1

I would like to use credentials of the physical user during the release. I use following stack: my own maven plugin wrapping maven-release-plugin, jenkins, nexus, git. On Jenkins I use parameters and password mask plugin to provide username and password for the user who is executing the build. The problem is that credentials for Jenkins, Git and Nexus may be different, so I can NOT re-use them. Obviously I could use CI user to authenticate everything but because of some regulations I can not do that.

First I tried to use -Dusername and -Dpassword but 1) this works only for git, 2) password for git and nexus is different. Besides that I want to use key based authentication for git.

Then I tried to programmatically change credentials by changing session/project object before executing maven-release-plugin:

 final MavenExecutionRequest request = new DefaultMavenExecutionRequest()
                .setLocalRepository(session.getLocalRepository())
                .setPluginArtifactRepositories(session.getCurrentProject().getPluginArtifactRepositories())
                .setRemoteRepositories(session.getCurrentProject().getRemoteArtifactRepositories())
                .setBaseDirectory(new File(properties.getCheckoutDirectory()))
                .setPluginGroups(session.getPluginGroups())
                .setProjectPresent(true)
                .setPom(new File(properties.getCheckoutDirectory() + "/pom.xml"))
                .setGoals(Arrays.asList(goal))
                .setInteractiveMode(false)
                .setUserSettingsFile(new File(session.getSystemProperties().getProperty("user.home") + "/.m2/settings.xml"))
                ;


        request.setUserProperties(preparePropertiesForMvn(properties));
        for (ArtifactRepository artifactRepository : session.getCurrentProject().getRemoteArtifactRepositories()) {
            if (artifactRepository.getId().equals("nexus-releases")) {
                artifactRepository.setAuthentication(new Authentication(properties.getNexusUser(),properties.getNexusPassword()));
            }
        }

        final MavenExecutionResult result = defaultMaven.execute(request);

At very end stage maven-deploy-plugin (which is executed by release plugin) reads ~/.m2/settings.xml file and gets (wrong - CI) credentials from it.

Is there the other way than preparing own customized settings.xml file for the build with builded in credentials? I would like to avoid to store the credentials on the local storage.

user2810516
  • 11
  • 4

1 Answers1

0

You can use the following method to add your own server configuration:

org.apache.maven.settings.Settings.addServer(org.apache.maven.settings.Server)

Tested and verified with help:effective-settings as I have no means to test agains any repository manager at the moment.

As long as you call the above method with your own server configuration ahead of the Maven deploy plugin, you should be good to go.

    Server server = new Server();
    server.setId("myServer");
    server.setUsername("myUserName");
    server.setPassword("myPassword");
    settings.addServer(server);
Sander Verhagen
  • 8,540
  • 4
  • 41
  • 63
  • I tried to use this but I don't know why maven-deploy-plugin anyway reads settings.xml instead of using this settings. – user2810516 Sep 27 '13 at 14:21
  • The release is done as a separately spun off build from the main one you execute from the command line. Did you look at `preparationGoals`? – Sander Verhagen Sep 27 '13 at 15:06