From 56227346295f3cbccb42491c97087fa9a6cdd9f9 Mon Sep 17 00:00:00 2001
From: Tyler Benson <tyler@newrelic.com>
Date: Mon, 17 Jul 2017 14:15:24 -0700
Subject: [PATCH] Attempt signing for CI

---
 .circleci/config.yml  | 13 +++++++++++--
 gradle/publish.gradle | 27 ++++++---------------------
 2 files changed, 17 insertions(+), 23 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index dc57851775..617e891e4b 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -9,7 +9,8 @@ jobs:
       - checkout
 
       - restore_cache:
-          key: dd-trace-java
+          # Reset the cache approx every release
+          key: dd-trace-java-{{ checksum "dd-trace-java.gradle" }}
 
       - run:
           name: Run Tests
@@ -18,7 +19,7 @@ jobs:
       - save_cache:
           paths:
             - ~/.gradle
-          key: dd-trace-java
+          key: dd-trace-java-{{ checksum "dd-trace-java.gradle" }}
 
       - store_test_results:
           path: dd-java-agent/build/test-results
@@ -39,6 +40,14 @@ jobs:
       - store_artifacts:
           path: dd-trace/build/libs
 
+      - run:
+          name: Decode Signing Key
+          command: echo $PGP_KEY_FILE | base64 --decode > /home/circleci/dd-trace-java/.circleci/secring.gpg
+
+      - run:
+          name: Sign Archives
+          command: ./gradlew -Psigning.keyId=${PGP_KEY_ID} -Psigning.password=${PGP_KEY_PASS} -Psigning.secretKeyRingFile=/home/circleci/dd-trace-java/.circleci/secring.gpg signArchives
+
       - deploy:
           name: Publish master to Artifactory
           command: |
diff --git a/gradle/publish.gradle b/gradle/publish.gradle
index 6f5601b5c4..c09ce56b59 100644
--- a/gradle/publish.gradle
+++ b/gradle/publish.gradle
@@ -31,28 +31,12 @@ tasks.withType(Upload).matching { it.name != "install" }.all {
     }
 }
 
-def isSnapshot = version.endsWith("-SNAPSHOT")
+def isCI = Boolean.parseBoolean("$System.env.CI")
 
-//if (!isSnapshot) {
-//    tasks.withType(Upload) {
-//        repositories.matching { it.name == "mavenInstaller" }.all {
-//            beforeDeployment { deployment ->
-//                signing.signPom(deployment)
-//            }
-//        }
-//    }
-//}
-//
-//signing {
-//    if (!isSnapshot) {
-//        required = true
-//        sign configurations.archives
-//    }
-//}
-//
-//configurations.signatures.artifacts.all {
-//    extension = toSignArtifact.extension + "." + extension
-//}
+signing {
+  required = isCI
+  sign configurations.archives
+}
 
 configurations {
     configurations {
@@ -72,6 +56,7 @@ configurations {
     }
 }
 
+def isSnapshot = version.endsWith("-SNAPSHOT")
 // define in ~/.gradle/gradle.properties to override for testing
 def forceLocal = project.hasProperty('forceLocal') && forceLocal