Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [cross-project-issues-dev] PGP Signing on


Thanks for the confirmation that action needs to be taken by the IT staff!  I can stop banging my head. :-)  I know most of the Foundation staff is in Ottawa this week, so they're very busy...


On 14.07.2022 02:58, Christian Dietrich wrote:

@ed you may check what we have done for mwe
(the problem there was centos8)
we also had problems with that combi in xtext
and xpect

in xtext we use

withCredentials([string(credentialsId: 'gpg_passphrase', variable: 'GPG_PASSPHRASE')]) {

the gpg_passphrase credential available and thus
to make the KEYRING_PASSPHRASE passphrase thing running you need to
open a gitlab issue on foundation helpdesk

Am 14.07.22 um 08:01 schrieb Ed Merks:

WindowBuilder started to use direct-from-maven content so it needs to PGP sign that content but does not yet do so:

To support that, the ci instance needs to be enabled which I requested via this:

Even with that enabled, I have not been successful in getting it to actually work.

I have the following "test" job but I can't get past the issue of needing, and not knowing, the passphrase:

I tried to replicate what the platform does via a Jenkins file with this job:

But still there are problems with the passphrase.   Some magic must exist to get this part to work:

        withCredentials([string(credentialsId: 'gpg-passphrase', variable: 'KEYRING_PASSPHRASE')]) {

Has anyone else successfully gotten this to work?  In particular, how does one configure access to the passphrase of the GPG keystore?  Is that another thing that the IT staff needs to enable for the instance?

Clearly the platform has gotten this to work so someone must have an answer.   I've just not been able to track down that someone...


The answers to this question will become increasingly important to the projects downstream from the platform as the the platform actively is replacing as many Orbit dependencies with direct-from-maven dependencies as possible.   See the history here:

One concern with this approach is that the direct-from-maven bundles typically have no version qualifier so if it's the "same" minor version as the Orbit one, it will look older rather than newer...


cross-project-issues-dev mailing list
To unsubscribe from this list, visit

Vorstand/Board: Jens Wagener (Vors./chairman), Dr. Stephan Eberle, Abdelghani El-Kacimi, Wolfgang Neuhaus, Franz-Josef Schuermann
Aufsichtsrat/Supervisory Board: Michael Neuhaus (Vors./chairman), Harald Goertz, Eric Swehla
Sitz der Gesellschaft/Registered Office: Am Brambusch 15-24, 44536 Lünen (Germany)
Registergericht/Registry Court: Amtsgericht Dortmund | HRB 20621

cross-project-issues-dev mailing list
To unsubscribe from this list, visit

Back to the top