From 080bd0d92f7e46127e3ba9b0fd038a8d0aa2f032 Mon Sep 17 00:00:00 2001
From: Eugene Yokota <eed3si9n@gmail.com>
Date: Thu, 11 May 2017 00:11:11 -0400
Subject: [PATCH] package signer

---
 build.sbt                         | 12 ++++---
 project/PackageSignerPlugin.scala | 60 +++++++++++++++++++++++++++++++
 src/debian/changelog              |  3 +-
 3 files changed, 69 insertions(+), 6 deletions(-)
 create mode 100644 project/PackageSignerPlugin.scala

diff --git a/build.sbt b/build.sbt
index 13372eb30..40149bbcb 100644
--- a/build.sbt
+++ b/build.sbt
@@ -7,9 +7,9 @@ import DebianConstants._
 
 lazy val sbtOfflineInstall =
   sys.props.getOrElse("sbt.build.offline", sys.env.getOrElse("sbt.build.offline", "true")) match {
-    case "true" => true
-    case "1"    => true
-    case _      => false
+    case "true" | "1"  => true
+    case "false" | "0" => false
+    case _             => false
   }
 lazy val sbtVersionToRelease = sys.props.getOrElse("sbt.build.version", sys.env.getOrElse("sbt.build.version", {
         sys.error("-Dsbt.build.version must be set")
@@ -47,6 +47,8 @@ val root = (project in file(".")).
       val _ = (clean in dist).value
       clean.value
     },
+    useGpg := true,
+    usePgpKeyHex("642AC823"),
     pgpSecretRing := file(s"""${sys.props("user.home")}""") / ".ssh" / "scalasbt.key",
     pgpPublicRing := file(s"""${sys.props("user.home")}""") / ".ssh" / "scalasbt.pub",
     publishToSettings,
@@ -85,7 +87,7 @@ val root = (project in file(".")).
       if (debianBuildId.value == 0) sbtVersionToRelease
       else sbtVersionToRelease + "." + debianBuildId.value
     },
-    debianBuildId := 2, // 0
+    debianBuildId := 3, // 0
     // Used to have "openjdk-8-jdk" but that doesn't work on Ubuntu 14.04 https://github.com/sbt/sbt/issues/3105
     // before that we had java6-runtime-headless" and that was pulling in JDK9 on Ubuntu 16.04 https://github.com/sbt/sbt/issues/2931
     debianPackageDependencies in Debian ++= Seq("bash (>= 3.2)"),
@@ -111,7 +113,7 @@ val root = (project in file(".")).
       })
       else stable
     },
-    rpmRelease := "2",
+    rpmRelease := "3",
     rpmVendor := "lightbend",
     rpmUrl := Some("http://github.com/sbt/sbt-launcher-package"),
     rpmLicense := Some("BSD"),
diff --git a/project/PackageSignerPlugin.scala b/project/PackageSignerPlugin.scala
new file mode 100644
index 000000000..719aa322f
--- /dev/null
+++ b/project/PackageSignerPlugin.scala
@@ -0,0 +1,60 @@
+import sbt._
+import Keys._
+import com.typesafe.sbt.SbtPgp
+import com.typesafe.sbt.packager.universal.{ UniversalPlugin, UniversalDeployPlugin }
+import com.typesafe.sbt.packager.debian.{ DebianPlugin, DebianDeployPlugin }
+import com.typesafe.sbt.packager.rpm.{ RpmPlugin, RpmDeployPlugin }
+import com.typesafe.sbt.pgp.gpgExtension
+
+object PackageSignerPlugin extends sbt.AutoPlugin {
+  override def trigger = allRequirements
+  override def requires = SbtPgp && UniversalDeployPlugin && DebianDeployPlugin && RpmDeployPlugin
+
+  import com.typesafe.sbt.pgp.PgpKeys._
+  import UniversalPlugin.autoImport._
+  import DebianPlugin.autoImport._
+  import RpmPlugin.autoImport._
+
+  override def projectSettings: Seq[Setting[_]] =
+    inConfig(Universal)(packageSignerSettings) ++
+    inConfig(Debian)(packageSignerSettings) ++
+    inConfig(Rpm)(packageSignerSettings)
+
+  def subExtension(art: Artifact, ext: String): Artifact =
+    art.copy(extension = ext)
+
+  def packageSignerSettings: Seq[Setting[_]] = Seq(
+    signedArtifacts := {
+      val artifacts = packagedArtifacts.value
+      val r = pgpSigner.value
+      val skipZ = (skip in pgpSigner).value
+      val s = streams.value
+      if (!skipZ) {
+        artifacts flatMap { case (art, f) =>
+          Seq(art -> f,
+              subExtension(art, art.extension + gpgExtension) ->
+              r.sign(f, file(f.getAbsolutePath + gpgExtension), s))
+        }
+      }
+      else artifacts
+    },
+    publishSignedConfiguration := Classpaths.publishConfig(
+      signedArtifacts.value,
+      None,
+      resolverName = Classpaths.getPublishTo(publishTo.value).name,
+      checksums    = (checksums in publish).value,
+      logging      = ivyLoggingLevel.value,
+      overwrite    = isSnapshot.value),
+    publishLocalSignedConfiguration := Classpaths.publishConfig(
+      signedArtifacts.value,
+      None,
+      resolverName = "local",
+      checksums    = (checksums in publish).value,
+      logging      = ivyLoggingLevel.value,
+      overwrite    = isSnapshot.value),
+    publishSigned      := Classpaths.publishTask(publishSignedConfiguration, deliver).value,
+    publishLocalSigned := Classpaths.publishTask(publishLocalSignedConfiguration, deliver).value
+  )
+
+}
+
diff --git a/src/debian/changelog b/src/debian/changelog
index bfd730ff9..835e1fd77 100644
--- a/src/debian/changelog
+++ b/src/debian/changelog
@@ -4,7 +4,7 @@ sbt (0.13.15) stable; urgency=low
   * Adds preliminary compatibility with JDK 9. Using this requires 0.13.15+ launcher. #2951 by @retronym
   * Adds "local-preloaded" repository for offline installation
 
- -- Eugene Yokota <eed3si9n@gmail.com> Mon, 10 Apr 2017 00:00:00 +0000
+ -- Eugene Yokota <eed3si9n@gmail.com>  Mon, 10 Apr 2017 00:00:00 +0000
 
 sbt (0.13.13) stable; urgency=low
 
@@ -39,3 +39,4 @@ sbt (0.11.2-build-0100)
   * First debian package release
 
  -- Joshua Suereth <joshua.suereth@typesafe.com>  2011-11-29
+