From bced7bdc330a34c469f364a4a05fd9946be4d215 Mon Sep 17 00:00:00 2001
From: crschnick <crschnick@xpipe.io>
Date: Thu, 21 Mar 2024 04:48:05 +0000
Subject: [PATCH] Merge branch 'gpg'

---
 build.gradle                              |  6 ++++++
 dist/build.gradle                         | 17 ++++++++++++++++-
 gradle/gradle_scripts/publish-base.gradle |  7 +------
 3 files changed, 23 insertions(+), 7 deletions(-)

diff --git a/build.gradle b/build.gradle
index 40e9da84..1698169c 100644
--- a/build.gradle
+++ b/build.gradle
@@ -97,6 +97,12 @@ project.ext {
             file("$rootDir/dist/changelogs/${versionString}.md") :
             file("$rootDir/dist/changelogs/${canonicalVersionString}.md")
     incrementalChangelogFile = file("$rootDir/dist/changelogs/${canonicalVersionString}_incremental.md")
+    signingKeyId = project.hasProperty('signingKeyId') ? project.property("signingKeyId") : System.getenv('GPG_KEY_ID')
+    signingKey = project.hasProperty('signingKeyFile') ? file(project.property("signingKeyFile")).text : System.getenv('GPG_KEY')
+    signingPassword = project.hasProperty('signingKeyPassword') ? project.property("signingKeyPassword") : System.getenv('GPG_KEY_PASSWORD')
+    if (signingPassword == null) {
+        signingPassword = ''
+    }
 }
 
 if (org.gradle.internal.os.OperatingSystem.current() == org.gradle.internal.os.OperatingSystem.LINUX) {
diff --git a/dist/build.gradle b/dist/build.gradle
index f87dfe69..71f8d9bb 100644
--- a/dist/build.gradle
+++ b/dist/build.gradle
@@ -5,6 +5,7 @@ plugins {
     id 'org.jreleaser' version '1.8.0'
     id("com.netflix.nebula.ospackage") version "11.4.0"
     id 'org.gradle.crypto.checksum' version '1.4.0'
+    id 'signing'
 }
 
 repositories {
@@ -36,7 +37,7 @@ task createChecksums(type: Checksum) {
     doLast {
         def artifactChecksumsSha256Hex = new HashMap<String, String>()
         for (final def file in outputDirectory.get().getAsFileTree().files) {
-            if (file.toString().endsWith('mapping.map')) {
+            if (file.toString().endsWith('mapping.map') || file.toString().endsWith('.asc')) {
                 continue
             }
 
@@ -90,4 +91,18 @@ if (rootProject.fullVersion) {
     apply from: 'choco.gradle'
     apply from: 'winget.gradle'
     apply from: 'install.gradle'
+
+    signing {
+        useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
+    }
+
+    task signArtifacts(type: Sign) {
+        def dir = layout.buildDirectory.dir("dist/artifacts").get()
+        dir.asFileTree.files.forEach {sign(it)}
+    }
+
+    task signChecksums(type: Sign) {
+        def checksums = layout.buildDirectory.file("dist/checksums/sha256sums.txt").get().asFile
+        sign(checksums)
+    }
 }
diff --git a/gradle/gradle_scripts/publish-base.gradle b/gradle/gradle_scripts/publish-base.gradle
index af9f0814..de178119 100644
--- a/gradle/gradle_scripts/publish-base.gradle
+++ b/gradle/gradle_scripts/publish-base.gradle
@@ -28,13 +28,8 @@ publishing {
     }
 }
 
-def signingKeyId = project.hasProperty('signingKeyId') ? project.property("signingKeyId") : System.getenv('GPG_KEY_ID')
-def signingKey = project.hasProperty('signingKeyFile') ? file(project.property("signingKeyFile")).text : System.getenv('GPG_KEY')
-def signingPassword = project.hasProperty('signingPassword') ? project.property("signingPassword") : System.getenv('GPG_KEY_PASSWORD')
-
 signing {
-    useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword != null ? signingPassword : '')
-
+    useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
     sign publishing.publications.mavenJava
 }