@Rule
    public final Sample sample = new Sample(testDirectoryProvider)

    def setup() {
        using m2
    }

    @UsesSample('signing/conditional')
    def "conditional signing with dsl #dsl"() {
        given:
        inDirectory(sample.dir.file(dsl))

        when:
        run "publish"

        then:
        skipped(":signMainPublication")

        and:

 */

package org.gradle.plugins.signing


import spock.lang.Issue

class SigningDistributionsIntegrationSpec extends SigningIntegrationSpec {

    @Issue("https://github.com/gradle/gradle/issues/7580")
    def "can sign a distribution zip when distribution plugin is applied after signing is configured"() {
        given:
        buildFile << """
            signing {
                ${signingConfiguration()}

        GpgCmdAndVersion client = getAvailableGpg()
        assert client
        properties.put('signing.gnupg.executable', client.executable)
        properties.put('signing.gnupg.useLegacyGpg', (client.version == 1).toString())
        properties.put('signing.gnupg.homeDir', gpgHomeSymlink.toAbsolutePath().toString())
        properties.remove('signing.gnupg.optionsFile')
        properties.store(buildDir.file('gradle.properties').newOutputStream(), '')

 * limitations under the License.
 */
package org.gradle.plugins.signing

import spock.lang.Issue

class InMemoryPgpSignatoryProviderIntegrationSpec extends SigningIntegrationSpec {

    def "signs with default signatory"() {
        given:
        buildFile << """
            signing {
                useInMemoryPgpKeys(project.property('secretKey'), project.property('password'))

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/**
 * PGP signing support.
 */

 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

/**
 * The signing plugin signatory types.
 */

				"--root-ca-file=" + filepath.Join(testCertsDir, "ca.crt"),
				"--service-account-private-key-file=" + filepath.Join(testCertsDir, "sa.key"),
				"--cluster-signing-cert-file=" + filepath.Join(testCertsDir, "ca.crt"),
				"--cluster-signing-key-file=" + filepath.Join(testCertsDir, "ca.key"),
				"--use-service-account-credentials=true",
				"--controllers=*,bootstrapsigner,tokencleaner",

				Token:  &BootstrapTokenString{ID: "abcdef", Secret: "abcdef0123456789"},
				Usages: []string{"authentication", "signing"},
			},
			map[string][]byte{
				"token-id":                       []byte("abcdef"),
				"token-secret":                   []byte("abcdef0123456789"),
				"usage-bootstrap-signing":        []byte("true"),
				"usage-bootstrap-authentication": []byte("true"),
			},
		},
		{
			"adds groups",

 * limitations under the License.
 */
package org.gradle.plugins.signing.signatory.internal.pgp;

import org.gradle.api.Project;
import org.gradle.plugins.signing.signatory.internal.ConfigurableSignatoryProvider;
import org.gradle.security.internal.pgp.BaseInMemoryPgpSignatoryProvider;
import org.gradle.plugins.signing.signatory.pgp.PgpSignatory;

import java.util.Arrays;

// CertificateAuthority implements a certificate authority that supports policy
// based signing. It's used by the signing controller.
type CertificateAuthority struct {
	// RawCert is an optional field to determine if signing cert/key pairs have changed
	RawCert []byte
	// RawKey is an optional field to determine if signing cert/key pairs have changed
	RawKey []byte

	Certificate *x509.Certificate
	PrivateKey  crypto.Signer