Fork me on GitHub
Built by Maven

codesign:codesign

Full name:

org.eclipse.csi:codesign-maven-plugin:1.0.0-SNAPSHOT:codesign

Description:

Maven goal that signs build artifacts via the SignPath REST API.

The mojo scans the configured build directory using include/exclude glob patterns, submits matching files for signing, polls each request until a final status is reached, and downloads the signed artifact (either in-place or to the configured output directory).

API authentication is resolved from Maven settings.xml, the CSI_CODESIGN_API_TOKEN environment variable, or a config file.

Attributes:

  • Requires a Maven project to be executed.
  • The goal is thread-safe and supports parallel builds.
  • Binds by default to the lifecycle phase: package.

Required Parameters

Name Type Since Description
<organizationId> String - SignPath organization identifier.

Required. Mapped to -Dcsi.codesign.organizationId.


User Property: csi.codesign.organizationId
<projectId> String - SignPath project slug that owns the signing configuration.

Required. Mapped to -Dcsi.codesign.projectId.


User Property: csi.codesign.projectId
<signingPolicy> String - SignPath signing policy slug used for submitted artifacts.

Required. Mapped to -Dcsi.codesign.signingPolicy.


User Property: csi.codesign.signingPolicy

Optional Parameters

Name Type Since Description
<artifactConfiguration> String - Optional SignPath artifact configuration slug.

Mapped to -Dcsi.codesign.artifactConfiguration.


User Property: csi.codesign.artifactConfiguration
<baseDirectory> String - Base directory scanned for input artifacts.

Optional. Defaults to ${project.build.directory}.


Default: ${project.build.directory}
<baseUrl> String - SignPath API base URL.

Optional. Default targets the hosted SignPath API endpoint.


Default: https://app.signpath.io/Api
User Property: csi.codesign.baseUrl
<configFile> File - Path to a properties file containing api.token.

Optional. Default is ~/.config/eclipse-csi-codesign/config.properties. Mapped to -Dcsi.codesign.configFile.


Default: ${user.home}/.config/eclipse-csi-codesign/config.properties
User Property: csi.codesign.configFile
<connectTimeout> int - HTTP connection timeout in seconds for SignPath API calls.

Optional. Mapped to -Dcsi.codesign.connectTimeout. Default is 30.


Default: 30
User Property: csi.codesign.connectTimeout
<description> String - Optional signing request description shown in SignPath.

Mapped to -Dcsi.codesign.description.


User Property: csi.codesign.description
<excludes> String[] - Exclude glob patterns applied after includes.

Optional. Has no effect when includes is empty, since an empty includes produces no candidates for excludes to filter.

<failOnNoFilesFound> boolean - Fails the build when no files are found to sign.

Optional. Mapped to -Dcsi.codesign.failOnNoFilesFound. Default is false.


Default: false
User Property: csi.codesign.failOnNoFilesFound
<httpTimeout> int - Read/write HTTP timeout in seconds for SignPath API calls.

Optional. Mapped to -Dcsi.codesign.httpTimeout. Default is 300.


Default: 300
User Property: csi.codesign.httpTimeout
<includes> String[] - Include glob patterns used to select files under baseDirectory.

Optional. If empty, no files are selected by the file scan; use signProjectArtifact or signAttachedArtifacts to sign Maven artifacts explicitly.

<maxRetries> int - Maximum number of retry attempts for transient HTTP failures.

Optional. Mapped to -Dcsi.codesign.maxRetries. Default is 10.


Default: 10
User Property: csi.codesign.maxRetries
<outputDirectory> String - Optional output directory for signed artifacts.

If unset, signed files overwrite original files in place.


User Property: csi.codesign.outputDirectory
<parameters> Map<String,String> - Optional custom key/value parameters forwarded to SignPath in the submit request.
<pollInterval> int - Polling interval in seconds when checking signing request status.

Optional. Mapped to -Dcsi.codesign.pollInterval. Default is 5.


