Skip to content

Configure JetBrains Marketplace plugin signing #47

Description

@redcatbear

Situation

JetBrains expects Marketplace-bound plugins to be signed before publication. The project already uses the IntelliJ Platform Gradle Plugin and declares zipSigner(), but build.gradle.kts does not configure secret-backed signing inputs for signPlugin, and there is no documented verifyPluginSignature check.

Relevant docs: https://plugins.jetbrains.com/docs/intellij/plugin-signing.html

Out-of-Scope

  • Generating or storing real signing secrets in the repository.
  • Choosing the long-term owner of the signing certificate.
  • Publishing to JetBrains Marketplace.
  • Changing plugin runtime behavior.

Acceptance Criteria

  1. Gradle signing is configured with secret-backed certificate chain, private key, and password inputs.
  2. No signing credentials are committed to source control.
  3. signPlugin produces a signed plugin ZIP when the required secrets are present.
  4. verifyPluginSignature is documented and passes for the signed ZIP when signing secrets are present.
  5. Local and CI behavior is documented for the case where signing secrets are intentionally unavailable.

Metadata

Metadata

Assignees

No one assigned

    Labels

    refactoringCode improvement without behavior change

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions