6

I'm in the process of transitioning to Maven (from Ant) and want to automatically sign my artifacts with a GPG in the Jenkins job.

From the documents that I've read, I need to manually run Maven to sign the documents

$ mvn clean deploy -Dgpg.passphrase=yourpassphrase

How do I do this without revealing the passphrase?

Is it possible?

I saw this SO question, but there's no indication of how to configure the Jenkins Job / Maven POM: Where to keep a GPG secret key for a Maven project in CI environment?

I have generated the GPG key on the same server that runs Jenkins.

Community
  • 1
  • 1
Omertron
  • 864
  • 2
  • 13
  • 27

1 Answers1

1

I think you are searching for this plugin https://wiki.jenkins-ci.org/display/JENKINS/Mask+Passwords+Plugin This one might also help if you need to deploy the keystore https://wiki.jenkins-ci.org/display/JENKINS/Build+Secret+Plugin

Leonard Brünings
  • 12,408
  • 1
  • 46
  • 66