The Azure/AWS/Google keystore parameter is treated as a relative file by the Ant task and the Maven plugin

[olirogers]

When trying to use the GOOGLECLOUD store type to perform code signing with a Google hosted private key, the project/keyname entered in attribute is interpreted as a relative file location and an incorrect URL is generated.

e.g.

`

projects/{project}/locations/{zone}/keyRings/{keyname} {key} GOOGLECLOUD ${basedir}/../build/certificates/chain.pem env:GCP_API_KEY

`

Results in this exception:

Unable to fetch Google Cloud private key '/Users/oli/source/folder/projects/{project}/locations/{zone}/keyRings/{keyname}/cryptoKeys/{key}': HTTP Error 404 - Not Found (https://cloudkms.googleapis.com/v1//Users/oli/source/folder/projects/{project}/locations/{zone}/keyRings/{keyname}/cryptoKeys/{key}/cryptoKeyVersions?filter=state%3DENABLED)

Using maven 3.9.1, Java 8 on Mac OS.

I believe this parameter has the type of java.io.File in the plugin so I think Maven treats this differently. Perhaps there should be another property to specify the GCP location? Or is there any way to prevent this behaviour?

[ebourg]

Thank you for reporting this issue, AWS and Azure are probably affected too.

[ebourg]

The Ant task also uses a File instead of a String for the keystore parameter.

[ebourg]

This issue should be fixed now, if you can rebuild the project please let me know how it works for you.

[olirogers]

Thank you @ebourg for addressing this so quickly!

Unfortunately I have build errors on the latest commit on master: There is at least one incompatibility: net.jsign.JsignTask.setKeystore(java.io.File):METHOD_REMOVED,net.jsign.PESignerTask:METHOD_REMOVED_IN_SUPERCLASS Is there an ETA on the 4.3 release?

[ebourg]

I've fixed the compatibility check. There is no ETA for the next release, but I'd like to publish it in the near future.