[
https://issues.apache.org/jira/browse/MBUILDCACHE-33?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17629139#comment-17629139
]
ASF GitHub Bot commented on MBUILDCACHE-33:
-------------------------------------------
AlexanderAshitkin commented on PR #35:
URL:
https://github.com/apache/maven-build-cache-extension/pull/35#issuecomment-1303960662
> I have expressed my objections in the JIRA issue and why I consider this
wrong.
Discussed in Jira. There are strong reasons why using credentials from
settings.xml in CI environment creates either security risks either unnecessary
complicates maintenance. I'm happy to implement better solution as long as
solution which addresses these absolutely basic concerns offered.
> Support remote cache credentials from environment variables
> ------------------------------------------------------------
>
> Key: MBUILDCACHE-33
> URL: https://issues.apache.org/jira/browse/MBUILDCACHE-33
> Project: Maven Build Cache Extension
> Issue Type: New Feature
> Reporter: Alexander Ashitkin
> Priority: Major
> Labels: pull-request-available
>
> In my current environment settings.xml are managed by a build team which is
> not allowing any modification because the same build service is used by all
> teams. Atop of that, maven build runs in a fresh container which doesn't have
> any credentials injected for security reasons. Because of that cache cannot
> read/deploy build artifacts to an authenticated http server. Still, our build
> service allows to inject credentials from environment variables into build
> container. Need to support cache setup without settings.xml by injecting
> environment variables:
> * MAVEN_BUILD_CACHE_DIRECT_CONNECT
> * MAVEN_BUILD_CACHE_USER
> * MAVEN_BUILD_CACHE_PASSWORD
> * MAVEN_BUILD_CACHE_PROXY_USER
> * MAVEN_BUILD_CACHE_PROXY_PASSWORD
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
