3

I am attempting to release my artifacts to the OSS Sonatype Nexus Server using Jenkins. But I get the following error when the signing is attempted for the artifacts. I have generated my gpg keys and have it under C:/Users/Sara/AppData/Roaming/gnupg folder on my Windows machine. From another question Where to keep a GPG secret key for a Maven project in CI environment?, I could see the answer is for a Unix based environment. Can anybody shed light on where to place the secret keys for jenkins in a windows environment?

[INFO] --- maven-gpg-plugin:1.1:sign (sign-artifacts) @ StudentEnrollmentWithREST ---
    gpg: no default secret key: secret key not available
    gpg: signing failed: secret key not available
    [INFO] ------------------------------------------------------------------------
    [INFO] BUILD FAILURE
    [INFO] ------------------------------------------------------------------------
    [INFO] Total time: 1:27.647s
    [INFO] Finished at: Mon Jan 20 12:12:27 CST 2014
    [INFO] Final Memory: 22M/53M
    [INFO] ------------------------------------------------------------------------
    [ERROR] Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:1.1:sign (sign-artifacts) on project StudentEnrollmentWithREST: Exit code: 2 -> [Help 1]
    [ERROR] 
    [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
    [ERROR] Re-run Maven using the -X switch to enable full debug logging.
    [ERROR] 
    [ERROR] For more information about the errors and possible solutions, please read the following articles:
    [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1:45.118s
[INFO] Finished at: Mon Jan 20 12:12:33 CST 2014
[INFO] Final Memory: 8M/19M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.1:prepare (default-cli) on project StudentEnrollmentWithREST: Maven execution failed, exit code: '1' -> [Help 1]
[JENKINS] Archiving C:\Program Files (x86)\Jenkins\workspace\Upload REST Release Artifacts\pom.xml to com.github.elizabetht/StudentEnrollmentWithREST/1.3-SNAPSHOT/StudentEnrollmentWithREST-1.3-SNAPSHOT.pom
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
channel stopped
Skipping Cobertura coverage report as build was not UNSTABLE or better ...
Finished: FAILURE
Community
  • 1
  • 1
elizabetht
  • 627
  • 1
  • 8
  • 16

3 Answers3

3

According to the gpg:sign documentation.
The ${gpg.homedir} which defaults to ~/.gnupg or %APPDATA%/gnupg should be finding your keyring in the folder you have currently described. The files named pubring.gpg and secring.gpg by default can also be configured.

Perhaps the issue is finding the right key, maven uses the 'default key' unless otherwise configured. The first key in the keyring is the default.

Choosing a key - this might go in a project/parent or settings, or even on commandline

<properties>
    <gpg.keyname>C78F3CC4</gpg.keyname>
</properties>

Some other configuration is more likely to be 'per host' , maybe a profile in your settings.xml

<profile>
    <id>gpg-release</id>
    <properties>
        <gpg.passphrase>...</gpg.passphrase>
        <gpg.useagent>true</gpg.useagent>
<!--
        <gpg.defaultKeyring>false</gpg.defaultKeyring>
        <gpg.homedir>/private/.../.gnupg</gpg.homedir>
        <gpg.publicKeyring>/private/.../.gnupg/pubring.gpg</gpg.publicKeyring>
        <gpg.secretKeyring>/private/.../.gnupg/secring.gpg</gpg.secretKeyring>
-->
    </properties>
</profile>

If you use the command line with OSS Sonatype rather than in your settings xml, then it will need further gymnastics.
From OSS Sonatype documentation.
Because maven-release-plugin will start a new Maven instance, -Dgpg.passphrase=PASSPHRASE won't work in this case, instead, you should use mvn release:perform -Darguments=-Dgpg.passphrase=PASSPHRASE [and configure in the project pom usage of ${arguments}]

Greg Domjan
  • 13,943
  • 6
  • 43
  • 59
1

Adding the profile section as shown below in settings.xml worked 

<profile> 
<id>gpg-release</id> 
<properties> 
<gpg.passphrase>password</gpg.passphrase> 
<gpg.useagent>true</gpg.useagent> 
<gpg.defaultKeyring>false</gpg.defaultKeyring> <gpg.homedir>C:/Users/User/AppData/Roaming/gnupg</gpg.homedir> <gpg.publicKeyring>C:/Users/User/AppData/Roaming/gnupg/pubring.gpg</gpg.publicKe‌​yring> <gpg.secretKeyring>C:/Users/User/AppData/Roaming/gnupg/secring.gpg</gpg.secre‌​tKeyring> </properties> 
</profile>
elizabetht
  • 627
  • 1
  • 8
  • 16
1

You can save your GPG key in Jenkins in the manage Jenkins/configure-system. There is an RPM signing key section where you can add your GPG keys. Before you should have added required plugin in Jenkins

dhandai
  • 77
  • 1
  • 3
  • 17