add optional wait time before signing a file

apache · Apr 17, 2023 · a227062 · a227062
1 parent c290e80
commit a227062
Showing 1 changed file with 11 additions and 0 deletions.
diff --git a/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java b/src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java
@@ -75,6 +75,12 @@ public class SigstoreSignAttachedMojo
     @Parameter( defaultValue = "${project}", readonly = true, required = true )
     protected MavenProject project;
 
+    /**
+     * PoC: wait time before each file signature (in seconds)
+     */
+    @Parameter( property = "sigstore.wait", defaultValue = "0" )
+    private long wait;
+
     /**
      * Maven ProjectHelper
      */
@@ -181,6 +187,11 @@ else if ( project.getAttachedArtifacts().isEmpty() )
             KeylessSigner signer = KeylessSigner.builder().sigstoreStagingDefaults().build();
             for ( SigningBundle bundleToSign : filesToSign )
             {
+                if ( wait > 0 )
+                {
+                    Thread.sleep( wait * 1000 );
+                }
+
                 File fileToSign = bundleToSign.getSignature(); // reusing original GPG implementation where it's the signature: TODO change
 
                 KeylessSignature signature = signer.signFile( fileToSign.toPath() );