Add profile for signing artifacts
Publishing artifacts to maven central requires signing. To make signing work I
added the following configuration in the $HOME/.m2/settings.xml:
<profiles>
<profile>
<id>gpg</id>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.passphrase></gpg.passphrase>
</properties>
</profile>
</profiles>
<activeProfiles>
<activeProfile>gpg</activeProfile>
</activeProfiles>
as documented in [1]. Note that the executable could be named gpg or gpg2
depending on the platform.
Use the following command to build, sign and stage the artifacts to the OSS
Sonatype:
mvn clean deploy -DperformRelease=true \
-DaltDeploymentRepository=sonatype-nexus-staging::default::https://oss.sonatype.org/service/local/staging/deploy/maven2/
[1] https://gerrit-review.googlesource.com/Documentation/dev-release-deploy-config.html
Change-Id: I4faede2f754656772320c326f4890e2c74a9dce0
diff --git a/pom.xml b/pom.xml
index 49de1c2..e1ed478 100644
--- a/pom.xml
+++ b/pom.xml
@@ -326,6 +326,33 @@
<activeByDefault>true</activeByDefault>
</activation>
</profile>
+ <profile>
+ <id>sign</id>
+ <activation>
+ <property>
+ <name>performRelease</name>
+ <value>true</value>
+ </property>
+ </activation>
+ <build>
+ <plugins>
+ <plugin>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-gpg-plugin</artifactId>
+ <version>1.6</version>
+ <executions>
+ <execution>
+ <id>sign-artifacts</id>
+ <phase>verify</phase>
+ <goals>
+ <goal>sign</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
+ </plugins>
+ </build>
+ </profile>
</profiles>
<build>
