@@ -29,6 +29,8 @@ dependencies {
29
29
// Publishing
30
30
31
31
java {
32
+ // Configure the Java "software component" to include javadoc and sources jars in addition to the classes jar.
33
+ // Ultimately, this component is what makes up the publication for this project.
32
34
withJavadocJar()
33
35
withSourcesJar()
34
36
}
@@ -98,130 +100,86 @@ publishing {
98
100
}
99
101
100
102
101
- var signingKey = resolveSigningKey()
102
- var signingPassword = findSigningProperty( " signingPassword " )
103
+ // ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
104
+ // Signing
103
105
104
- signing {
105
- useInMemoryPgpKeys( signingKey, signingPassword )
106
+ def signPublicationsTask = tasks . register( ' signPublications ' ) {
107
+ description " Grouping task which executes all Sign tasks "
106
108
107
- sign publishing . publications . publishedArtifacts
109
+ dependsOn tasks . withType( Sign )
108
110
}
109
111
110
- String resolveSigningKey () {
111
- var key = findSigningProperty( " signingKey" )
112
- if ( key != null ) {
113
- return key
114
- }
115
-
116
- var keyFile = findSigningProperty( " signingKeyFile" )
117
- if ( keyFile != null ) {
118
- return new File ( keyFile ). text
119
- }
120
-
121
- return null
112
+ tasks. named( " publishPublishedArtifactsPublicationToSonatypeRepository" ) {
113
+ // publishing depends on signing
114
+ dependsOn signPublicationsTask
122
115
}
123
116
124
- String findSigningProperty (String propName ) {
125
- if ( System . getProperty( propName ) != null ) {
126
- logger. debug " Found `{}` as a system property" , propName
127
- return System . getProperty(propName )
128
- }
129
- else if ( System . getenv(). get( propName ) != null ) {
130
- logger. debug " Found `{}` as an env-var property" , propName
131
- return System . getenv(). get( propName )
132
- }
133
- else if ( project. hasProperty( propName ) ) {
134
- logger. debug " Found `{}` as a project property" , propName
135
- return project. hasProperty( propName )
136
- }
137
- else {
138
- logger. debug " Did not find `{}`" , propName
139
- return null
140
- }
117
+ tasks. register(' sign' ) {
118
+ description " Pseudonym for :signPublications"
119
+ dependsOn signPublicationsTask
141
120
}
142
121
143
-
144
- var signingTask = project. tasks. getByName( " signPublishedArtifactsPublication" ) as Sign
145
122
var signingExtension = project. getExtensions(). getByType(SigningExtension ) as SigningExtension
146
123
147
- task sign {
148
- dependsOn " signPublications"
149
- }
124
+ gradle. taskGraph. whenReady { TaskExecutionGraph graph ->
125
+ boolean wasSigningRequested = false
126
+ boolean wasPublishingRequested = false
127
+
128
+ graph. allTasks. each {task ->
129
+ if ( task instanceof Sign ) {
130
+ wasSigningRequested = true
131
+ }
132
+ else if ( task instanceof PublishToMavenRepository ) {
133
+ wasPublishingRequested = true
134
+ }
135
+ }
150
136
151
- task signPublications { t ->
152
- tasks. withType( Sign ). all { s ->
153
- t. dependsOn s
137
+ if ( wasPublishingRequested ) {
138
+ def ossrhUser = System . getenv(). get( " ORG_GRADLE_PROJECT_sonatypeUsername" )
139
+ def ossrhPass = System . getenv(). get( " ORG_GRADLE_PROJECT_sonatypePassword" )
140
+ if ( ossrhUser == null || ossrhPass == null ) {
141
+ throw new RuntimeException ( " Cannot perform publishing to OSSRH without credentials." )
142
+ }
143
+ logger. lifecycle " Publishing groupId: '" + project. group + " ', version: '" + project. version + " '"
154
144
}
155
- }
156
145
157
- signingTask. doFirst {
158
- if ( signingKey == null || signingPassword == null ) {
159
- throw new GradleException (
160
- " Cannot perform signing without GPG details. Please set the `signingKey` and `signingKeyFile` properties"
161
- )
146
+ if ( wasSigningRequested || wasPublishingRequested ) {
147
+ // signing was explicitly requested and/or we are publishing to Sonatype OSSRH
148
+ // - we need the signing to happen
149
+ signingExtension. required = true
150
+
151
+ var signingKey = resolveSigningKey()
152
+ var signingPassword = resolveSigningPassphrase()
153
+ signingExtension. useInMemoryPgpKeys( signingKey, signingPassword )
154
+ signingExtension. sign publishing. publications. publishedArtifacts
155
+ }
156
+ else {
157
+ // signing was not explicitly requested and we are not publishing to OSSRH,
158
+ // - disable all Sign tasks
159
+ tasks. withType( Sign ). each { enabled = false }
162
160
}
163
161
}
164
162
165
-
166
- boolean wasSigningExplicitlyRequested () {
167
- // check whether signing task was explicitly requested when running the build
168
- //
169
- // NOTE: due to https://discuss.gradle.org/t/how-to-tell-if-a-task-was-explicitly-asked-for-on-the-command-line/42853/3
170
- // we cannot definitively know whether the task was requested. Gradle really just does not expose this information.
