Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sign artifacts for publishing #340

Merged
merged 2 commits into from
Jul 29, 2021
Merged

Sign artifacts for publishing #340

merged 2 commits into from
Jul 29, 2021

Conversation

wolfs
Copy link
Member

@wolfs wolfs commented Jul 27, 2021

No description provided.

@wolfs wolfs added the internal Internal change label Jul 27, 2021
@wolfs wolfs self-assigned this Jul 27, 2021
@wolfs wolfs added this to the 0.17.0 milestone Jul 27, 2021
@wolfs wolfs requested a review from blindpirate July 27, 2021 06:48
blindpirate
blindpirate reviewed Jul 27, 2021
View reviewed changes
Copy link
Contributor

@blindpirate blindpirate left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I left some comments.

buildSrc/src/main/kotlin/profiler.publication.gradle.kts Outdated
@@ -37,3 +38,18 @@ fun Project.gradleInternalRepositoryUrl(): URI {
val repositoryQualifier = if (isSnapshot) "snapshots" else "releases"
return uri("https://repo.gradle.org/gradle/ext-$repositoryQualifier-local")
}

val signArtifacts: Boolean = !System.getenv("PGP_SIGNING_KEY").isNullOrEmpty()
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shall we use providers.environmentVariable("...").forUseAtConfigurationTime().orNull?

buildSrc/src/main/kotlin/profiler.publication.gradle.kts Outdated Show resolved Hide resolved
.teamcity/settings/GradleProfilerPublishing.kt
@@ -22,6 +24,8 @@ object GradleProfilerPublishing : BuildType({
param("env.ORG_GRADLE_PROJECT_sdkmanToken", "%gradleprofiler.sdkman.token%")
param("env.GRADLE_CACHE_REMOTE_USERNAME", "%gradle.cache.remote.username%")
param("env.GRADLE_CACHE_REMOTE_PASSWORD", "%gradle.cache.remote.password%")
param("env.PGP_SIGNING_KEY", "%pgpSigningKey%")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Personally I like storing these credentials in TC parameters so that they can be updated without changing code, wdyt?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That is a good point. I stored it for now like this, since I don't want to define the pgpSigning key in the root project, which would essentially allow all builds to access it. I did the same for native platform. Let's revisit this later.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If pgp signing key is used only in gradle-profiler, why don't define it in gradle-profiler TC project?

buildSrc/src/main/kotlin/profiler.publication.gradle.kts Show resolved Hide resolved
@wolfs
Copy link
Member Author

wolfs commented Jul 28, 2021

@blindpirate PTAL!

@wolfs wolfs requested a review from blindpirate July 28, 2021 16:51
@wolfs wolfs merged commit 54c4be3 into master Jul 29, 2021
@wolfs wolfs deleted the wolfs/sign-artifacts branch July 29, 2021 09:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@blindpirate blindpirate blindpirate approved these changes

Assignees

@wolfs wolfs

Labels
internal Internal change
Projects
None yet
Milestone
0.17.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@wolfs @blindpirate