Project

Profile

Help

Revision 3dd08c26

Added by Norman Tovey-Walsh 6 months ago

Added tasks for signing jars

View differences:

build.gradle
201 201
  DeleteFilesRecursively.delete(new File("${buildDir}/classes"))
202 202
}
203 203

  
204
// ============================================================
205
// Private options required for signing jars. (Can't be
206
// checked into the repository because they're sekrit.)
207
def eToken = "THIS-IS-NOT-THE-ETOKEN"
208
["${System.getenv("SAXON_SIGN_ETOKEN")}",
209
 "${projectDir}/../../private/eToken/macos/eToken.cfg",
210
 "z:/some/other/token/path"].each { path ->
211
  if (eToken == "THIS-IS-NOT-THE-ETOKEN"
212
      && new File(path).exists()) {
213
    eToken = path
214
  }
215
}
216

  
217
def signkeyNewAlias = "THIS-IS-NOT-THE-ALIAS"
218
if (System.getenv("SAXON_SIGN_ALIAS") != null) {
219
  signkeyNewAlias = System.getenv("SAXON_SIGN_ALIAS")
220
}
221

  
222
def signkeyPassword = "THIS-IS-NOT-THE-PASSWORD"
223
if (System.getenv("SAXON_SIGN_PASSWORD") != null) {
224
  signkeyPassword = System.getenv("SAXON_SIGN_PASSWORD")
225
}
226

  
227
def canSignJars = (!eToken.startsWith("THIS-IS-NOT")
228
                   && !signkeyNewAlias.startsWith("THIS-IS-NOT")
229
                   && !signkeyPassword.startsWith("THIS-IS-NOT"))
230

  
231
def signjarArgs = null
232
if (OperatingSystem.current().isWindows()) {
233
  signjarArgs = ["jarsigner",
234
                 "-keystore", "NONE",
235
                 "-storetype", "PKCS11",
236
                 "-tsa", "http://rfc3161timestamp.globalsign.com/advanced",
237
                 "-providerClass", "sun.security.pkcs11.SunPKCS11",
238
                 "-providerArg", eToken]
239
} else {
240
  signjarArgs = ["jarsigner",
241
                 "-tsa", "http://rfc3161timestamp.globalsign.com/advanced",
242
                 "-storetype", "PKCS11",
243
                 "-providerClass", "sun.security.pkcs11.SunPKCS11",
244
                 "-providerArg", eToken]
245
}
246

  
204 247
// ============================================================
205 248
// Find jar files that need to be part of the build or release
206 249
//
......
1134 1177

  
1135 1178
// ============================================================
1136 1179

  
1180
task signJars(
1181
  dependsOn: ["hejSignJars", "pejSignJars", "eejSignJars"],
1182
  description: "Sign all the jar files."
1183
) {
1184
  // Just a container to hang dependencies on
1185
}
1186

  
1187
task hejSignJars(
1188
  description: "Sign the HEJ jar files"
1189
) {
1190
  // Just a container to hang dependencies on
1191
}
1192

  
1193
task pejSignJars(
1194
  description: "Sign the PEJ jar files"
1195
) {
1196
  // Just a container to hang dependencies on
1197
}
1198

  
1199
task eejSignJars(
1200
  description: "Sign the EEJ jar files"
1201
) {
1202
  // Just a container to hang dependencies on
1203
}
1204

  
1205
// Create tasks for signing jars...
1206
["he", "pe", "ee"].each { rel ->
1207
  if (canSignJars) {
1208
    Task t = task "${rel}_jJarSignJar"(
1209
      type: Exec,
1210
      dependsOn: ["${rel}jJar"],
1211
      description: "Sign the ${rel.toUpperCase()}J jar file"
1212
    ) {
1213
      inputs.file "${buildDir}/libs/saxon-${rel}-${saxonVersion}.jar"
1214
      def args = signjarArgs +
1215
        ["${buildDir}/libs/saxon-${rel}-${saxonVersion}.jar",
1216
         signkeyNewAlias,
1217
         "-storepass", signkeyPassword]
1218
      commandLine args
1219
    }
1220
    tasks.findByName("${rel}jSignJars").dependsOn t
1221

