Created: (MGPG-18) NPE in GpgSigner

NPE in GpgSigner
----------------

                 Key: MGPG-18
                 URL: http://jira.codehaus.org/browse/MGPG-18
             Project: Maven 2.x GPG Plugin
          Issue Type: Bug
    Affects Versions: 1.0-alpha-4
            Reporter: Geoffrey Wiseman
            Priority: Minor


If I run "mvn package gpg:sign", this works.  If I run "mvn gpg:sign", I get the following stack trace:

{code}
java.lang.NullPointerException
        at org.apache.maven.plugin.gpg.GpgSigner.generateSignatureForArtifact(GpgSigner.java:119)
        at org.apache.maven.plugin.gpg.GpgSignAttachedMojo.execute(GpgSignAttachedMojo.java:228)
        at org.apache.maven.plugin.DefaultPluginManager.executeMojo(DefaultPluginManager.java:490)
        at org.apache.maven.lifecycle.DefaultLifecycleExecutor.executeGoals(DefaultLifecycleExecutor.java:694)
{code}

After running this through a debugger, I can see that this is because the 'file' object (project.getArtifact().getFile()) is null, which seems to be the case any time the artifact wasn't generated in this invocation of Maven.  At the very least, this should result in a good error message, although it would be nice if "gpg:sign" would work on an artifact that was previously-generated.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

    [ http://jira.codehaus.org/browse/MGPG-18?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=197180#action_197180 ]

Geoffrey Wiseman edited comment on MGPG-18 at 11/4/09 8:28 AM:
---------------------------------------------------------------

This is the simplest patch I can imagine to improve the situation.  It's not a very good solution, but it least explains the problem.  A more workable solution would be to support signing previously-generated files, I would think.

{code}
### Eclipse Workspace Patch 1.0
#P maven-gpg-plugin
Index: src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java
===================================================================
--- src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java (revision 832750)
+++ src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java (working copy)
@@ -212,6 +212,9 @@
             // ----------------------------------------------------------------------------
 
             File projectArtifact = project.getArtifact().getFile();
+            if( projectArtifact == null ) {
+             throw new MojoExecutionException( "Cannot find file for artifact " + project.getArtifact() + "; gpg signing must occur on the same invocation as the packaging." );
+            }
 
             File projectArtifactSignature = signer.generateSignatureForArtifact( projectArtifact, pass );
{code}


      was (Author: diathesis2):
    This is the simplest patch I can imagine to improve the situation.  It's not a very good solution, but it least explains the problem.  A more workable solution would be to support signing previously-generated files, I would think.

### Eclipse Workspace Patch 1.0
#P maven-gpg-plugin
Index: src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java
===================================================================
--- src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java (revision 832750)
+++ src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java (working copy)
@@ -212,6 +212,9 @@
             // ----------------------------------------------------------------------------
 
             File projectArtifact = project.getArtifact().getFile();
+            if( projectArtifact == null ) {
+             throw new MojoExecutionException( "Cannot find file for artifact " + project.getArtifact() + "; gpg signing must occur on the same invocation as the packaging." );
+            }
 
             File projectArtifactSignature = signer.generateSignatureForArtifact( projectArtifact, pass );
 

 
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

    [ http://jira.codehaus.org/browse/MGPG-18?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=197180#action_197180 ]

Geoffrey Wiseman commented on MGPG-18:
--------------------------------------

This is the simplest patch I can imagine to improve the situation.  It's not a very good solution, but it least explains the problem.  A more workable solution would be to support signing previously-generated files, I would think.

### Eclipse Workspace Patch 1.0
#P maven-gpg-plugin
Index: src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java
===================================================================
--- src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java (revision 832750)
+++ src/main/java/org/apache/maven/plugin/gpg/GpgSignAttachedMojo.java (working copy)
@@ -212,6 +212,9 @@
             // ----------------------------------------------------------------------------
 
             File projectArtifact = project.getArtifact().getFile();
+            if( projectArtifact == null ) {
+             throw new MojoExecutionException( "Cannot find file for artifact " + project.getArtifact() + "; gpg signing must occur on the same invocation as the packaging." );
+            }
 
             File projectArtifactSignature = signer.generateSignatureForArtifact( projectArtifact, pass );
 


--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

    [ http://jira.codehaus.org/browse/MGPG-18?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=198900#action_198900 ]

Jakub Holý commented on MGPG-18:
--------------------------------

This is really confusing for a new user and can easily discourage him/her from using this plugin.

Thanks a lot Geoffrey for providing the work-around!!! /Jakub

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

    [ http://jira.codehaus.org/browse/MGPG-18?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=198926#action_198926 ]

Geoffrey Wiseman commented on MGPG-18:
--------------------------------------

Glad it was helpful.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira