Monday, July 14, 2008

Maven 2 GPG Plugin

Maven 2 GPG Plugin, allows to sign attached artifacts with GunPG. One of the tedious processes involved in releasing a project is to sign its artifacts. Some of the releases might contain 10-15 artifacts. Ex: WSO2 WSAS etc. So in order to get the release process smoother, one could just need to add the following plugin into the parent pom.xml,


The latest version of this plugin is 1.0-alpha-4 as at 2007-09-28.

Then using "mvn clean deploy" will sign the artifacts in addition to md5 & sha1. It's advisable if the prior plugin be added in a "profile" section. Then only at the release time, "asc" files are generated. Trust me, when you have A LOT OF artifacts to be signed, above plugin is a life saver.

No comments: