哪里可以保留Jenkins在Windows上运行的GPG密钥?

时间:2014-01-20 18:26:58

标签: maven jenkins

我正在尝试使用Jenkins将我的工件发布到OSS Sonatype Nexus服务器。但是,在尝试对工件进行签名时,我收到以下错误。我已经生成了我的gpg密钥并将其放在我的Windows机器上的C:/ Users / Sara / AppData / Roaming / gnupg文件夹下。从另一个问题Where to keep a GPG secret key for a Maven project in CI environment?,我可以看到答案是基于Unix的环境。任何人都可以了解jenkins在Windows环境中放置秘密密钥的位置吗?

[INFO] --- maven-gpg-plugin:1.1:sign (sign-artifacts) @ StudentEnrollmentWithREST ---
    gpg: no default secret key: secret key not available
    gpg: signing failed: secret key not available
    [INFO] ------------------------------------------------------------------------
    [INFO] BUILD FAILURE
    [INFO] ------------------------------------------------------------------------
    [INFO] Total time: 1:27.647s
    [INFO] Finished at: Mon Jan 20 12:12:27 CST 2014
    [INFO] Final Memory: 22M/53M
    [INFO] ------------------------------------------------------------------------
    [ERROR] Failed to execute goal org.apache.maven.plugins:maven-gpg-plugin:1.1:sign (sign-artifacts) on project StudentEnrollmentWithREST: Exit code: 2 -> [Help 1]
    [ERROR] 
    [ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
    [ERROR] Re-run Maven using the -X switch to enable full debug logging.
    [ERROR] 
    [ERROR] For more information about the errors and possible solutions, please read the following articles:
    [ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1:45.118s
[INFO] Finished at: Mon Jan 20 12:12:33 CST 2014
[INFO] Final Memory: 8M/19M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:2.1:prepare (default-cli) on project StudentEnrollmentWithREST: Maven execution failed, exit code: '1' -> [Help 1]
[JENKINS] Archiving C:\Program Files (x86)\Jenkins\workspace\Upload REST Release Artifacts\pom.xml to com.github.elizabetht/StudentEnrollmentWithREST/1.3-SNAPSHOT/StudentEnrollmentWithREST-1.3-SNAPSHOT.pom
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
channel stopped
Skipping Cobertura coverage report as build was not UNSTABLE or better ...
Finished: FAILURE

3 个答案:

答案 0 :(得分:3)

根据gpg:sign文件 默认为${gpg.homedir}~/.gnupg的{​​{1}}应该在您当前描述的文件夹中找到您的密钥环。 %APPDATA%/gnupg和pubring.gpg的文件。

也许问题是找到正确的密钥,maven使用'默认密钥',除非另有配置。 密钥环中的第一个键是默认值。

选择一个键 - 这可能在项目/父级或设置中,甚至在命令行上

secring.gpg

其他一些配置更可能是“每个主机”,也可能是您的settings.xml中的配置文件

<properties>
    <gpg.keyname>C78F3CC4</gpg.keyname>
</properties>

如果你使用OSS Sonatype的命令行而不是你的设置xml,那么它将需要进一步的体操。
来自OSS Sonatype documentation
因为maven-release-plugin会启动一个新的Maven实例,<profile> <id>gpg-release</id> <properties> <gpg.passphrase>...</gpg.passphrase> <gpg.useagent>true</gpg.useagent> <!-- <gpg.defaultKeyring>false</gpg.defaultKeyring> <gpg.homedir>/private/.../.gnupg</gpg.homedir> <gpg.publicKeyring>/private/.../.gnupg/pubring.gpg</gpg.publicKeyring> <gpg.secretKeyring>/private/.../.gnupg/secring.gpg</gpg.secretKeyring> --> </properties> </profile> 在这种情况下不起作用,相反,你应该使用 -Dgpg.passphrase=PASSPHRASE [并在项目pom中配置$ {arguments}]

答案 1 :(得分:1)

在settings.xml中添加如下所示的配置文件部分

<profile> 
<id>gpg-release</id> 
<properties> 
<gpg.passphrase>password</gpg.passphrase> 
<gpg.useagent>true</gpg.useagent> 
<gpg.defaultKeyring>false</gpg.defaultKeyring> <gpg.homedir>C:/Users/User/AppData/Roaming/gnupg</gpg.homedir> <gpg.publicKeyring>C:/Users/User/AppData/Roaming/gnupg/pubring.gpg</gpg.publicKe‌​yring> <gpg.secretKeyring>C:/Users/User/AppData/Roaming/gnupg/secring.gpg</gpg.secre‌​tKeyring> </properties> 
</profile>

答案 2 :(得分:1)

您可以在管理Jenkins / configure系统中将您的GPG密钥保存在Jenkins中。有一个RPM签名密钥部分,您可以在其中添加GPG密钥。在你应该在Jenkins中添加所需的插件之前