Package org.gradle.plugins.signing

Class SigningExtension

  • public abstract class SigningExtension
extends java.lang.Object
    The global signing configuration for a project.

    • Field Detail

      • DEFAULT_CONFIGURATION_NAME

        public static final java.lang.String DEFAULT_CONFIGURATION_NAME
        The name of the configuration that all signature artifacts will be placed into ("signatures")
        See Also:
        Constant Field Values

    • Constructor Detail

      • SigningExtension

        public SigningExtension​(Project project)
        Configures the signing settings for the given project.

    • Method Detail

      • getProject

        public final Project getProject()

      • setRequired

        public void setRequired​(boolean required)
        Whether this task should fail if no signatory or signature type are configured at generation time.
        Since:
        4.0

      • setRequired

        public void setRequired​(java.lang.Object required)
        Whether this task should fail if no signatory or signature type are configured at generation time. If required is a Callable, it will be stored and "called" on demand (i.e. when isRequired() is called) and the return value will be interpreting according to the Groovy Truth. For example: 
         signing {
   required = { gradle.taskGraph.hasTask("publish") }
 }
        Because the task graph is not known until Gradle starts executing, we must use defer the decision. We can do this via using a Closure (which is a Callable). For any other type, the value will be stored and evaluated on demand according to the Groovy Truth. 
         signing {
   required = false
 }

      • isRequired

        public boolean isRequired()
        Whether this task should fail if no signatory or signature type are configured at generation time.

        Defaults to true.

        See Also:
        setRequired(Object)

      • getDefaultConfiguration

        protected Configuration getDefaultConfiguration()
        Provides the configuration that signature artifacts are added to. Called once during construction.

      • createSignatureTypeProvider

        protected SignatureTypeProvider createSignatureTypeProvider()
        Provides the signature type provider. Called once during construction.

      • createSignatoryProvider

        protected SignatoryProvider<?> createSignatoryProvider()
        Provides the signatory provider. Called once during construction.

      • signatories

        public SignatoryProvider<?> signatories​(Closure<?> closure)
        Configures the signatory provider (delegating to its configure method).
        Parameters:
        closure - the signatory provider configuration DSL
        Returns:
        the configured signatory provider

      • getSignatory

        public Signatory getSignatory()
        The signatory that will be used for signing when an explicit signatory has not been specified.

        Delegates to the signatory provider's default signatory.

      • getSignatureType

        public SignatureType getSignatureType()
        The signature type that will be used for signing files when an explicit signature type has not been specified.

        Delegates to the signature type provider's default type.

      • setConfiguration

        public void setConfiguration​(Configuration configuration)

      • useGpgCmd

        public void useGpgCmd()
        Use GnuPG agent to perform signing work.
        Since:
        4.5

      • useInMemoryPgpKeys

        public void useInMemoryPgpKeys​(@Nullable
                               java.lang.String defaultSecretKey,
                               @Nullable
                               java.lang.String defaultPassword)
        Use the supplied ascii-armored in-memory PGP secret key and password instead of reading it from a keyring. 
        
 signing {
     def secretKey = findProperty("mySigningKey")
     def password = findProperty("mySigningPassword")
     useInMemoryPgpKeys(secretKey, password)
 }
        Since:
        5.4

      • useInMemoryPgpKeys

        public void useInMemoryPgpKeys​(@Nullable
                               java.lang.String defaultKeyId,
                               @Nullable
                               java.lang.String defaultSecretKey,
                               @Nullable
                               java.lang.String defaultPassword)
        Use the supplied ascii-armored in-memory PGP secret key and password instead of reading it from a keyring. In case a signing subkey is provided, keyId must be provided as well. 
        
 signing {
     def keyId = findProperty("keyId")
     def secretKey = findProperty("mySigningKey")
     def password = findProperty("mySigningPassword")
     useInMemoryPgpKeys(keyId, secretKey, password)
 }
        Since:
        6.0

      • getConfiguration

        public Configuration getConfiguration()
        The configuration that signature artifacts are added to.

