Sign artifacts and deploy to sonatype staging

Add an encrypted GnuPG keyring and use it for signing the artifacts. When a Tag is present deploy to sonatype staging repository.
codecentric · Nov 15, 2015 · 6289d88 · 6289d88
1 parent 8e86ed0
commit 6289d88
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 15 deletions.
diff --git a/.gitignore b/.gitignore
@@ -10,3 +10,6 @@ target/
 .idea/
 *.iml
 *.iws
+
+# gnupg keyring
+/.gnupg
diff --git a/.gnupg.tar.enc b/.gnupg.tar.enc
diff --git a/.travis.yml b/.travis.yml
@@ -2,11 +2,14 @@ language: java
 sudo: false
 
 before_install:
+  - openssl aes-256-cbc -d -pass "env:DECRYPT_KEYPHRASE" -in .gnupg.tar.enc | tar xv
   - "export DISPLAY=:99.0"
   - "sh -e /etc/init.d/xvfb start"
+  - "[[ ${TRAVIS_TAG} != '' ]] && mvn versions:set -DnewVersion='${TRAVIS_TAG}'"
 
 script: mvn clean verify
 
 after_success:
   - mvn jacoco:report coveralls:report
   - "[[ ${TRAVIS_PULL_REQUEST} == 'false' ]] && [[ ${TRAVIS_TAG} == '' ]] && mvn deploy -DreposityId=sonatype-nexus-snapshots -DskipTests --settings deploy-settings.xml"
+  - "[[ ${TRAVIS_PULL_REQUEST} == 'false' ]] && [[ ${TRAVIS_TAG} != '' ]] && mvn deploy -DreposityId=sonatype-nexus-staging -DskipTests --settings deploy-settings.xml"
diff --git a/README.md b/README.md
@@ -177,23 +177,13 @@ You can access snapshot builds from the sonatype repository:
 
 
 #### Build
-In order to build spring-boot-admin you need to have node.js and npm on your PATH.
+In order to build spring-boot-admin you need to have node.js and npm on your `PATH`.
 
 ```shell
 mvn clean package
 ```
 
-#### Release
-
-```shell
-mvn build-helper:parse-version versions:set -DnewVersion=${parsedVersion.majorVersion}.${parsedVersion.minorVersion}.${parsedVersion.incrementalVersion}
-mvn -Psign-artifacts clean deploy
-```
-
-#### Increment version for next release
-
-Example:
-
+#### Set version for next release
 ```shell
 mvn build-helper:parse-version versions:set versions:commit -DnewVersion=1.0.0-SNAPSHOT
 ```
diff --git a/pom.xml b/pom.xml
@@ -17,7 +17,6 @@
     <properties>
         <java.version>1.7</java.version>
         <main.basedir>${basedir}</main.basedir>
-        <passphrase>${gpg.passphrase}</passphrase>
         <spring-boot.version>1.3.0.RC1</spring-boot.version>
         <spring-cloud.version>Brixton.M2</spring-cloud.version>
         <build-plugin.jacoco.version>0.7.5.201505241946</build-plugin.jacoco.version>
@@ -102,15 +101,18 @@
         <profile>
             <id>sign-artifacts</id>
             <activation>
-                <activeByDefault>false</activeByDefault>
+                <property>
+                    <name>env.GPG_PASSPHRASE</name>
+                </property>
             </activation>
             <build>
                 <plugins>
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-gpg-plugin</artifactId>
                         <configuration>
-                            <passphrase>${passphrase}</passphrase>
+                            <passphrase>${env.GPG_PASSPHRASE}</passphrase>
+                            <homedir>${user.dir}/.gnupg</homedir>
                         </configuration>
                         <executions>
                             <execution>