This is an automated email from the ASF dual-hosted git repository.
hboutemy pushed a commit to branch sigstore
in repository https://gitbox.apache.org/repos/asf/maven-gpg-plugin.git
The following commit(s) were added to refs/heads/sigstore by this push:
new 52e6d5a add sigstore.duration to ease tests
52e6d5a is described below
commit 52e6d5a98e09b1bdd03e02c9e0ad37db5bda4fef
Author: Hervé Boutemy <[email protected]>
AuthorDate: Mon Apr 17 09:13:06 2023 +0200
add sigstore.duration to ease tests
---
.../apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git
a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
index 6a30b6b..ed0dbb7 100644
--- a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
+++ b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
@@ -22,6 +22,7 @@ package org.apache.maven.plugins.gpg;
import java.io.File;
import java.io.IOException;
import java.nio.file.Path;
+import java.time.Duration;
import java.util.ArrayList;
import java.util.List;
@@ -81,6 +82,12 @@ public class SigstoreSignAttachedMojo
@Parameter( property = "sigstore.wait", defaultValue = "0" )
private long wait;
+ /**
+ * PoC: certificate duration (in min)
+ */
+ @Parameter( property = "sigstore.duration", defaultValue = "-1" )
+ private long duration;
+
/**
* Maven ProjectHelper
*/
@@ -185,6 +192,12 @@ public class SigstoreSignAttachedMojo
try
{
KeylessSigner signer =
KeylessSigner.builder().sigstoreStagingDefaults().build();
+ if ( duration > -1 )
+ {
+ getLog().info( "updating certificate duration to " + duration
+ " min" );
+ signer =
KeylessSigner.builder().sigstoreStagingDefaults().minSigningCertificateLifetime(
Duration.ofMinutes( duration ) ).build();
+ }
+
for ( SigningBundle bundleToSign : filesToSign )
{
if ( wait > 0 )
