Package org.gradle.plugins.signing

Class SigningExtension

java.lang.Object
org.gradle.plugins.signing.SigningExtension
public abstract class SigningExtension extends Object
The global signing configuration for a project.

  • Field Details

    • DEFAULT_CONFIGURATION_NAME

      public static final String DEFAULT_CONFIGURATION_NAME
      The name of the configuration that all signature artifacts will be placed into ("signatures")
      See Also:

  • Constructor Details

    • SigningExtension

      public SigningExtension(Project project)
      Configures the signing settings for the given project.

  • Method Details

    • getProject

      public final Project getProject()

    • setRequired

      public void setRequired(boolean required)
      Whether this task should fail if no signatory or signature type are configured at generation time.
      Since:
      4.0

    • setRequired

      public void setRequired(Object required)
      Whether this task should fail if no signatory or signature type are configured at generation time. If required is a Callable, it will be stored and "called" on demand (i.e. when isRequired() is called) and the return value will be interpreting according to the Groovy Truth. For example: 
       signing {
   required = { gradle.taskGraph.hasTask("publish") }
 }
      Because the task graph is not known until Gradle starts executing, we must use defer the decision. We can do this via using a Closure (which is a Callable). For any other type, the value will be stored and evaluated on demand according to the Groovy Truth. 
       signing {
   required = false
 }

    • isRequired

      public boolean isRequired()
      Whether this task should fail if no signatory or signature type are configured at generation time.

      Defaults to true.

      See Also:

    • getDefaultConfiguration

      protected Configuration getDefaultConfiguration()
      Provides the configuration that signature artifacts are added to. Called once during construction.

    • createSignatureTypeProvider

      protected SignatureTypeProvider createSignatureTypeProvider()
      Provides the signature type provider. Called once during construction.

    • createSignatoryProvider

      protected SignatoryProvider<?> createSignatoryProvider()
      Provides the signatory provider. Called once during construction.

    • signatories

      public SignatoryProvider<?> signatories(Closure<?> closure)
      Configures the signatory provider (delegating to its configure method).
      Parameters:
      closure - the signatory provider configuration DSL
      Returns:
      the configured signatory provider

    • getSignatory

      public Signatory getSignatory()
      The signatory that will be used for signing when an explicit signatory has not been specified.

      Delegates to the signatory provider's default signatory.

    • getSignatureType

      public SignatureType getSignatureType()
      The signature type that will be used for signing files when an explicit signature type has not been specified.

      Delegates to the signature type provider's default type.

    • setSignatureTypes

      public void setSignatureTypes(SignatureTypeProvider signatureTypes)

    • getSignatureTypes

      public SignatureTypeProvider getSignatureTypes()

    • setSignatories

      public void setSignatories(SignatoryProvider<?> signatories)

    • setConfiguration

      public void setConfiguration(Configuration configuration)

    • useGpgCmd

      public void useGpgCmd()
      Use GnuPG agent to perform signing work.
      Since:
      4.5

    • useInMemoryPgpKeys

      public void useInMemoryPgpKeys(@Nullable String defaultSecretKey, @Nullable String defaultPassword)
      Use the supplied ascii-armored in-memory PGP secret key and password instead of reading it from a keyring. 
      
 signing {
     def secretKey = findProperty("mySigningKey")
     def password = findProperty("mySigningPassword")
     useInMemoryPgpKeys(secretKey, password)
 }
      Since:
      5.4

    • useInMemoryPgpKeys

      public void useInMemoryPgpKeys(@Nullable String defaultKeyId, @Nullable String defaultSecretKey, @Nullable String defaultPassword)
      Use the supplied ascii-armored in-memory PGP secret key and password instead of reading it from a keyring. In case a signing subkey is provided, keyId must be provided as well. 
      
 signing {
     def keyId = findProperty("keyId")
     def secretKey = findProperty("mySigningKey")
     def password = findProperty("mySigningPassword")
     useInMemoryPgpKeys(keyId, secretKey, password)
 }
      Since:
      6.0

    • getConfiguration

      public Configuration getConfiguration()
      The configuration that signature artifacts are added to.

    • addSignatureSpecConventions

      protected void addSignatureSpecConventions(SignatureSpec spec)
      Adds conventions to the given spec, using this settings object's default signatory and signature type as the default signatory and signature type for the spec.

