3

I'm running 

mvn release:prepare -Dusername=myuser -Dpassword=mypassword

and see lines in output:

[INFO] Executing: cmd.exe /X /C "git push https://myuser:********@myserver.com:8081/scm/project/project.git refs/heads/master:refs/heads/master"

but if for some reason git push failed(e.g. I made a mistake typing password) then I see in log

[ERROR] fatal: unable to access 'https://myuser:mypassword@myserver.com:8081/scm/project/project.git/': SSL certificate problem: self signed certificate in certificate chain

So I see PLAINTEXT password. As I use this step on Teamcity it causes security problems when someone else can see my password if build failed. I tried both on Linux and Windows machines.

I use maven-release-plugin version 2.5.3.

Anybody knows how to fix it?

Vasilii Ruzov
  • 554
  • 1
  • 10
  • 27
  • This doesn't directly solve your problem, but if you use SSH to access your Git repositories then you will not see passwords in your logs. The remote link will look like git push ssh://git@myserver.com/path/to/repo.git See https://git-scm.com/book/en/v2/Git-on-the-Server-The-Protocols#The-SSH-Protocol for details. – Richard Neish Nov 22 '15 at 11:13
  • @RichardNeish , thank you for your response and advice, but this does not help me because I need to authenticate by user/password, but not by ssh key, because I have several people running this build on Teamcity and I can't create a key for each of them and put to every buildAgent box. – Vasilii Ruzov Nov 23 '15 at 10:18

1 Answers1

4

Use another git provider in the release plugin. I had this exact same problem when switching to another git server. Suddenly the Jenkins password was showing up in the build logs, even if there were no errors. Perhaps the git servers are using different authentication schemes.

This worked for me:

 <plugin>
   <groupId>org.apache.maven.plugins</groupId>
   <artifactId>maven-release-plugin</artifactId>
   <version>2.5.3</version>
   <configuration>
     <providerImplementations>
       <git>jgit</git>
     </providerImplementations>
   </configuration>
   <dependencies>
     <dependency>
       <groupId>org.apache.maven.scm</groupId>
       <artifactId>maven-scm-provider-jgit</artifactId>
       <version>1.9.5</version>
     </dependency>
   </dependencies>                 
 </plugin>

This problem was fixed about 6 months ago, according to this.

Daniel
  • 4,033
  • 4
  • 24
  • 33