Default: 5
User Property: csi.codesign.pollInterval
<retryInterval> int - Delay in seconds between HTTP retry attempts.

Optional. Mapped to -Dcsi.codesign.retryInterval. Default is 30.


Default: 30
User Property: csi.codesign.retryInterval
<retryTimeout> int - Maximum retry time window in seconds for transient HTTP failures.

Optional. Mapped to -Dcsi.codesign.retryTimeout. Default is 600.


Default: 600
User Property: csi.codesign.retryTimeout
<serverId> String - Maven server ID used to resolve the API token from settings.xml server password.

Optional. Default is codesign.


Default: codesign
User Property: csi.codesign.serverId
<signAttachedArtifacts> boolean - Whether to include Maven attached artifacts in signing.

Optional. Mapped to -Dcsi.codesign.signAttachedArtifacts. Default is false.


Default: false
User Property: csi.codesign.signAttachedArtifacts
<signProjectArtifact> String - Controls whether the Maven project's main artifact is included in signing.

Optional. Mapped to -Dcsi.codesign.signProjectArtifact. Accepted values: auto, true, false (case-insensitive). Default is auto.

When auto, signing is enabled for packaging types that produce signable binary artifacts (jar, war, ear, rar, ejb, maven-plugin) and disabled for pom packaging and any other unrecognised type.


Default: auto
User Property: csi.codesign.signProjectArtifact
<skip> boolean - Skips plugin execution.

Optional. Mapped to -Dcsi.codesign.skip. Default is false.


Default: false
User Property: csi.codesign.skip
<skipSigning> boolean - Alias for skipping plugin execution.

Optional. Mapped to -Dcsi.codesign.skipSigning. Default is false.


Default: false
User Property: csi.codesign.skipSigning

Parameter Details

<artifactConfiguration>

Optional SignPath artifact configuration slug.

Mapped to -Dcsi.codesign.artifactConfiguration.

  • Type: java.lang.String
  • Required: No
  • User Property: csi.codesign.artifactConfiguration

<baseDirectory>

Base directory scanned for input artifacts.

Optional. Defaults to ${project.build.directory}.

  • Type: java.lang.String
  • Required: No
  • Default: ${project.build.directory}

<baseUrl>

SignPath API base URL.

Optional. Default targets the hosted SignPath API endpoint.

  • Type: java.lang.String
  • Required: No
  • User Property: csi.codesign.baseUrl
  • Default: https://app.signpath.io/Api

<configFile>

Path to a properties file containing api.token.

Optional. Default is ~/.config/eclipse-csi-codesign/config.properties. Mapped to -Dcsi.codesign.configFile.

  • Type: java.io.File
  • Required: No
  • User Property: csi.codesign.configFile
  • Default: ${user.home}/.config/eclipse-csi-codesign/config.properties

<connectTimeout>

HTTP connection timeout in seconds for SignPath API calls.

Optional. Mapped to -Dcsi.codesign.connectTimeout. Default is 30.

  • Type: int
  • Required: No
  • User Property: csi.codesign.connectTimeout
  • Default: 30

<description>

Optional signing request description shown in SignPath.

Mapped to -Dcsi.codesign.description.

  • Type: java.lang.String
  • Required: No
  • User Property: csi.codesign.description

<excludes>

Exclude glob patterns applied after includes.

Optional. Has no effect when includes is empty, since an empty includes produces no candidates for excludes to filter.

  • Type: java.lang.String[]
  • Required: No

<failOnNoFilesFound>

Fails the build when no files are found to sign.

Optional. Mapped to -Dcsi.codesign.failOnNoFilesFound. Default is false.

  • Type: boolean
  • Required: No
  • User Property: csi.codesign.failOnNoFilesFound
  • Default: false

<httpTimeout>

Read/write HTTP timeout in seconds for SignPath API calls.

Optional. Mapped to -Dcsi.codesign.httpTimeout. Default is 300.

