Sign artifacts and deploy to sonatype staging

Add an encrypted GnuPG keyring and use it for signing the artifacts. When a Tag is present deploy to sonatype staging repository.

Sign artifacts and deploy to sonatype staging
6289d884 · Johannes Edmeier · 8e86ed08 · 6289d884 · 6289d884 · 6289d884
Commit 6289d884 authored Nov 15, 2015 by Johannes Edmeier
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 15 deletions

.gitignore .gitignore +3 -0

.gnupg.tar.enc .gnupg.tar.enc +0 -0

.travis.yml .travis.yml +3 -0

README.md README.md +2 -12

pom.xml pom.xml +5 -3

No files found.
--- a/.gitignore
+++ b/.gitignore
@@ -10,3 +10,6 @@ target/
 .idea/
 *.iml
 *.iws
+# gnupg keyring
+/.gnupg
--- a/.gnupg.tar.enc
+++ b/.gnupg.tar.enc
--- a/.travis.yml
+++ b/.travis.yml
@@ -2,11 +2,14 @@ language: java
 sudo: false
 before_install:
+  - openssl aes-256-cbc -d -pass "env:DECRYPT_KEYPHRASE" -in .gnupg.tar.enc | tar xv
  - "export DISPLAY=:99.0"
  - "sh -e /etc/init.d/xvfb start"
+  - "[[ ${TRAVIS_TAG} != '' ]] && mvn versions:set -DnewVersion='${TRAVIS_TAG}'"
 script: mvn clean verify
 after_success:
  - mvn jacoco:report coveralls:report
  - "[[ ${TRAVIS_PULL_REQUEST} == 'false' ]] && [[ ${TRAVIS_TAG} == '' ]] && mvn deploy -DreposityId=sonatype-nexus-snapshots -DskipTests --settings deploy-settings.xml"
+  - "[[ ${TRAVIS_PULL_REQUEST} == 'false' ]] && [[ ${TRAVIS_TAG} != '' ]] && mvn deploy -DreposityId=sonatype-nexus-staging -DskipTests --settings deploy-settings.xml"
--- a/README.md
+++ b/README.md
@@ -177,23 +177,13 @@ You can access snapshot builds from the sonatype repository:
 #### Build
-In order to build spring-boot-admin you need to have node.js and npm on your PATH.
+In order to build spring-boot-admin you need to have node.js and npm on your `PATH`.
 ```shell
 mvn clean package
 ```
-#### Release
+#### Set version for next release
-```shell
-mvn build-helper:parse-version versions:set -DnewVersion=${parsedVersion.majorVersion}.${parsedVersion.minorVersion}.${parsedVersion.incrementalVersion}
-mvn -Psign-artifacts clean deploy
-```
-#### Increment version for next release
-Example:
 ```shell
 mvn build-helper:parse-version versions:set versions:commit -DnewVersion=1.0.0-SNAPSHOT
 ```
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,6 @@
    <properties>
        <java.version>1.7</java.version>
        <main.basedir>${basedir}</main.basedir>
-        <passphrase>${gpg.passphrase}</passphrase>
        <spring-boot.version>1.3.0.RC1</spring-boot.version>
        <spring-cloud.version>Brixton.M2</spring-cloud.version>
        <build-plugin.jacoco.version>0.7.5.201505241946</build-plugin.jacoco.version>
@@ -102,7 +101,9 @@
        <profile>
            <id>sign-artifacts</id>
            <activation>
-                <activeByDefault>false</activeByDefault>
+                <property>
+                    <name>env.GPG_PASSPHRASE</name>
+                </property>
            </activation>
            <build>
                <plugins>
@@ -110,7 +111,8 @@
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-gpg-plugin</artifactId>
                        <configuration>
-                            <passphrase>${passphrase}</passphrase>
+                            <passphrase>${env.GPG_PASSPHRASE}</passphrase>
+                            <homedir>${user.dir}/.gnupg</homedir>
                        </configuration>
                        <executions>
                            <execution>