From 4b0dd4d840bdb6c74af88f17463fe72b9694a7ed Mon Sep 17 00:00:00 2001
From: Chad Redman <chad_redman@unc.edu>
Date: Tue, 11 Jan 2022 19:49:16 -0500
Subject: [PATCH] Add PGP keyring import, sign and publish

---
 Jenkinsfile | 35 +++++++++++++++++++++--------------
 1 file changed, 21 insertions(+), 14 deletions(-)

diff --git a/Jenkinsfile b/Jenkinsfile
index 228bea2..0e1433a 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -2,12 +2,19 @@ def repo = 'git@github.com:Internet2/grouper.git'
 def gpg_key = '1D3F3E9E30C7F312'
 def jdk_id = 'Corretto-JDK8'
 def maven_id = 'Maven-3.8.4'
+def gpg_key = '1D3F3E9E30C7F312' //mch***@isc.upenn.edu
 
 def tag_pattern = /^GROUPER_RELEASE_(\d+\.\d+\.\w+)$/
 
 
 node('docker') {
     if (params.branch_or_tag ==~ tag_pattern) {
+        stage("PgpImport") {
+            withCredentials([file(credentialsId: 'grouper-pgp', variable: 'GPG_KEYS')]) {
+                sh 'gpg --keyring=pubring.gpg --no-default-keyring --import $GPG_KEYS'
+            }
+        }
+
         stage("Checkout") {
             checkout_result = checkout([
                             $class: 'GitSCM',
@@ -16,15 +23,12 @@ node('docker') {
                                 [$class: 'LocalBranch'], [$class: 'WipeWorkspace'],
                                 [$class: 'CloneOption', depth: 1, noTags: false, reference: '', shallow: true],
                             ],
-                            //userRemoteConfigs: [[url: 'git@github.com:Internet2/grouper.git']]
-                            userRemoteConfigs: [[url: 'repo']]
+                            userRemoteConfigs: [[url: repo]]
                         ]
                     )
-            println checkout_result
         }
 
-        stage('Build') {
-
+        stage('Version') {
             def grouper_version = (params.branch_or_tag =~ tag_pattern)[0][1]
 
             println "Extracted grouper version '${grouper_version}' from input '${params.branch_or_tag}'"
@@ -34,28 +38,31 @@ node('docker') {
                 mavenSettingsFilePath: "travis/mvn.settings.xml",
                 jdk: jdk_id
                 ) {
-                    //sh "mvn -f grouper-parent clean package"
                     sh "mvn -f grouper-parent versions:set -DnewVersion=${grouper_version}"
             }
+        }
 
+        stage('Build') {
             withMaven(
                 maven: maven_id,
                 mavenSettingsFilePath: "travis/mvn.settings.xml",
                 mavenOpts: '-Xmx2048m',
                 jdk: jdk_id
                 ) {
-                    sh "mvn -f grouper-misc/grouperClient clean compile"
+                    sh "mvn -f grouper-parent clean compile package"
             }
         }
 
         stage('Release') {
-            withMaven(
-                maven: maven_id,
-                mavenSettingsFilePath: "travis/mvn.settings.xml",
-                mavenOpts: '-Xmx2048m',
-                jdk: jdk_id
-                ) {
-                sh "mvn -f grouper-misc/grouperClient package gpg:sign -Dgpg.keyname=${gpg_key}"
+            withCredentials([usernamePassword(credentialsId: 'grouper-sonatype-login', usernameVariable: 'SONATYPE_USER', passwordVariable: 'SONATYPE_PWD')]) {
+                withMaven(
+                    maven: maven_id,
+                    mavenSettingsFilePath: "travis/mvn.settings.xml",
+                    mavenOpts: '-Xmx2048m',
+                    jdk: jdk_id
+                    ) {
+                    sh "mvn -f grouper-parent deploy -Prelease -Dgpg.keyname=$GPG_KEY"
+                }
             }
         }
     } else {