fix: disable redundant jreleaser signing (#122)

0marperez · web-flow · commit 899ccf3f6ab0 · 2025-09-03T14:38:12.000-04:00
diff --git a/build-plugins/build-support/src/main/kotlin/aws/sdk/kotlin/gradle/dsl/Publish.kt b/build-plugins/build-support/src/main/kotlin/aws/sdk/kotlin/gradle/dsl/Publish.kt
@@ -313,9 +313,6 @@ fun Project.configureJReleaser() {
     val requiredVariables = listOf(
         EnvironmentVariables.MAVEN_CENTRAL_USERNAME,
         EnvironmentVariables.MAVEN_CENTRAL_TOKEN,
-        EnvironmentVariables.GPG_PASSPHRASE,
-        EnvironmentVariables.GPG_PUBLIC_KEY,
-        EnvironmentVariables.GPG_SECRET_KEY,
         EnvironmentVariables.GENERIC_TOKEN,
     )
 
@@ -342,13 +339,6 @@ fun Project.configureJReleaser() {
             version = providers.gradleProperty("sdkVersion").get()
         }
 
-        // FIXME We're currently signing the artifacts twice. Once using the logic in configurePublishing above,
-        // and the second time during JReleaser's signing stage.
-        signing {
-            active = Active.ALWAYS
-            armored = true
-        }
-
         // JReleaser requires a releaser to be configured even though we don't use it.
         // https://github.com/jreleaser/jreleaser/discussions/1725#discussioncomment-10674529
         release {
@@ -368,6 +358,7 @@ fun Project.configureJReleaser() {
                 mavenCentral {
                     create("maven-central") {
                         active = Active.ALWAYS // the Maven deployer default is ALWAYS, but MavenCentral is NEVER
+                        sign = false // Signing is done when publishing, see the 'configurePublishing' function
                         url = "https://central.sonatype.com/api/v1/publisher"
                         stagingRepository(rootProject.layout.buildDirectory.dir("m2").get().toString())
                         artifacts {
