Signing generated artifacts on Travis-CI


I'm working with the gradle signing plugin to sign my generated artifacts. This works really well locally where I'm able to point at my secring.gpg file. I'd like to be able to do this from Travis-CI which is building and publishing to bintray. It seems like I could do it by encrypting the key-ring and including it in my repository, but including my entire keyring in my repo seems like bad form.

Is there another way to sign the artifacts generated by Travis?


I couldn't figure out how to solve my problem exactly... but I did find a work around that seems to have done the trick. Bintray allows you to upload a private key for signing on their site. I then was able to use the bintray gradle plugin, which I was already using to publish, and add the gpg closure with a passphrase that is encrypted on the travis-ci site.

All of these pieces together seems to do the trick. I was able to add the deploy/signing to my gradle build and have it work both on a local machine or on a travis-ci build.

Collected from the Internet

Please contact [email protected] to delete if infringement.

edited at


Login to comment


TOP Ranking