      • addSignatureSpecConventions

        protected void addSignatureSpecConventions​(SignatureSpec spec)
        Adds conventions to the given spec, using this settings object's default signatory and signature type as the default signatory and signature type for the spec.

      • sign

        public java.util.List<Sign> sign​(Task... tasks)
        Creates signing tasks that depend on and sign the "archive" produced by the given tasks.

        The created tasks will be named "sign<input task name capitalized>". That is, given a task with the name "jar" the created task will be named "signJar".

        If the task is not an AbstractArchiveTask, an InvalidUserDataException will be thrown.

        The signature artifact for the created task is added to the for this settings object.

        Parameters:
        tasks - The tasks whose archives are to be signed
        Returns:
        the created tasks.

      • sign

        public java.util.List<Sign> sign​(Configuration... configurations)
        Creates signing tasks that sign all artifacts of the given configurations.

        The created tasks will be named "sign<configuration name capitalized>". That is, given a configuration with the name "conf" the created task will be named "signConf". The signature artifacts for the created tasks are added to the configuration for this settings object.

        Parameters:
        configurations - The configurations whose archives are to be signed
        Returns:
        the created tasks.

      • sign

        public java.util.List<Sign> sign​(Publication... publications)
        Creates signing tasks that sign all publishable artifacts of the given publications.

        The created tasks will be named "sign<publication name capitalized>Publication". That is, given a publication with the name "mavenJava" the created task will be named "signMavenJavaPublication". The signature artifacts for the created tasks are added to the publishable artifacts of the given publications.

        Parameters:
        publications - The publications whose artifacts are to be signed
        Returns:
        the created tasks.
        Since:
        4.8

      • sign

        public java.util.List<Sign> sign​(DomainObjectCollection<Publication> publications)
        Creates signing tasks that sign all publishable artifacts of the given publication collection.

        The created tasks will be named "sign<publication name capitalized>Publication". That is, given a publication with the name "mavenJava" the created task will be named "signMavenJavaPublication". The signature artifacts for the created tasks are added to the publishable artifacts of the given publications.

        Parameters:
        publications - The collection of publications whose artifacts are to be signed
        Returns:
        the created tasks.
        Since:
        4.8

      • addSignaturesToConfiguration

        protected java.lang.Object addSignaturesToConfiguration​(Sign task,
                                                        Configuration configuration)

      • sign

        public SignOperation sign​(PublishArtifact... publishArtifacts)
        Digitally signs the publish artifacts, generating signature files alongside them.

        The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

        If there is no configured default signatory available, the sign operation will fail.

        Parameters:
        publishArtifacts - The publish artifacts to sign
        Returns:
        The executed sign operation

      • sign

        public SignOperation sign​(java.io.File... files)
        Digitally signs the files, generating signature files alongside them.

        The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

        If there is no configured default signatory available, the sign operation will fail.

        Parameters:
        files - The files to sign.
        Returns:
        The executed sign operation.

      • sign

        public SignOperation sign​(java.lang.String classifier,
                          java.io.File... files)
        Digitally signs the files, generating signature files alongside them.

        The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

        If there is no configured default signatory available, the sign operation will fail.

        Parameters:
        classifier - The classifier to assign to the created signature artifacts.
        files - The publish artifacts to sign.
        Returns:
        The executed sign operation.

      • sign

        public SignOperation sign​(@DelegatesTo(SignOperation.class)
                          Closure<?> closure)
        Creates a new sign operation using the given closure to configure it before executing it.

        The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

        If there is no configured default signatory available (and one is not explicitly specified in this operation's configuration), the sign operation will fail.

        Parameters:
        closure - The configuration of the sign operation.
        Returns:
        The executed sign operation.

      • sign

        @Incubating
public SignOperation sign​(Action<SignOperation> setup)
        Creates a new sign operation using the given action to configure it before executing it.

        The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

        If there is no configured default signatory available (and one is not explicitly specified in this operation's configuration), the sign operation will fail.

        Parameters:
        setup - The configuration action of the sign operation.
        Returns:
        The executed sign operation.
        Since:
        7.5