add optional wait time before signing a file

Author: hboutemy

src/main/java/org/apache/maven/plugins/gpg/SigstoreSignAttachedMojo.java

@@ -75,6 +75,12 @@ public class SigstoreSignAttachedMojo
     @Parameter( defaultValue = "${project}", readonly = true, required = true )
     protected MavenProject project;
 
+    /**
+     * PoC: wait time before each file signature (in seconds)
+     */
+    @Parameter( property = "sigstore.wait", defaultValue = "0" )
+    private long wait;
+
     /**
      * Maven ProjectHelper
      */
@@ -181,6 +187,12 @@ else if ( project.getAttachedArtifacts().isEmpty() )
             KeylessSigner signer = KeylessSigner.builder().sigstoreStagingDefaults().build();
             for ( SigningBundle bundleToSign : filesToSign )
             {
+                if ( wait > 0 )
+                {
+                    getLog().info( "waiting for " + wait + " seconds before signing" );
+                    Thread.sleep( wait * 1000 );
+                }
+
                 File fileToSign = bundleToSign.getSignature(); // reusing original GPG implementation where it's the signature: TODO change
 
                 KeylessSignature signature = signer.signFile( fileToSign.toPath() );