Index: src/main/java/org/codehaus/mojo/rpm/RPMMojo.java =================================================================== --- src/main/java/org/codehaus/mojo/rpm/RPMMojo.java (revision 8060) +++ src/main/java/org/codehaus/mojo/rpm/RPMMojo.java (working copy) @@ -81,6 +81,14 @@ private boolean needarch; /** + * Set to a key name to sign the package using GPG. Note that due + * to RPM limitations, this always requires input from the + * terminal even if the key has no passphrase. + * @parameter expression="${gpg.keyname}" + */ + private String keyname; + + /** * The long description of the package. * @parameter expression="${project.description}" */ @@ -390,6 +398,12 @@ cl.createArgument().setValue( "--target" ); cl.createArgument().setValue( "noarch" ); } + if ( keyname != null ) + { + cl.createArgument().setValue( "--define" ); + cl.createArgument().setValue( "_gpg_name " + keyname ); + cl.createArgument().setValue( "--sign" ); + } cl.createArgument().setValue( name + ".spec" ); StreamConsumer stdout = new StdoutConsumer( getLog() ); Index: src/site/site.xml =================================================================== --- src/site/site.xml (revision 8060) +++ src/site/site.xml (working copy) @@ -65,6 +65,7 @@ + Index: src/site/apt/adv-params.apt =================================================================== --- src/site/apt/adv-params.apt (revision 8060) +++ src/site/apt/adv-params.apt (working copy) @@ -104,3 +104,15 @@ This script is run after the package is installed to clean up installation files. It corresponds to the <<<%clean>>> tag in the spec file. + +* {Signatures} + + RPM packages may be signed using GPG or PGP. Currently the plugin + only supports generating GPG signatures. + +** <<>> + + This parameter sets the name of the GPG key used to sign the + package, and also turns on the signature. Setting this parameter is + equivalent to defining the <<<%_gpg_name>>> macro and adding the + <<<--sign>>> option to <<>>.