducible-builds") id("build-logic.publish-to-central") + id("build-logic.signing") } java { @@ -17,3 +18,5 @@ publishing { } } } + +signing.sign(publishing.publications["mavenJava"]) diff --git a/build-logic/publishing/src/main/kotlin/build-logic.signing.gradle.kts b/build-logic/publishing/src/main/kotlin/build-logic.signing.gradle.kts new file mode 100644 index 000000000..32fbd43b2 --- /dev/null +++ b/build-logic/publishing/src/main/kotlin/build-logic.signing.gradle.kts @@ -0,0 +1,34 @@ +plugins { + id("signing") + id("dev.sigstore.sign") +} + +signing { + val signingKey: String? by project + val signingPassword: String? by project + useInMemoryPgpKeys(signingKey, signingPassword) +} + +tasks.withType().configureEach { + onlyIf("Is a release") { + project.hasProperty("release") + } + onlyIf("Signing is not skipped") { + !project.hasProperty("skipSigning") + } + onlyIf("PGP Signing is not skipped") { + !project.hasProperty("skipPgpSigning") + } +} + +tasks.withType().configureEach { + onlyIf("Is a release") { + project.hasProperty("release") + } + onlyIf("Signing is not skipped") { + !project.hasProperty("skipSigning") + } + onlyIf("Sigstore Signing is not skipped") { + !project.hasProperty("skipSigstoreSigning") + } +} diff --git a/build.gradle.kts b/build.gradle.kts index e99073788..a306b7b92 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -1,35 +1,5 @@ plugins { id("build-logic.root-build") - // It does not support participating in precompiled script plugins - id("com.github.vlsi.stage-vote-release") version "1.90" // The Kotlin Gradle plugin was loaded multiple times in different subprojects, which is not supported and may break the build. `embedded-kotlin` apply false } - -version = "${findProperty("version")}${releaseParams.snapshotSuffix}" - -println("Building Sigstore Java $version") - -releaseParams { - tlp.set("sigstore-java") - organizationName.set("sigstore") - componentName.set("sigstore-java") - prefixForProperties.set("s01") - svnDistEnabled.set(false) - sitePreviewEnabled.set(false) - nexus { - prodUrl.set(uri("https://s01.oss.sonatype.org")) - } - voteText.set { - """ - ${it.componentName} v${it.version}-rc${it.rc} is ready for preview. - - Git SHA: ${it.gitSha} - Staging repository: ${it.nexusRepositoryUri} - """.trimIndent() - } -} - -allprojects { - version = rootProject.version -}