Suppressing GPG signing for Maven-based continuous integration builds (Travis CI)

mikera picture mikera · Feb 12, 2013 · Viewed 11.3k times · Source

I'm using Travis-CI to provide continuous integration builds for a few Java open source projects I'm working on.

Normally this works smoothly, but I have a problem when the POM specifies GPG signing, e.g.

<plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-gpg-plugin</artifactId>
  <version>1.4</version>
  <executions>
    <execution>
      <id>sign-artifacts</id>
      <phase>verify</phase>
      <goals>
        <goal>sign</goal>
      </goals>
    </execution>
  </executions>
</plugin>

This causes the Travis build to fail - apparently because it does not have a passphrase available while running mvn install. See this build for an example.

What is the best way to configure Maven and/or Travis to skip GPG signing for CI test builds, but still perform GPG signing when I do a proper release build?

Answer

Stefan Birkner picture Stefan Birkner · Mar 6, 2013

Disable GPG signing by adding the following line to your .travis.yml file:

install: mvn install -DskipTests -Dgpg.skip

Example: https://github.com/stefanbirkner/system-rules/blob/master/.travis.yml