Hi, I would never put passwords etc. into a pom file. encrypted or not...
I would suggest to put them into the settings.xml file outside your pom file, cause the pom file will be checked in into version control system..
On 17/03/17 14:38, Alix Lourme wrote:
Dear community, I'm searching the best practice for password encryption in a maven POM file *by project*, could by used by properties (like in ANT or WAGON). Sample : --- <plugin> <artifactId>maven-antrun-plugin</artifactId> <version>1.8</version> <configuration> <target> <echo message="Get docker certificates" /> <mkdir dir="cert" /> <scp file="root:${docker.password}@10.xx.xx.xx:/root/.docker/*" todir="cert" trust="yes" /> </target> </configuration> </plugin> --- In this case, my *docker.password* could be a properties (pom or settings.xml) but must not be in clear text. The problem with Maven encryption <https://maven.apache.org/guides/mini/guide-encryption.html>: - I have a master password defined in *settings-security.xml* (locally) for my user need (like proxy password encryption in MY *settings.xml*) - The CI tools contains the same mechanism (own *settings-security.xml*) for global needs, like server encryption used in *settings.xml* for jar publication in repository ; and I can't retrieve this file => I can't use this mechanism for password encryption who works locally and on the CI server. *Is there a way to have a encryption mechanism for the project's perimeter ?* (and not for user's perimeter, current Maven encryption works perfectly for that). --- Using -s and -gs Maven options (=> user/global settings override) could be a workaround but : - Server item definition or properties defining password must be in clear text - Using this Maven settings for each build depending the project workspace is a little boring
You can use the user settings.xml file this where you can also encrypt the passwords/etc.
https://maven.apache.org/guides/mini/guide-encryption.html Kind regards Karl Heinz Marbaise
Perhaps is there a best way like a "private key by project" ... but I didn't found entry point about that. Thanks in advance. Best regards *NB*: This question was firstly on stackoverflow <https://stackoverflow.com/questions/33784790/maven-password-encryption-by-project>, but no really interest ^^.
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@maven.apache.org For additional commands, e-mail: users-h...@maven.apache.org