Commit 56387f78 authored by Tigran Mkrtchyan's avatar Tigran Mkrtchyan
Browse files

pom: add profile to sign artifacts

Motivation:
The are many reasons why we should sign our artifacts. The main two are:

  - allow library users to verify who have release the jars
  - maven central accepts only signed artifacts (and this is the goal)

Modification:
Add profile that will be activated by maven release plugin or manually
with `-P sign-artifacts` option.

Result:
produced artifacts will be released.

Acked-by: Jürgen Starek
Target: master, 0.19
parent 0d385e48
......@@ -251,4 +251,37 @@
</snapshotRepository>
</distributionManagement>
<profiles>
<profile>
<id>sign-artifacts</id>
<activation>
<property>
<name>performRelease</name>
<value>true</value>
</property>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.6</version>
<configuration>
<passphrase>${gpg.passphrase}</passphrase>
</configuration>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment