sigstore:sign
Full name:
io.github.hboutemy:sigstore-maven-plugin:1.0.0-beta-3:sign
Description:
Sign project artifact, the POM, and attached artifacts with
sigstore for deployment.
Attributes:
- Requires a Maven project to be executed.
- The goal is thread-safe and supports parallel builds.
- Binds by default to the lifecycle phase:
verify
.
Optional Parameters
Name | Type | Since | Description |
---|---|---|---|
<excludes> |
String[] |
- |
A list of files to exclude from being signed. Can contain Ant-style
wildcards and double wildcards. The default excludes are
**/*.md5 **/*.sha1 **/*.sha256 **/*.sha512 **/*.asc
**/*.sigstore . |
<publicStaging> |
boolean |
- |
Use public staging sigstage.dev instead of public
default sigstore.dev .Default value is: false .User property is: public-staging . |
<skip> |
boolean |
- |
Skip doing the gpg signing. Default value is: false .User property is: sigstore.skip . |
Parameter Details
<excludes>
A list of files to exclude from being signed. Can contain Ant-style
wildcards and double wildcards. The default excludes are
**/*.md5 **/*.sha1 **/*.sha256 **/*.sha512 **/*.asc
**/*.sigstore
.- Type:
java.lang.String[]
- Required:
No
<publicStaging>
Use public staging
sigstage.dev
instead of public
default sigstore.dev
.- Type:
boolean
- Required:
No
- User Property:
public-staging
- Default:
false
<skip>
Skip doing the gpg signing.
- Type:
boolean
- Required:
No
- User Property:
sigstore.skip
- Default:
false