171
- // so we make a convention - we check the "start parameters" object to see which task-names were requested;
172
- // the problem is that these are the raw names directly from the command line. e.g. it is perfectly legal to
173
- // say `gradlew signPubArtPub` in place of `gradlew signPublishedArtifactsPublication` - Gradle will simply
174
- // "expand" the name it finds. However, it does not make that available.
175
- //
176
- // so the convention is that we will check for the following task names
177
- //
178
- // for each of:
179
- // 1. `sign`
180
- // 2. `signPublications`
181
- // 3. `signPublishedArtifactsPublication`
182
- //
183
- // and we check both forms:
184
- // 1. "${taskName}"
185
- // 2. project.path + ":${taskName}"
186
- //
187
- // we need to check both again because of the "start parameters" discussion
188
-
189
- def signingTaskNames = [" sign" , " signPublications" , " signPublishedArtifactsPublication" ]
190
-
191
- for ( String taskName : signingTaskNames ) {
192
- if ( gradle. startParameter. taskNames. contains( taskName )
193
- || gradle. startParameter. taskNames. contains( " ${ project.path} :${ taskName} " ) ) {
194
- return true
195
- }
163
+ static String resolveSigningKey () {
164
+ var key = System . getenv(). get( " SIGNING_GPG_PRIVATE_KEY" )
165
+ if ( key != null ) {
166
+ return key
196
167
}
197
168
198
- return false
199
- }
169
+ var keyFile = System . getenv(). get( " SIGNING_GPG_PRIVATE_KEY_PATH" )
170
+ if ( keyFile != null ) {
171
+ return new File ( keyFile ). text
172
+ }
200
173
201
- if ( wasSigningExplicitlyRequested() ) {
202
- // signing was explicitly requested
203
- signingExtension. required = true
174
+ throw new RuntimeException ( " Cannot perform signing without GPG details." )
204
175
}
205
- else {
206
- gradle. taskGraph. whenReady { graph ->
207
- if ( graph. hasTask( signingTask ) ) {
208
- // signing is scheduled to happen.
209
- //
210
- // we know, from above if-check, that it was not explicitly requested -
211
- // so it is triggered via task dependency. make sure we want it to happen
212
- var publishingTask = project. tasks. getByName( " publishPublishedArtifactsPublicationToSonatypeRepository" ) as PublishToMavenRepository
213
- if ( graph. hasTask( publishingTask ) ) {
214
- // we are publishing to Sonatype OSSRH - we need the signing to happen
215
- signingExtension. required = true
216
- }
217
- else {
218
- // signing was not explicitly requested and we are not publishing to OSSRH,
219
- // so do not sign.
220
- signingTask. enabled = false
221
- }
222
- }
223
176
177
+ static String resolveSigningPassphrase () {
178
+ var passphrase = System . getenv(). get( " SIGNING_GPG_PASSPHRASE" )
179
+ if ( passphrase == null ) {
180
+ throw new RuntimeException ( " Cannot perform signing without GPG details." )
224
181
}
182
+ return passphrase
225
183
}
226
184
227
185
0 commit comments