19

I'm currently trying to transisiton a maven build to a Gradle build. The show stopper hurdle I've hit is that our internal artifacts are deployed to an internal repository that requires authentication to read.

And you know what authentication means... usernames and passwords. The problem is I don't want to require developers to store their password as plaintext on their hard drives. Maven supports password encryption but I'm not seeing how to make Gradle do it.

Is there some magic access to the Ivy CredentialStore that will support encrypted passwords? or will I have to wait for a new version?

shemnon
  • 5,318
  • 4
  • 28
  • 37

2 Answers2

15

The gradle-credentials plugin will let you encrypt the contents of a gradle.encrypted.properties file, which will then be available in the build as properties of the credentials object.

The gradle maven settings plugin will let you use Maven's system for encrypting/decrypting credentials.

jonnybot
  • 2,435
  • 1
  • 32
  • 56
  • Thank you so much for https://github.com/mark-vieira/gradle-maven-settings-plugin . After spending so much time on this issue I could have solved this with things that are already set up and working. People who only have gradle won't have a settings.xml file so they'll have to pony up one but it works like a charm. – hanzo2001 Jan 18 '21 at 17:08
  • Well, full credit to Mark Vieira and Andres Almiray who are the maintainers. I just use their stuff. :) – jonnybot Jan 22 '21 at 22:47
10

We use Artifactory and Ivy's CredentialsStore works fine.

repositories {
  org.apache.ivy.util.url.CredentialsStore.INSTANCE.addCredentials(REALM, HOST, USER, PASSWORD);
  mavenRepo urls: [ "http://repo.mycompany.com/repo" ]
}

To have each developer use a different username create a gradle.properties file that contains

HOST=repo.mycompany.com
REALM=My Company Realm
USER=theusername
PASSWORD={DESede}xyz123abc

The {DESede} encrypted password prefix may be a Artifactory specific convention.

Uriah Carpenter
  • 6,656
  • 32
  • 28
  • 3
    That would be nice if I used artifactory, however my site uses nexus. Any generic solutions? – shemnon Dec 28 '10 at 05:37
  • Brian Fox said they were going to add server-side encrypted password support to Nexus in http://jira.codehaus.org/browse/MNG-4626 – Uriah Carpenter Dec 28 '10 at 16:11
  • 3
    Nexus has a user token feature that can replace username and password so you do not need to encrypt it. Just use the above with the unencrypted token – Manfred Moser Nov 08 '12 at 21:45