It sounds as though you wish to share a credential set amount multiple users. This is an example of what the security community calls “a bad idea”. > On Mar 17, 2017, at 6:38 AM, Alix Lourme <[email protected]> wrote: > > Dear community, > > I'm searching the best practice for password encryption in a maven POM file > *by > project*, could by used by properties (like in ANT or WAGON). Sample : > --- > <plugin> > <artifactId>maven-antrun-plugin</artifactId> > <version>1.8</version> > <configuration> > <target> > <echo message="Get docker certificates" /> > <mkdir dir="cert" /> > <scp file="root:${docker.password}@10.xx.xx.xx:/root/.docker/*" > todir="cert" trust="yes" /> > </target> > </configuration> > </plugin> > --- > > In this case, my *docker.password* could be a properties (pom or > settings.xml) but must not be in clear text. > > The problem with Maven encryption > <https://maven.apache.org/guides/mini/guide-encryption.html>: > - I have a master password defined in *settings-security.xml* (locally) for > my user need (like proxy password encryption in MY *settings.xml*) > - The CI tools contains the same mechanism (own *settings-security.xml*) > for global needs, like server encryption used in *settings.xml* for jar > publication in repository ; and I can't retrieve this file > > => I can't use this mechanism for password encryption who works locally and > on the CI server. > > *Is there a way to have a encryption mechanism for the project's perimeter > ?* (and not for user's perimeter, current Maven encryption works perfectly > for that). > > --- > > Using -s and -gs Maven options (=> user/global settings override) could be > a workaround but : > - Server item definition or properties defining password must be in clear > text > - Using this Maven settings for each build depending the project workspace > is a little boring > > Perhaps is there a best way like a "private key by project" ... but I > didn't found entry point about that. > > Thanks in advance. Best regards > *NB*: This question was firstly on stackoverflow > <https://stackoverflow.com/questions/33784790/maven-password-encryption-by-project>, > but no really interest ^^. > -- > Alix Lourme
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
