Skip to content

dbradicich/sigstore-maven-plugin

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

70 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CODEOWNERS
CODEOWNERS
 
 
COPYRIGHT.txt
COPYRIGHT.txt
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

sigstore-maven-plugin

This is a Maven plugin that can be used to use the "keyless" signing paradigm supported by Sigstore to sign JAR file with jarsigner.

Full sign goal documentation is available here, but you can quickly take advantage of the plugin by adding the following configuration into your Maven pom.xml file:

      <plugin>
        <groupId>dev.sigstore</groupId>
        <artifactId>sigstore-maven-plugin</artifactId>
        <version>1.0-SNAPSHOT</version>
        <executions>
          <execution>
            <id>sigstore-sign</id>
            <goals>
              <goal>sign</goal>
            </goals>
            <!-- optional configuration parameters; sensible defaults are chosen
            <configuration>
              <emailAddress>YOUR-EMAIL-ADDRESS-HERE</emailAddress>
              <outputSigningCert>signingCert.pem</outputSigningCert>
              <sslVerification>false</sslVerification>
            </configuration>
            -->
          </execution>
        </executions>
      </plugin>

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Java 97.8%
  • Groovy 2.2%