    • sign

      public List<Sign> sign(Task... tasks)
      Creates signing tasks that depend on and sign the "archive" produced by the given tasks.

      The created tasks will be named "sign<input task name capitalized>". That is, given a task with the name "jar" the created task will be named "signJar".

      If the task is not an AbstractArchiveTask, an InvalidUserDataException will be thrown.

      The signature artifact for the created task is added to the for this settings object.

      Parameters:
      tasks - The tasks whose archives are to be signed
      Returns:
      the created tasks.

    • sign

      public List<Sign> sign(Configuration... configurations)
      Creates signing tasks that sign all artifacts of the given configurations.

      The created tasks will be named "sign<configuration name capitalized>". That is, given a configuration with the name "conf" the created task will be named "signConf". The signature artifacts for the created tasks are added to the configuration for this settings object.

      Parameters:
      configurations - The configurations whose archives are to be signed
      Returns:
      the created tasks.

    • sign

      public List<Sign> sign(Publication... publications)
      Creates signing tasks that sign all publishable artifacts of the given publications.

      The created tasks will be named "sign<publication name capitalized>Publication". That is, given a publication with the name "mavenJava" the created task will be named "signMavenJavaPublication". The signature artifacts for the created tasks are added to the publishable artifacts of the given publications.

      Parameters:
      publications - The publications whose artifacts are to be signed
      Returns:
      the created tasks.
      Since:
      4.8

    • sign

      public List<Sign> sign(DomainObjectCollection<Publication> publications)
      Creates signing tasks that sign all publishable artifacts of the given publication collection.

      The created tasks will be named "sign<publication name capitalized>Publication". That is, given a publication with the name "mavenJava" the created task will be named "signMavenJavaPublication". The signature artifacts for the created tasks are added to the publishable artifacts of the given publications.

      Parameters:
      publications - The collection of publications whose artifacts are to be signed
      Returns:
      the created tasks.
      Since:
      4.8

    • addSignaturesToConfiguration

      protected Object addSignaturesToConfiguration(Sign task, Configuration configuration)

    • sign

      public SignOperation sign(PublishArtifact... publishArtifacts)
      Digitally signs the publish artifacts, generating signature files alongside them.

      The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

      If there is no configured default signatory available, the sign operation will fail.

      Parameters:
      publishArtifacts - The publish artifacts to sign
      Returns:
      The executed sign operation

    • sign

      public SignOperation sign(File... files)
      Digitally signs the files, generating signature files alongside them.

      The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

      If there is no configured default signatory available, the sign operation will fail.

      Parameters:
      files - The files to sign.
      Returns:
      The executed sign operation.

    • sign

      public SignOperation sign(String classifier, File... files)
      Digitally signs the files, generating signature files alongside them.

      The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

      If there is no configured default signatory available, the sign operation will fail.

      Parameters:
      classifier - The classifier to assign to the created signature artifacts.
      files - The publish artifacts to sign.
      Returns:
      The executed sign operation.

    • sign

      public SignOperation sign(@DelegatesTo(SignOperation.class) Closure<?> closure)
      Creates a new sign operation using the given closure to configure it before executing it.

      The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

      If there is no configured default signatory available (and one is not explicitly specified in this operation's configuration), the sign operation will fail.

      Parameters:
      closure - The configuration of the sign operation.
      Returns:
      The executed sign operation.

    • sign

      @Incubating public SignOperation sign(Action<SignOperation> setup)
      Creates a new sign operation using the given action to configure it before executing it.

      The project's default signatory and default signature type from the signing settings will be used to generate the signature. The returned sign operation gives access to the created signature files.

      If there is no configured default signatory available (and one is not explicitly specified in this operation's configuration), the sign operation will fail.

      Parameters:
      setup - The configuration action of the sign operation.
      Returns:
      The executed sign operation.
      Since:
      7.5

    • doSignOperation

      protected SignOperation doSignOperation(@DelegatesTo(SignOperation.class) Closure<?> setup)

    • doSignOperation

      protected SignOperation doSignOperation(Action<SignOperation> setup)

    • getSignatories

      public SignatoryProvider<?> getSignatories()