Modernize buildscript, Gradle 9, GradleUtils 3 (#1)

No changes have been made to the plugin itself

Author: Jonathing

.gitignore

@@ -1,8 +1,17 @@
-/.gradle/
-/.classpath
-/.project
-/.settings/
-/bin/
-/test/
-/build/
-/repo/
+# gradle
+.gradle
+build
+repo
+
+# eclipse
+.settings
+.metadata
+.classpath
+.project
+bin
+
+# intellij
+out
+*.idea
+*.iml
+

README.md

@@ -1,66 +1,100 @@
 # GradleJarSigner
-This is a simple gradle plugin that uses ant to execute the [jarsigner](https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jarsigner.html) utility. This embeds a signature in the jar file that can be used to verify its contents haven't been modified and came from a specific source. This does NOT create an external GPG signature file. The built in signing plugin does that.
 
-I made this because I got tired of having to configure everything manually for this in every project, and I wanted to have a simple way of signing data in Github Actions.
+This is a simple gradle plugin that uses ant to execute
+the [jarsigner](https://docs.oracle.com/javase/8/docs/technotes/tools/windows/jarsigner.html)
+utility. This embeds a signature in the jar file that can be used to verify its
+contents haven't been modified and came from a specific source.
+
+I made this because I got tired of having to configure everything manually for
+this in every project, and I wanted to have a simple way of signing data in
+GitHub Actions.
+
+> [!NOTE]
+> This does **not** create an external GPG signature file. The built-in
+> [signing](https://docs.gradle.org/current/userguide/publishing_signing.html)
+> plugin does that.
 
 ### Usage
-I haven't published this to the gradle plugin portal yet so until I do you need to have this in your settings.gradle.
-
-    pluginManagement {
-        repositories {
-            gradlePluginPortal()
-            maven { url = 'https://maven.minecraftforge.net/' }
-        }
-    }
-And in your build.gradle
-
-    plugins {
-        id 'net.minecraftforge.gradlejarsigner'
-    }
-This will add a extension name 'jarSigner' to your project where you can configure the signing information, or you can configure it in each signing task.
-    
-    jarSigner {
-        alias = 'key_name'
-        storePass = 'store_password'
-        keyPass = 'key_password'
-        keyStoreFile = file('keystore_file')
-        // Or you can specify the keystore file as a base64 encoded string.
-        // This is mainly meant to allow it to be passed in via a Github Action Secret
-        keyStoreData = 'aGVsbG8='
-    }
-
-Then to sign the `jar` task you can do `jarSigner.sign(jar)`, this works for any Jar or Zip task.
-You can also configure the task itself to specify any of the information set in the global config as well as any filters on the data you wish to sign.
-
-    jarSigner.sign(jar) {
-        alias = 'key_name'
-        storePass = 'store_password'
-        keyPass = 'key_password'
-        keyStoreFile = file('keystore_file')
-        exclude 'unsigned.txt'
-    }
-
-### Github Secrets
-A large motivation for this was wanting to use Github Actions and still be able to sign my built files. Github does not allow you to have files as [secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets) just strings and the workarounds I found involved committing a encrypted form of your keystore to your repo and then decrypting it during an Action. Instead I decided to allow you to specify the keystore file as a base64 encoded string which can be used as a Secret.
-
-You can either manually configure the information by pulling the secrets yourself, or I added a simple helper `jarSigner.autoDetect()` which which search the following locations in order:
-
-    if (prefix != null) {
-        project.findProperty(prefix + '.' + prop)
-        System.getenv(prefix + '.' + prop)
-    }
-    project.findProperty(prop)
-    System.getenv(prop)
-`prefix` defaults to `project.name` you can override by calling `jarSigner.autoDetect('prefix')`
+
+You can apply the plugin by declaring it in your `build.gradle` file.
+
+```groovy
+plugins {
+    id 'net.minecraftforge.gradlejarsigner'
+}
+```
+
+This will add an extension named `jarSigner` to your project where you can
+configure the signing information.
+
+```groovy
+jarSigner {
+    alias = 'key_name'
+    storePass = 'store_password'
+    keyPass = 'key_password'
+    keyStoreFile = file('keystore_file')
+    // Or you can specify the keystore file as a base64 encoded string.
+    // This is mainly meant to allow it to be passed in via a Github Action Secret
+    keyStoreData = 'aGVsbG8='
+}
+```
+
+Then, to sign the `jar` task, you can do `jarSigner.sign(jar)`. This works for
+any Jar or Zip task.
+
+You can also configure the task itself to specify any of the information set in
+the global config as well as any filters on the data you wish to sign.
+
+```groovy
+jarSigner.sign(jar) {
+    alias = 'key_name'
+    storePass = 'store_password'
+    keyPass = 'key_password'
+    keyStoreFile = file('keystore_file')
+    exclude 'unsigned.txt'
+}
+```
+
+### GitHub Secrets
+
+A large motivation for this was wanting to use GitHub Actions and still be able
+to sign my built files. GitHub does not allow you to have files as
+[secrets](https://docs.github.com/en/actions/security-guides/encrypted-secrets),
+just strings. The workarounds I found involved committing an encrypted form of
+your keystore to your repo and then decrypting it during an Action. I instead
+decided to allow you to specify the keystore file as a base64 encoded string
+which can be used as a secret.
+
+You can either manually configure the information by pulling the secrets
+yourself, or I added a simple helper `jarSigner.autoDetect()` which which search
+the following locations in order:
+
+```groovy
+if (prefix != null) {
+    project.findProperty(prefix + '.' + prop)
+    System.getenv(prefix + '.' + prop)
+}
+project.findProperty(prop)
+System.getenv(prop)
+```
+
+`prefix` defaults to `project.name`. You can override this by calling
+`jarSigner.autoDetect('prefix')`.
 
