Author: tchemit Date: Thu Nov 14 06:29:17 2013 New Revision: 1541835 URL: http://svn.apache.org/r1541835 Log: MJARSIGNER-18 - Support for Jar plugin's "errorWhenNotSigned" option
Added: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/ maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties (with props) maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml (with props) Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner.properties maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_de.properties maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_fr.properties Added: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties?rev=1541835&view=auto ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties (added) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties Thu Nov 14 06:29:17 2013 @@ -0,0 +1,18 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +invoker.buildResult = failure Propchange: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/invoker.properties ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Added: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml?rev=1541835&view=auto ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml (added) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml Thu Nov 14 06:29:17 2013 @@ -0,0 +1,79 @@ +<?xml version="1.0" encoding="UTF-8"?> + +<!-- +Licensed to the Apache Software Foundation (ASF) under one +or more contributor license agreements. See the NOTICE file +distributed with this work for additional information +regarding copyright ownership. The ASF licenses this file +to you under the Apache License, Version 2.0 (the +"License"); you may not use this file except in compliance +with the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, +software distributed under the License is distributed on an +"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +KIND, either express or implied. See the License for the +specific language governing permissions and limitations +under the License. +--> + +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> + <modelVersion>4.0.0</modelVersion> + + <groupId>org.apache.maven.its.jarsigner</groupId> + <artifactId>test</artifactId> + <version>1.0</version> + + <description> + Tests that verification of a none signed JAR fails when having the errorWhenNotsigned flag to true (see MJARSIGNED-18). + </description> + + <properties> + <maven.test.skip>true</maven.test.skip> + + </properties> + + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-compiler-plugin</artifactId> + <version>2.0.2</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jar-plugin</artifactId> + <version>2.1</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-resources-plugin</artifactId> + <version>2.2</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-surefire-plugin</artifactId> + <version>2.3.1</version> + </plugin> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-jarsigner-plugin</artifactId> + <version>@project.version@</version> + <configuration> + <errorWhenNotSigned>true</errorWhenNotSigned> + </configuration> + <executions> + <execution> + <id>verify-archive</id> + <goals> + <goal>verify</goal> + </goals> + </execution> + </executions> + </plugin> + </plugins> + </build> + +</project> Propchange: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml ------------------------------------------------------------------------------ svn:eol-style = native Propchange: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml ------------------------------------------------------------------------------ svn:keywords = Author Date Id Revision Propchange: maven/plugins/trunk/maven-jarsigner-plugin/src/it/verify-fail-if-not-signed/pom.xml ------------------------------------------------------------------------------ svn:mime-type = text/xml Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java?rev=1541835&r1=1541834&r2=1541835&view=diff ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java (original) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/AbstractJarsignerMojo.java Thu Nov 14 06:29:17 2013 @@ -481,7 +481,7 @@ public abstract class AbstractJarsignerM return getMessage( key, null ); } - private String getMessage( final String key, final Object arg ) + String getMessage( final String key, final Object arg ) { return getMessage( key, new Object[]{ arg } ); } Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java?rev=1541835&r1=1541834&r2=1541835&view=diff ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java (original) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/java/org/apache/maven/plugins/jarsigner/JarsignerVerifyMojo.java Thu Nov 14 06:29:17 2013 @@ -19,13 +19,16 @@ package org.apache.maven.plugins.jarsign * under the License. */ +import org.apache.maven.plugin.MojoExecutionException; import org.apache.maven.plugins.annotations.LifecyclePhase; import org.apache.maven.plugins.annotations.Mojo; import org.apache.maven.plugins.annotations.Parameter; import org.apache.maven.shared.jarsigner.JarSignerRequest; +import org.apache.maven.shared.jarsigner.JarSignerUtil; import org.apache.maven.shared.jarsigner.JarSignerVerifyRequest; import java.io.File; +import java.io.IOException; /** * Checks the signatures of a project artifact and attachments using jarsigner. @@ -51,6 +54,17 @@ public class JarsignerVerifyMojo @Parameter( property = "jarsigner.alias" ) private String alias; + /** When <code>true</code> this will make the execute() operation fail, + * throwing an exception, when verifying a non signed jar. + * + * Primarily to keep backwards compatibility with existing code, and allow reusing the + * bean in unattended operations when set to <code>false</code>. + * + * @since 1.3 + **/ + @Parameter( property = "jarsigner.errorWhenNotSigned", defaultValue = "false" ) + private boolean errorWhenNotSigned; + /** * {@inheritDoc} */ @@ -62,4 +76,30 @@ public class JarsignerVerifyMojo return request; } + @Override + protected void preProcessArchive( File archive ) + throws MojoExecutionException + { + super.preProcessArchive( archive ); + + if (errorWhenNotSigned) { + + // check archive if signed + boolean archiveSigned; + try + { + archiveSigned = JarSignerUtil.isArchiveSigned( archive ); + } + catch ( IOException e ) + { + throw new MojoExecutionException( "Failed to check if archive " + archive + " is signed: " + e.getMessage(), e ); + } + + if ( !archiveSigned ) { + + // fails, archive must be signed + throw new MojoExecutionException( getMessage( "archiveNotSigned", archive ) ); + } + } + } } Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner.properties URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner.properties?rev=1541835&r1=1541834&r2=1541835&view=diff ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner.properties (original) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner.properties Thu Nov 14 06:29:17 2013 @@ -23,3 +23,4 @@ processed = {0} archive(s) processed command = ''{0}'' commandLineException = Failed executing ''{0}'' failure = Failed executing ''{0}'' - exitcode {1,number} +archiveNotSigned = Archive ''{0}'' is not signed Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_de.properties URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_de.properties?rev=1541835&r1=1541834&r2=1541835&view=diff ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_de.properties (original) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_de.properties Thu Nov 14 06:29:17 2013 @@ -23,3 +23,4 @@ processed = {0} Archiv(e) verarbeitet command = ''{0}'' commandLineException = Ausf\u00FChrung von ''{0}'' gescheitert failure = Ausf\u00FChrung von ''{0}'' fehlgeschlagen - Ergebniscode ({1,number}) +archiveNotSigned = Archive ''{0}'' nicht unterdr\u00FCckt \ No newline at end of file Modified: maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_fr.properties URL: http://svn.apache.org/viewvc/maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_fr.properties?rev=1541835&r1=1541834&r2=1541835&view=diff ============================================================================== --- maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_fr.properties (original) +++ maven/plugins/trunk/maven-jarsigner-plugin/src/main/resources/jarsigner_fr.properties Thu Nov 14 06:29:17 2013 @@ -22,4 +22,5 @@ processing=En cours de traitement {0} processed={0} archive(s) trait\u00E9es command=''{0}'' commandLineException=Erreur lors de l'ex\u00E9cution ''{0}'' -failure=Erreur lors de l'ex\u00E9cution ''{0}'' - code de sortie {1,number} \ No newline at end of file +failure=Erreur lors de l'ex\u00E9cution ''{0}'' - code de sortie {1,number} +archiveNotSigned = L'archive ''{0}'' n'est pas signée \ No newline at end of file