  • Type: int
  • Required: No
  • User Property: csi.codesign.httpTimeout
  • Default: 300

<includes>

Include glob patterns used to select files under baseDirectory.

Optional. If empty, no files are selected by the file scan; use signProjectArtifact or signAttachedArtifacts to sign Maven artifacts explicitly.

  • Type: java.lang.String[]
  • Required: No

<maxRetries>

Maximum number of retry attempts for transient HTTP failures.

Optional. Mapped to -Dcsi.codesign.maxRetries. Default is 10.

  • Type: int
  • Required: No
  • User Property: csi.codesign.maxRetries
  • Default: 10

<organizationId>

SignPath organization identifier.

Required. Mapped to -Dcsi.codesign.organizationId.

  • Type: java.lang.String
  • Required: Yes
  • User Property: csi.codesign.organizationId

<outputDirectory>

Optional output directory for signed artifacts.

If unset, signed files overwrite original files in place.

  • Type: java.lang.String
  • Required: No
  • User Property: csi.codesign.outputDirectory

<parameters>

Optional custom key/value parameters forwarded to SignPath in the submit request.
  • Type: java.util.Map<java.lang.String, java.lang.String>
  • Required: No

<pollInterval>

Polling interval in seconds when checking signing request status.

Optional. Mapped to -Dcsi.codesign.pollInterval. Default is 5.

  • Type: int
  • Required: No
  • User Property: csi.codesign.pollInterval
  • Default: 5

<projectId>

SignPath project slug that owns the signing configuration.

Required. Mapped to -Dcsi.codesign.projectId.

  • Type: java.lang.String
  • Required: Yes
  • User Property: csi.codesign.projectId

<retryInterval>

Delay in seconds between HTTP retry attempts.

Optional. Mapped to -Dcsi.codesign.retryInterval. Default is 30.

  • Type: int
  • Required: No
  • User Property: csi.codesign.retryInterval
  • Default: 30

<retryTimeout>

Maximum retry time window in seconds for transient HTTP failures.

Optional. Mapped to -Dcsi.codesign.retryTimeout. Default is 600.

  • Type: int
  • Required: No
  • User Property: csi.codesign.retryTimeout
  • Default: 600

<serverId>

Maven server ID used to resolve the API token from settings.xml server password.

Optional. Default is codesign.

  • Type: java.lang.String
  • Required: No
  • User Property: csi.codesign.serverId
  • Default: codesign

<signAttachedArtifacts>

Whether to include Maven attached artifacts in signing.

Optional. Mapped to -Dcsi.codesign.signAttachedArtifacts. Default is false.

  • Type: boolean
  • Required: No
  • User Property: csi.codesign.signAttachedArtifacts
  • Default: false

<signProjectArtifact>

Controls whether the Maven project's main artifact is included in signing.

Optional. Mapped to -Dcsi.codesign.signProjectArtifact. Accepted values: auto, true, false (case-insensitive). Default is auto.

When auto, signing is enabled for packaging types that produce signable binary artifacts (jar, war, ear, rar, ejb, maven-plugin) and disabled for pom packaging and any other unrecognised type.

  • Type: java.lang.String
  • Required: No
  • User Property: csi.codesign.signProjectArtifact
  • Default: auto

<signingPolicy>

SignPath signing policy slug used for submitted artifacts.

Required. Mapped to -Dcsi.codesign.signingPolicy.

  • Type: java.lang.String
  • Required: Yes
  • User Property: csi.codesign.signingPolicy

<skip>

Skips plugin execution.

Optional. Mapped to -Dcsi.codesign.skip. Default is false.

  • Type: boolean
  • Required: No
  • User Property: csi.codesign.skip
  • Default: false

<skipSigning>

Alias for skipping plugin execution.

Optional. Mapped to -Dcsi.codesign.skipSigning. Default is false.

  • Type: boolean
  • Required: No
  • User Property: csi.codesign.skipSigning
  • Default: false