Feature - allow signing to be specified in settings.xml by adamretter · Pull Request #50 · ctron/rpm-builder

adamretter · 2020-06-05T21:53:43Z

This PR takes a feature from jdeb which allows the signing information to be specified in an active profile within ~/.m2/settings.xml.

This makes configuring the plugin for externalising the sensitive signature config options simpler, as custom property names no longer have to be explicitly specified in the pom.xml. Of course you can still specify custom property names if you wish ;-)

Simply adding the following to your your ~/.m2/settings.xml should be enough:

<profiles>

       <profile>
          <id>rpm-signing</id>
          <properties>
            <rpm.keyringFile>/home/me/.gnupg/secring.gpg</rpm.keyringFile>
            <rpm.keyId>AA540227</rpm.keyId>
            <rpm.passphrase>top-secret</rpm.passphrase>
          </properties>
        </profile>

</profiles>


<activeProfiles>

       <activeProfile>rpm-signing</activeProfile>

</activeProfiles>

The rpm. prefix of the property names can be customised through the plugin configuration element signCfgPrefix

…~/m2/settings.xml

ctron · 2020-06-09T10:42:36Z

Thanks for the PR. This makes total sense. There are a few "style" comments I will add, I hope you don't mind 😀

I am just wondering, should it already be possible to configure the via properties using rpm.signature?

ctron · 2020-06-09T10:42:51Z

-import java.util.Map;
-import java.util.Optional;
-import java.util.Set;
+import java.util.*;


I would prefer to have expanded imports.

Okay sure. Apologies, my IDE (IntelliJ) insists on doing these automated "improvements" for me.

ctron · 2020-06-09T10:43:52Z

+     * The signing variables are: keyId, keyringFile, passphrase, hashAlgorithm.
+     */
+    @Parameter(defaultValue = "rpm.")
+    private String signCfgPrefix;


I would prefer a non-abbreviated name, e.g. signConfigurationPrefix. And wouldn't it make sense to allow the user to set this via properties as well?

I can certainly do that. I just took the existing syntax from jdeb, but I can update it...

ctron · 2020-06-09T10:44:29Z

                provider.apply ( builder );
            }

+            // load any default signing properties from settings.xml


Maybe wrap this section up in another method?

ctron · 2020-06-09T10:46:29Z

+            return Collections.emptyMap();
+        }
+
+        final Map<String, String> map = new HashMap<String, String>();


IIRC we are on Java 8. So you can drop the type arguments on the constructor:

Suggested change

final Map<String, String> map = new HashMap<String, String>();

final Map<String, String> map = new HashMap<>();

ctron · 2020-06-09T10:46:44Z

+        }
+
+        final Map<String, String> map = new HashMap<String, String>();
+        final Set<String> activeProfiles = new HashSet<String>(activeProfilesList);


Suggested change

final Set<String> activeProfiles = new HashSet<String>(activeProfilesList);

final Set<String> activeProfiles = new HashSet<>(activeProfilesList);

ctron · 2020-06-09T10:49:10Z

Re-iterating over the PR, wouldn't it be possible to find a solution which doesn't require to manually iterate over the settings and profiles?

adamretter · 2020-06-09T11:14:26Z

@ctron I did actually try such an approach first but I could not get it to work, which is why we ended up with iterating over the properties.

adamretter · 2020-06-09T11:21:03Z

@ctron I pushed a commit which I think addresses your comments.

dwalluck · 2020-06-12T14:19:54Z

The rpm. prefix of the property names can be customised through the plugin configuration element signCfgPrefix

I kind of wonder why it can't use the existing gpg properties (described here) for this (although I understand why you might want different ones).

I guess putting it in settings has transparent support for encrypted passwords?

I don't really see the point in making the prefix configurable as all the other properties using an rpm. prefix and all the properties should use the same prefix by convention.

ctron · 2020-06-15T09:52:32Z

The rpm. prefix of the property names can be customised through the plugin configuration element signCfgPrefix

I don't really see the point in making the prefix configurable as all the other properties using an rpm. prefix and all the properties should use the same prefix by convention.

I tend to agree here. Making it configurable, may sound nice for some niche use cases, but adds some complexity that I am not sure, is worth it.

I completely understand the use case, but would prefer something that works without manually iterating over the settings.

ctron · 2020-06-15T11:36:32Z

I did a quick check: Using the properties from MavenProject#getProperties you already have everything expanded. I also checked the maven resources filtering system, they basically take the project properties, overwrite this with the system properties, and then the user properties. I think this should be much simpler, and re-use all that maven does anyway:

@Mojo(name = "sayhi")
public class MyMojo extends AbstractMojo {

    @Parameter(property = "project", readonly = true, required = true)
    private MavenProject project;

    @Parameter(property = "session", readonly = true, required = true)
    private MavenSession session;

    @Override
    public void execute() throws MojoExecutionException {
        Properties p = new Properties();
        p.putAll(project.getProperties());
        p.putAll(session.getSystemProperties());
        p.putAll(session.getUserProperties());
        for ( Map.Entry<?, ?> entry : p.entrySet()) {
            getLog().info(String.format("%-40s: %s", entry.getKey(), entry.getValue()));
        }
    }
}

lburja · 2021-01-07T13:56:38Z

Any chance for this to be merged? It looks like a nice improvement over configuring signing inside the pom.xml

Allow signing properties to be specified in an active profile within …

792e01c

…~/m2/settings.xml

adamretter force-pushed the feature/default-signature-properties branch from 7172492 to 792e01c Compare June 7, 2020 11:39

adamretter changed the title ~~Add property names for signature config~~ Feature - allow signing to be specified in settings.xml Jun 7, 2020

ctron reviewed Jun 9, 2020

View reviewed changes

Address comments from code-review

a08c302

	final Map<String, String> map = new HashMap<String, String>();
	final Map<String, String> map = new HashMap<>();

	final Set<String> activeProfiles = new HashSet<String>(activeProfilesList);
	final Set<String> activeProfiles = new HashSet<>(activeProfilesList);

Conversation

adamretter commented Jun 5, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

ctron commented Jun 9, 2020

Uh oh!

ctron Jun 9, 2020

Choose a reason for hiding this comment

Uh oh!

adamretter Jun 9, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

ctron Jun 9, 2020

Choose a reason for hiding this comment

Uh oh!

adamretter Jun 9, 2020

Choose a reason for hiding this comment

Uh oh!

ctron Jun 9, 2020

Choose a reason for hiding this comment

Uh oh!

ctron Jun 9, 2020

Choose a reason for hiding this comment

Uh oh!

ctron Jun 9, 2020

Choose a reason for hiding this comment

Uh oh!

ctron commented Jun 9, 2020

Uh oh!

adamretter commented Jun 9, 2020 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

adamretter commented Jun 9, 2020

Uh oh!

dwalluck commented Jun 12, 2020

Uh oh!

ctron commented Jun 15, 2020

Uh oh!

ctron commented Jun 15, 2020

Uh oh!

lburja commented Jan 7, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

4 participants

adamretter commented Jun 5, 2020 •

edited

Loading

adamretter Jun 9, 2020 •

edited

Loading

adamretter commented Jun 9, 2020 •

edited

Loading