[
http://jira.codehaus.org/browse/MRPM-45?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=189566#action_189566
]
Wendy Smoak commented on MRPM-45:
---------------------------------
There is already a gpg plugin that can create signatures for all the artifacts
attached to the build.
If it can't be used directly, maybe some code can be borrowed.
> Allow specifying the gpg passphrase when signing the RPM i.e.
> ${gpg.passphrase}
> -------------------------------------------------------------------------------
>
> Key: MRPM-45
> URL: http://jira.codehaus.org/browse/MRPM-45
> Project: Mojo RPM Plugin
> Issue Type: New Feature
> Components: rpm
> Affects Versions: 2.0-beta-3
> Reporter: Luke Forehand
> Assignee: Brett Okken
>
> This would allow automation of building signed rpms, where the
> ${gpg.passphrase} could be stored in settings.xml for security reasons.
> I understand this may be a difficult task since rpmbuild itself does not
> accept a passphrase as a passthrough to gpg. Some trickery may be required,
> but it would be an excellent feature to use with tools such as Spacewalk,
> which requires a signed RPM to deploy.
> Using a gpg-agent to cache the passphrase is possibly an option but the cache
> expires.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe from this list, please visit:
http://xircles.codehaus.org/manage_email
