jsign-maven-plugin: Allow referencing credentials from server settings in settings.xml

[kwin]

It should be possible to reference credentials from the settings.xml (https://maven.apache.org/settings.html#Servers). That requires to reference just a server id in the plugin parameters.

[ebourg]

Do you mean the keystore credentials?

[kwin]

This would be beneficial for all kinds of passwords/credentials/apikeys. Should work similar to https://maven.apache.org/plugins/maven-gpg-plugin/sign-mojo.html#passphraseServerId.

[ebourg]

Do you know of other Maven plugins doing this already?

[kwin]

This also requires having individual parameters for signing with a remote service instead of requiring concatenation in one parameter.

[ebourg]

maven-gpg-plugin uses an extra element for the serverId

https://github.com/apache/maven-gpg-plugin/blob/maven-gpg-plugin-3.0.1/src/main/java/org/apache/maven/plugins/gpg/AbstractGpgMojo.java#L213

I'm tempted to use a prefix instead, something like:

<storepass>mvn:serverId</storepass>

That would be consistent with the other prefixes supported (env: and file:).

[kwin]

prefix would work as well, but I would make it more specific, e.g. mvnserver:

[ebourg]

I don't have the time to implement this right now, but if you send a PR I'll review and merge it.

[ebourg]

This is now implemented, please let me know how it works for you.