sigstore:sign
Full name:
dev.sigstore:sigstore-maven-plugin:0.5.0-SNAPSHOT:sign
Description:
Sign project artifact, the POM, and attached artifacts with sigstore for deployment.
Attributes:
- Requires a Maven project to be executed.
- The goal is thread-safe and supports parallel builds.
- Binds by default to the lifecycle phase:
verify.
Optional Parameters
| Name | Type | Since | Description |
|---|---|---|---|
<excludes> |
String[] |
- |
A list of files to exclude from being signed. Can contain Ant-style wildcards and double wildcards. The default excludes are **/*.md5 **/*.sha1 **/*.sha256 **/*.sha512 **/*.asc **/*.sigstore. |
<publicStaging> |
boolean |
- |
Use public staging sigstage.dev instead of public default sigstore.dev.Default value is: false.User property is: public-staging. |
<skip> |
boolean |
- |
Skip doing the gpg signing. Default value is: false.User property is: sigstore.skip. |
Parameter Details
<excludes>
A list of files to exclude from being signed. Can contain Ant-style wildcards and double wildcards. The default excludes are
**/*.md5 **/*.sha1 **/*.sha256 **/*.sha512 **/*.asc **/*.sigstore.- Type:
java.lang.String[] - Required:
No
<publicStaging>
Use public staging
sigstage.dev instead of public default sigstore.dev.- Type:
boolean - Required:
No - User Property:
public-staging - Default:
false
<skip>
Skip doing the gpg signing.
- Type:
boolean - Required:
No - User Property:
sigstore.skip - Default:
false