apache · jstastny-cz · May 24, 2024 · May 23, 2024 · May 23, 2024 · May 23, 2024
diff --git a/.ci/jenkins/Jenkinsfile.deploy b/.ci/jenkins/Jenkinsfile.deploy
@@ -110,13 +110,29 @@ pipeline {
                         } else {
                             installOrDeploy = 'install'
                         }
+
+                        def mavenCommand = getMavenCommand().withProperty('maven.test.failure.ignore', true)
+                           .withOptions(env.BUILD_MVN_OPTS_CURRENT ? [ env.BUILD_MVN_OPTS_CURRENT ] : [])
+                           .withOptions(env.KOGITO_APPS_BUILD_MVN_OPTS ? [ env.KOGITO_APPS_BUILD_MVN_OPTS ] : [])
+                           .skipTests(skipTests)
+                           .withSettingsXmlFile(MAVEN_SETTINGS_FILE)
+
+                        if (isRelease()) {
+                            withCredentials([file(credentialsId: 'asf-release-gpg-signing-key', variable: 'SIGNING_KEY')]) {
+                                withCredentials([file(credentialsId: 'asf-release-gpg-signing-key-password', variable: 'SIGNING_KEY_PASSWORD')]) {
+                                    // copy the key to singkey.gpg file in *plain text* so we can import it
+                                    sh ('cat $SIGNING_KEY > $WORKSPACE/signkey.gpg')
+                                    // Please do not remove list keys command. When gpg is run for the first time, it may initialize some internals.
+                                    sh ('gpg --list-keys')
+                                    sh ("gpg --batch --pinentry-mode=loopback --passphrase \"${SIGNING_KEY_PASSWORD}\" --import signkey.gpg")
+                                    sh ('rm $WORKSPACE/signkey.gpg')
+                                }
+                            }
+                            mavenCommand.withProfiles(['apache-release'])
+                        }
+
                         configFileProvider([configFile(fileId: env.MAVEN_SETTINGS_CONFIG_FILE_ID, variable: 'MAVEN_SETTINGS_FILE')]){
-                            getMavenCommand().withProperty('maven.test.failure.ignore', true)
-                                .withOptions(env.BUILD_MVN_OPTS_CURRENT ? [ env.BUILD_MVN_OPTS_CURRENT ] : [])
-                                .withOptions(env.KOGITO_APPS_BUILD_MVN_OPTS ? [ env.KOGITO_APPS_BUILD_MVN_OPTS ] : [])
-                                .skipTests(skipTests)
-                                .withSettingsXmlFile(MAVEN_SETTINGS_FILE)
-                                .run("clean $installOrDeploy")
+                            mavenCommand.run("clean $installOrDeploy")
                         }
                     }
                 }