Hi,
I would never put passwords etc. into a pom file. encrypted or not...
I would suggest to put them into the settings.xml file outside your pom
file, cause the pom file will be checked in into version control system..
On 17/03/17 14:38, Alix Lourme wrote:
Dear community,
I'm searching the best practice for password encryption in a maven POM file *by
project*, could by used by properties (like in ANT or WAGON). Sample :
---
<plugin>
<artifactId>maven-antrun-plugin</artifactId>
<version>1.8</version>
<configuration>
<target>
<echo message="Get docker certificates" />
<mkdir dir="cert" />
<scp file="root:${docker.password}@10.xx.xx.xx:/root/.docker/*"
todir="cert" trust="yes" />
</target>
</configuration>
</plugin>
---
In this case, my *docker.password* could be a properties (pom or
settings.xml) but must not be in clear text.
The problem with Maven encryption
<https://maven.apache.org/guides/mini/guide-encryption.html>:
- I have a master password defined in *settings-security.xml* (locally) for
my user need (like proxy password encryption in MY *settings.xml*)
- The CI tools contains the same mechanism (own *settings-security.xml*)
for global needs, like server encryption used in *settings.xml* for jar
publication in repository ; and I can't retrieve this file
=> I can't use this mechanism for password encryption who works locally and
on the CI server.
*Is there a way to have a encryption mechanism for the project's perimeter
?* (and not for user's perimeter, current Maven encryption works perfectly
for that).
---
Using -s and -gs Maven options (=> user/global settings override) could be
a workaround but :
- Server item definition or properties defining password must be in clear
text
- Using this Maven settings for each build depending the project workspace
is a little boring
You can use the user settings.xml file this where you can also encrypt
the passwords/etc.
https://maven.apache.org/guides/mini/guide-encryption.html
Kind regards
Karl Heinz Marbaise
Perhaps is there a best way like a "private key by project" ... but I
didn't found entry point about that.
Thanks in advance. Best regards
*NB*: This question was firstly on stackoverflow
<https://stackoverflow.com/questions/33784790/maven-password-encryption-by-project>,
but no really interest ^^.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@maven.apache.org
For additional commands, e-mail: users-h...@maven.apache.org
