Skip to content
Permalink
Browse files

Artifact signing

  • Loading branch information...
Alex Stockinger
Alex Stockinger committed Jul 24, 2017
1 parent 26b21df commit 0c8de6bc1a092f49e769eac9027d959b05ea1c3a
Showing with 35 additions and 26 deletions.
  1. +28 −26 Jenkinsfile
  2. +4 −0 build.gradle
  3. +3 −0 builder/jdk8/Dockerfile
@@ -6,37 +6,15 @@ node() {
withBuildEnv() {
stage("Build and Test") {
try {
sh "IGNORE_TEST_FAILURES=true ./gradlew --no-daemon clean build"
sh 'gpg --import $GPG_KEY_FILE'
sh 'IGNORE_TEST_FAILURES=true ./gradlew -Dorg.gradle.project.signing.keyId=CBC58EE1 -Dorg.gradle.project.signing.password=$GPG_PASSWORD -Dorg.gradle.project.signing.secretKeyRingFile=$HOME/.gnupg/secring.gpg --no-daemon clean build uploadArchives --stacktrace'
} finally {
junit "**/build/test-results/**/TEST-*.xml"
}
}

stage("Static code analysis") {
withCredentials([
usernamePassword(
credentialsId: 'sonar',
usernameVariable: 'SONAR_USER',
passwordVariable: 'SONAR_PASSWORD'
)
]) {
sh "./gradlew --no-daemon -x test sonarqube"
}
}
}

stage("Publish to Nexus") {
if (currentBuild.result == 'UNSTABLE') {
throw new RuntimeException("SKIP: Won't deploy because build is unstable");
}
withCredentials([
usernamePassword(
credentialsId: 'maven',
usernameVariable: 'MAVEN_USER',
passwordVariable: 'MAVEN_PASSWORD'
)
]) {
sh "./gradlew uploadArchives"
sh "./gradlew --no-daemon -x test sonarqube"
}
}

@@ -93,7 +71,31 @@ def withBuildEnv(closure) {
"-e TESTEE_PSQL_USER=testee",
"-e TESTEE_PSQL_PASSWORD=testee"
].join(" "),
closure
{
withCredentials([
file(
credentialsId: 'gpg-key',
variable: 'GPG_KEY_FILE'
),
usernamePassword(
credentialsId: 'gpg-password',
usernameVariable: 'GPG_USER', // not used
passwordVariable: 'GPG_PASSWORD'
),
usernamePassword(
credentialsId: 'maven',
usernameVariable: 'MAVEN_USER',
passwordVariable: 'MAVEN_PASSWORD'
),
usernamePassword(
credentialsId: 'sonar',
usernameVariable: 'SONAR_USER',
passwordVariable: 'SONAR_PASSWORD'
)
]) {
closure()
}
}
)
}
}
@@ -35,6 +35,7 @@ subprojects {
buildscript.repositories.addAll(rootProject.buildscript.repositories)

apply plugin: 'maven'
apply plugin: 'signing'

afterEvaluate { Project project ->
if (project.pluginManager.hasPlugin("java")) {
@@ -107,6 +108,9 @@ subprojects {
artifacts {
archives javadocJar, sourcesJar
}
signing {
sign configurations.archives
}
}
}
}
@@ -16,3 +16,6 @@ RUN apt-get update -q && \
mv "/tmp/jdk1.${JAVA_VERSION}.0_${JAVA_UPDATE}" "/usr/lib/jvm/java-${JAVA_VERSION}-oracle" && \
ln -s "/usr/lib/jvm/java-${JAVA_VERSION}-oracle" "$JAVA_HOME" && \
rm "/tmp/"*

ENV HOME=/root
RUN mkdir -p $HOME/.gnupg && chmod 777 $HOME -R

0 comments on commit 0c8de6b

Please sign in to comment.
You can’t perform that action at this time.