This is an automated email from the ASF dual-hosted git repository. hboutemy pushed a commit to branch sigstore in repository https://gitbox.apache.org/repos/asf/maven-gpg-plugin.git
commit 7256c182cac61fee2d387a6d641ce621bceabb0c Author: Hervé Boutemy <[email protected]> AuthorDate: Mon Apr 17 09:13:06 2023 +0200 add sigstore.duration to ease tests --- .../apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java index 6a30b6b..90db4c8 100644 --- a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java +++ b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java @@ -22,6 +22,7 @@ package org.apache.maven.plugins.gpg; import java.io.File; import java.io.IOException; import java.nio.file.Path; +import java.time.Duration; import java.util.ArrayList; import java.util.List; @@ -81,6 +82,12 @@ public class SigstoreSignAttachedMojo @Parameter( property = "sigstore.wait", defaultValue = "0" ) private long wait; + /** + * PoC: certificate duration (in min) + */ + @Parameter( property = "sigstore.duration", defaultValue = "-1" ) + private long duration; + /** * Maven ProjectHelper */ @@ -185,6 +192,13 @@ public class SigstoreSignAttachedMojo try { KeylessSigner signer = KeylessSigner.builder().sigstoreStagingDefaults().build(); + if ( duration > -1 ) + { + getLog().info( "updating certificate duration to " + duration + " min" ); + signer = KeylessSigner.builder().sigstoreStagingDefaults() + .minSigningCertificateLifetime( Duration.ofMinutes( duration ) ).build(); + } + for ( SigningBundle bundleToSign : filesToSign ) { if ( wait > 0 )
