From 0ef20df0a8d88db45de9e4b3d1e8685d1ca849ed Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Johannes=20Tegn=C3=A9r?= <johannes@jitesoft.com>
Date: Mon, 30 Dec 2024 16:19:26 +0100
Subject: [PATCH] Added gpg signing to gradle build.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Johannes Tegnér <johannes@jitesoft.com>
---
 .github/workflows/release.yml |  2 ++
 build.gradle                  | 13 +++++++++++++
 2 files changed, 15 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 50b9aa3..aea34c4 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -20,5 +20,7 @@ jobs:
       - name: Publish to GitHub Packages
         run: gradle publish
         env:
+          ORG_GRADLE_PROJECT_signingKey: ${{ secrets.GPG_PRIVATE_KEY }}
+          ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.GPG_PASSPHRASE }}
           USERNAME: ${{ github.actor }}
           TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/build.gradle b/build.gradle
index 4ffd2b8..ebe92e8 100644
--- a/build.gradle
+++ b/build.gradle
@@ -2,6 +2,7 @@ plugins {
     id 'maven-publish'
     id 'java'
     id 'java-library'
+    id 'signing'
 }
 
 group 'dev.organisationsnummer'
@@ -91,3 +92,15 @@ publishing {
         }
     }
 }
+
+signing {
+    def signingKeyId = "C5D41C23" // Short format key-id of signing key.
+    def signingKey = findProperty("signingKey") ?: "key"
+    def signingPassword = findProperty("signingPassword") ?: "pass"
+    useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
+    sign publishing.publications.mavenJava
+}
+
+tasks.withType(Sign) {
+    onlyIf { version != "NONE" }
+}