我已经正确配置了GPG,并且MAVEN还引用了正确的KEY。这一直有效。现在,一些Maven总是会给出以下错误:
gpg: skipped "39619BDF": No secret key
gpg: signing failed: No secret key
(我不确定它是否与JDK11而不是JDK 8的使用无关)
Maven settings.xml具有:
<profile>
<id>ossrh</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg2</gpg.executable>
<gpg.passphrase>xxxxxxxxx</gpg.passphrase>
<gpg.keyname>39619BDF</gpg.keyname>
</properties>
</profile>
</profiles>
命令gpg2 --edit-key 39619BDF显示:
gpg (GnuPG) 2.0.29; Copyright (C) 2015 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
pub 2048R/39619BDF created: 2016-01-27 expires: never usage: SC
trust: ultimate validity: ultimate
sub 2048R/9AE84F82 created: 2016-01-27 expires: never usage: E
[ultimate] (1). Miguel Gamboa (Miguel Gamboa works at CC.ISEL.IPL.PT) <miguelgamboa@outlook.com>
我唯一注意到的是缺少Maven文档中显示的消息Secret key is available:https://central.sonatype.org/pages/working-with-pgp-signatures.html#dealing-with-expired-keys
答案 0 :(得分:0)
我没有意识到这个问题背后的原因。
我刚刚生成了一个新的GPG密钥,它现在显示消息Secret key is available,并且在Maven settings.xml中替换了该密钥,现在构建可以很好地对工件进行签名了。
但是,我不知道为什么会这样。