 For the following properties:
 
-    jarSigner {
-        alias = 'SIGN_KEY_ALIAS'
-        keyPass = 'SIGN_KEY_PASSWORD'
-        storePass = 'SIGN_KEYSTORE_PASSWORD'
-        keyStoreData = 'SIGN_KEYSTORE_DATA'
-    }
+```groovy
+jarSigner {
+    alias = 'SIGN_KEY_ALIAS'
+    keyPass = 'SIGN_KEY_PASSWORD'
+    storePass = 'SIGN_KEYSTORE_PASSWORD'
+    keyStoreData = 'SIGN_KEYSTORE_DATA'
+}
+```
 
 ### Conclusion
-I'm sure there are improvements that could be made, but it works good enough for me so this is where I'm at. If you have suggestions for improvements feel free to submit them. But the point of this plugin is to be small, simple, and single purpose.
+
+I'm sure there are improvements that could be made, but it works good enough for
+me so this is where I'm at. If you have suggestions for improvements feel free
+to submit them. But the point of this plugin is to be small, simple, and single
+purpose.

build.gradle

@@ -1,86 +1,118 @@
+import org.gradle.api.attributes.plugin.GradlePluginApiVersion
+
 plugins {
-    id 'org.cadixdev.licenser' version '0.6.1'
-    id 'maven-publish'
-    id 'java'
     id 'java-gradle-plugin'
+    id 'idea'
     id 'eclipse'
-    id 'net.minecraftforge.gradleutils' version '2.2.0'
-    id 'com.gradle.plugin-publish' version '1.2.1'
-}
-
-repositories {
-    mavenCentral()
+    id 'maven-publish'
+    alias libs.plugins.licenser
+    alias libs.plugins.gradleutils
+    alias libs.plugins.gitversion
+    alias libs.plugins.changelog
+    alias libs.plugins.plugin.publish
 }
 
+final projectDisplayName = 'Gradle Jar Signer Plugin'
+final projectArtifactId = base.archivesName = 'gradlejarsigner'
+final projectVendor = 'Forge Development LLC'
+description = 'Wrapper for Ant signjar, allowing proper task caching'
 group = 'net.minecraftforge'
-java.toolchain.languageVersion = JavaLanguageVersion.of(8)
-java.withSourcesJar()
+version = gitversion.tagOffset
 
-license {
-    header project.file('LICENSE-header.txt')
-    newLine false
-}
+println "Version: $version"
 
-version = gradleutils.tagOffsetVersion
-println('Version: ' + version)
+java {
+    toolchain.languageVersion = JavaLanguageVersion.of(8)
+    withSourcesJar()
+    //withJavadocJar()
+}
 
