Cleaned up signing logic and changed key formatting (#1125)

Shaurya0108 · Shaurya Dwivedi · popematt · web-flow · commit 5ea40ff367ad · 2025-10-15T16:07:59.000-07:00
* added credential assignment using gradle -p flag

* added additonal check to sign in credential and removed additional fetch from workflow

* changed logging level and maintain previous if check

* gradle.taskGraph.whenReady runs after the configuration phase but before task execution, ensuring the signatory is available when the signing task actually
runs

* Simplified code, need to change key

* Added back logs for missing credentials to build.gradle.kts

Co-authored-by: Matthew Pope &lt;81593196+popematt@users.noreply.github.com&gt;

---------

Co-authored-by: Shaurya Dwivedi &lt;shauvy@amazon.com&gt;
Co-authored-by: Matthew Pope &lt;81593196+popematt@users.noreply.github.com&gt;
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -626,25 +626,19 @@ signing {
     // if signing.keyId, signing.password, signing.secretKeyRingFile, etc are
     // not present in gradle.properties.
     isRequired = isReleaseVersion
+    sign(publishing.publications["IonJava"])
+}
 
+afterEvaluate {
     if (isCI) {
         val signingKeyId: String? by project
         val signingKey: String? by project
         val signingPassword: String? by project
 
-        logger.lifecycle("DEBUG: isCI = $isCI")
-        logger.lifecycle("DEBUG: signingKeyId = ${if (signingKeyId.isNullOrEmpty()) "NULL/EMPTY" else "SET"}")
-        logger.lifecycle("DEBUG: signingKey = ${if (signingKey.isNullOrEmpty()) "NULL/EMPTY" else "SET (${signingKey?.length} chars)"}")
-        logger.lifecycle("DEBUG: signingPassword = ${if (signingPassword.isNullOrEmpty()) "NULL/EMPTY" else "SET"}")
-
         if (signingKeyId.isNullOrEmpty() || signingKey.isNullOrEmpty() || signingPassword.isNullOrEmpty()) {
-            logger.info("Skipping useInMemoryPgpKeys() due to missing credentials")
+            logger.lifecycle("signing credentials unavailable; build artifacts will not be signed")
         } else {
-            useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
-            logger.info("useInMemoryPgpKeys() called successfully")
+            signing.useInMemoryPgpKeys(signingKeyId, signingKey, signingPassword)
         }
     }
-
-    sign(publishing.publications["IonJava"])
-    logger.lifecycle("DEBUG: sign() called")
 }
