I'm using Travis-CI to provide continuous integration builds for a few Java open source projects I'm working on.
Normally this works smoothly, but I have a problem when the POM specifies GPG signing, e.g.
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.4</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
This causes the Travis build to fail - apparently because it does not have a passphrase available while running mvn install. See this build for an example.
What is the best way to configure Maven and/or Travis to skip GPG signing for CI test builds, but still perform GPG signing when I do a proper release build?
You need to create a profile & make sure you run that only when you do the release build.
Remove the current plugin, and add it in a profile like this:
<profiles>
<profile>
<id>release-sign-artifacts</id>
<activation>
<property>
<name>performRelease</name>
<value>true</value>
</property>
</activation>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-gpg-plugin</artifactId>
<version>1.4</version>
<executions>
<execution>
<id>sign-artifacts</id>
<phase>verify</phase>
<goals>
<goal>sign</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
And then when you actually need to do a release, add the property to your mvn command:
mvn -DperformRelease=true ...