-gradlePlugin {
-    website = 'https://github.com/MinecraftForge/GradleJarSigner'
-    vcsUrl = 'https://github.com/MinecraftForge/GradleJarSigner.git'
-    plugins {
-        gradlejarsigner {
-            id = 'net.minecraftforge.gradlejarsigner'
-            implementationClass = 'net.minecraftforge.gradlejarsigner.GradleJarSignerPlugin'
-            displayName = 'Gradle Jar Signer'
-            description = 'Wrapper for Ant signjar, allowing proper task caching'
-            tags.set(['signing', 'java', 'signjar'])
+configurations {
+    // Applies the "Gradle Plugin API Version" attribute to configuration
+    // This was added in Gradle 7, gives consumers useful errors if they are on an old version
+    def applyGradleVersionAttribute = { Configuration configuration ->
+        configuration.attributes {
+            attribute(GradlePluginApiVersion.GRADLE_PLUGIN_API_VERSION_ATTRIBUTE, objects.named(GradlePluginApiVersion, libs.versions.gradle.get()))
         }
     }
+
+    named('runtimeElements', applyGradleVersionAttribute)
 }
 
 dependencies {
+    // Static Analysis
+    compileOnly libs.nulls
+
+    // Gradle API
+    compileOnly libs.gradle
 }
 
-compileJava {
+license {
+    header = rootProject.file('LICENSE-header.txt')
+    newLine = false
+    exclude '**/*.properties'
+}
+
+tasks.withType(JavaCompile).configureEach {
     options.encoding = 'UTF-8'
 }
 
-jar {
+tasks.named('jar', Jar) {
     manifest {
         attributes([
-            'Specification-Title':   'GradleJarSigner',
-            'Specification-Vendor':  'Forge Development LLC',
-            'Specification-Version':  gradleutils.gitInfo.tag,
-            'Implementation-Title':  'GradleJarSigner',
-            'Implementation-Vendor': 'Forge Development LLC',
+            'Specification-Title'   : projectDisplayName,
+            'Specification-Vendor'  : projectVendor,
+            'Specification-Version' : gitversion.info.tag,
+            'Implementation-Title'  : projectDisplayName,
+            'Implementation-Vendor' : projectVendor,
             'Implementation-Version': project.version
-        ] as LinkedHashMap, 'net/minecraftforge/gradlejarsigner/')
+        ], 'net/minecraftforge/gradlejarsigner/')
     }
 }
 
 changelog {
-    fromTag '1.0'
+    from '1.0'
     publishAll = false
 }
 
+gradlePlugin {
+    website = gitversion.url
+    vcsUrl = gitversion.url + '.git'
+
+    plugins.register('gradlejarsigner') {
+        id = 'net.minecraftforge.gradlejarsigner'
+        implementationClass = 'net.minecraftforge.gradlejarsigner.GradleJarSignerPlugin'
+        displayName = projectDisplayName
+        description = project.description
+        tags = ['signing', 'java', 'signjar']
+    }
+}
+
 publishing {
+    repositories {
+        maven gradleutils.publishingForgeMaven
+    }
+
     publications.register('pluginMaven', MavenPublication) {
+        artifactId = projectArtifactId
         changelog.publish(it)
-        pom {
-            packaging = 'jar'
-            description = 'Gradle Jar Signer Plugin'
-            url = 'https://github.com/MinecraftForge/GradleJarSigner'
 
-            gradleutils.pom.setGitHubDetails(pom, 'GradleJarSigner')
+        pom { pom ->
+            name = projectDisplayName
+            description = project.description
+
+            gradleutils.pom.addRemoteDetails(pom)
 
-            license gradleutils.pom.licenses.LGPLv2_1
+            licenses {
+                license gradleutils.pom.licenses.LGPLv2_1
+            }
 
             developers {
-                developer gradleutils.pom.Developers.LexManos
+                developer gradleutils.pom.developers.LexManos
             }
         }
     }
-    repositories {
-        maven gradleutils.publishingForgeMaven
-    }
 }
+
+idea.module { downloadSources = downloadJavadoc = true }
+eclipse.classpath { downloadSources = downloadJavadoc = true }

gradle.properties

@@ -0,0 +1,9 @@
+org.gradle.caching=true
+org.gradle.parallel=true
+org.gradle.configureondemand=true
+
+org.gradle.configuration-cache=true
+org.gradle.configuration-cache.parallel=true
+org.gradle.configuration-cache.problems=warn
+
+systemProp.org.gradle.unsafe.suppress-gradle-api=true

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.2.1-all.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.0.0-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME