The maven-jarsigner-plugin is a pretty handy Maven plugin if you want to sign the jar file produced by your Maven artefact build. The plugins documentation does provide several examples for that use case.
But if you want to sign just some jar files in the scope of your Maven build – especially if you need to apply certain include / exclude patterns – than the documentation provides only the configuration options you have to put together to make it work. Here’s an example how to sign several jar files using include / exclude patterns.
<plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-jarsigner-plugin</artifactId> <version>1.2</version> <executions> <execution> <id>sign</id> <phase>install</phase> <goals> <goal>sign</goal> </goals> </execution> </executions> <configuration> <archiveDirectory>target/jars</archiveDirectory> <excludes> <exclude>**/S*.jar</exclude> </excludes> <includes> <include>**/*.jar</include> </includes> <keystore>/path/to/keystore.jks</keystore> <alias>...</alias> <storepass>...</storepass> <keypass>...</keypass> </configuration> </plugin>
The <archiveDirectory> tag defines the directory where the maven-jarsigner-plugin will search for files that do match the include pattern provided by the <includes> tags value list. Both <includes> and <excludes> tags do use the same include / exclude patterns used by Ant.
In this example we want to match every *.jar file in the given directory and it’s subdirectories. Therefore we do use **/*.jar as the one and only value of the <includes> tags value list. At the same time we don’t want to sign any jar file that does start with a capital ‘S’ in the filename for whatever weird reason – maybe ’cause we don’t like uppercase ‘S’s. That’s why the <excludes> tags value list contains only the **/S*.jar value. Once again the ** prefix was used in the include / exclude pattern to tell the maven-jarsigner-plugin that those pattern should match in the given directory and all it’s subdirectories.
Both <includes> and <excludes> tags are optional if you don’t need and special include / exclude patterns. According to the maven-jarsigner-plugin documentation the default value for the <includes> tags value list is the **/*.?ar pattern which will match all *.jar and also *.war files.
..and a last closing warning: Be aware that the default include pattern does search the given directory and all it’s subdirectories for matching files. While doing so the plugin will follow any symlink in those directories!