[maven-gpg-plugin] branch sigstore updated: improve messages

[hboutemy]

This is an automated email from the ASF dual-hosted git repository.

hboutemy pushed a commit to branch sigstore
in repository https://gitbox.apache.org/repos/asf/maven-gpg-plugin.git


The following commit(s) were added to refs/heads/sigstore by this push:
     new 5617348  improve messages
5617348 is described below

commit 561734899c4ca62fb1b704247530afe1131290dd
Author: Hervé Boutemy <hbout...@apache.org>
AuthorDate: Tue Apr 18 19:41:14 2023 +0200

    improve messages
---
 .../maven/plugins/gpg/SigstoreSignAttachedMojo.java       | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git 
a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java 
b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
index 90db4c8..0f2f6b1 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
@@ -194,21 +194,28 @@ public class SigstoreSignAttachedMojo
             KeylessSigner signer = 
KeylessSigner.builder().sigstoreStagingDefaults().build();
             if ( duration > -1 )
             {
-                getLog().info( "updating certificate duration to " + duration 
+ " min" );
-                signer = KeylessSigner.builder().sigstoreStagingDefaults()
+<               getLog().info( "updating certificate minimum remaining 
duration to " + duration + " min" );
+>               signer = KeylessSigner.builder().sigstoreStagingDefaults()
                         .minSigningCertificateLifetime( Duration.ofMinutes( 
duration ) ).build();
             }
 
+            boolean first = true;
             for ( SigningBundle bundleToSign : filesToSign )
             {
-                if ( wait > 0 )
+                if ( first )
                 {
-                    getLog().info( "waiting for " + wait + " seconds before 
signing" );
+                    first = false;
+                }
+                else if ( wait > 0 )
+                {
+                    getLog().info( "waiting for " + wait + " seconds before 
signing next = "
+                         + bundleToSign.getSignature() );
                     Thread.sleep( wait * 1000 );
                 }
 
                 File fileToSign = bundleToSign.getSignature(); // reusing 
original GPG implementation where it's the signature: TODO change
 
+                getLog().info( "Signing " + fileToSign );
                 KeylessSignature signature = signer.signFile( 
fileToSign.toPath() );
 
                 // sigstore signature in bundle format (json string)