Sign a JAR file using Jenkins Pipeline

Question

I am trying to sign a JAR file using jarsigner in Jenkins Pipeline. While I can do it manually, I'm unsure about how it should work in a pipeline script. Could someone please assist me?

jarsigner -keystore keystore.jks -storepass keystore_password -keypass key_password your_app.war myalias

I would like to add the Signing Stage to the Pipeline Script. Can the /bin/sh command be used to run the jarsigner?

stage('Sign') {
    steps {
         sh '''#!/bin/bash
                jarsigner -keystore keystore.jks -storepass keystore_password -keypass key_password your_app.war myalias 
         '''
    } }

Thanks

Answer 1

You generally don't need #!/bin/bash. Just add a script step and add the sh command:

stage('Sign') {
    steps {
        script {
            sh 'jarsigner -keystore keystore.jks -storepass keystore_password -keypass key_password your_app.war myalias'
        }
    } 
}

You may get an issue where jarsigner won't be identified as a command. In that case, follow this answer to get the command into the Jenkins path.

Answer 2

You got it, it's exactly like that. One thing I would add is storing passwords in Jenkins instead of the pipeline itself

stage('Sign') {
    steps {
        withCredentials([
            string(credentialsId: 'jarsigner-password', variable: 'JARSIGNER_PASSWORD'),
        ]) {
             sh '''#!/bin/bash
                 jarsigner -keystore keystore.jks -storepass:env JARSIGNER_PASSWORD -keypass:env JARSIGNER_PASSWORD your_app.war myalias 
             '''
        }
    }
}

And if your command is failing because it can't find jarsigner follow the link @m-b provided in his answer.