  
1222
    t = task "${rel}j_JarSignTests"(
1223
      type: Exec,
1224
      dependsOn: ["${rel}jJarTests"],
1225
      description: "Sign the ${rel.toUpperCase()}J test jar file"
1226
    ) {
1227
      inputs.file "${buildDir}/libs/saxon-${rel}-test-${saxonVersion}.jar"
1228
      def args = signjarArgs +
1229
        ["${buildDir}/libs/saxon-${rel}-test-${saxonVersion}.jar",
1230
         signkeyNewAlias,
1231
         "-storepass", signkeyPassword]
1232
      commandLine args
1233
    }
1234
    tasks.findByName("${rel}jSignJars").dependsOn t
1235

  
1236
    t = task "${rel}j_JarSignXqj"(
1237
      type: Exec,
1238
      dependsOn: ["${rel}jJarXqj"],
1239
      description: "Sign the ${rel.toUpperCase()}J XQJ jar file"
1240
    ) {
1241
      inputs.file "${buildDir}/libs/saxon-${rel}-xqj-${saxonVersion}.jar"
1242
      def args = signjarArgs +
1243
        ["${buildDir}/libs/saxon-${rel}-xqj-${saxonVersion}.jar",
1244
         signkeyNewAlias,
1245
         "-storepass", signkeyPassword]
1246
      commandLine args
1247
    }
1248
    tasks.findByName("${rel}jSignJars").dependsOn t
1249

  
1250
    if (rel != 'he') {
1251
      t = task "${rel}j_JarSignSql"(
1252
        type: Exec,
1253
        dependsOn: ["${rel}jJarSql"],
1254
        description: "Sign the ${rel.toUpperCase()} jar file"
1255
      ) {
1256
        inputs.file "${buildDir}/libs/saxon-${rel}-sql-${saxonVersion}.jar"
1257
        def args = signjarArgs +
1258
          ["${buildDir}/libs/saxon-${rel}-sql-${saxonVersion}.jar",
1259
           signkeyNewAlias,
1260
           "-storepass", signkeyPassword]
1261
        commandLine args
1262
      }
1263
      tasks.findByName("${rel}jSignJars").dependsOn t
1264
    }
1265
  } else {
1266
    Task t = task "${rel}j_JarSignJar"(
1267
      description: "Cannot sign the ${rel.toUpperCase()}J jar file"
1268
    ) {
1269
      doLast {
1270
        throw new GradleException("Jar signing is not configured.")
1271
      }
1272
    }
1273
    tasks.findByName("${rel}jSignJars").dependsOn t
1274

  
1275
    t = task "${rel}j_JarSignTests"(
1276
      description: "Cannot sign the ${rel.toUpperCase()}J test jar file"
1277
    ) {
1278
      doLast {
1279
        throw new GradleException("Jar signing is not configured.")
1280
      }
1281
    }
1282
    tasks.findByName("${rel}jSignJars").dependsOn t
1283

  
1284
    t = task "${rel}j_JarSignXqj"(
1285
      description: "Cannot sign the ${rel.toUpperCase()}J XQJ jar file"
1286
    ) {
1287
      doLast {
1288
        throw new GradleException("Jar signing is not configured.")
1289
      }
1290
    }
1291
    tasks.findByName("${rel}jSignJars").dependsOn t
1292

  
1293
    if (rel != 'he') {
1294
      t = task "${rel}j_JarSignSql"(
1295
        description: "Cannot sign the ${rel.toUpperCase()} jar file"
1296
      ) {
1297
        doLast {
1298
          throw new GradleException("Jar signing is not configured.")
1299
        }
1300
      }
1301
      tasks.findByName("${rel}jSignJars").dependsOn t
1302
    }
1303
  }    
1304
}
1305

  
1306
// ============================================================
1307

  
1137 1308
task hej_releaseSetup(
1138 1309
  type: Copy,
1139 1310
  dependsOn: ["hejJar", "hejJarXqj", "hejJarTests", "hej_notices"],

Also available in: Unified diff