在哪里使用Ivy和一家私人公司资料库，当我把我的凭据？ [英] Where do I put my credentials when using Ivy and a private company repository?

问题描述

我使用ANT +常春藤，我的公司最近成立了自己的私人图书馆一台Nexus服务器。常春藤可以通过使用ibilio解析器和m2compatible =真正得到了Nexus服务器的依赖，但我必须把我的凭据在ivysettings.xml文件。

I'm using Ant + Ivy, and my company has recently set up a Nexus server for our own private libraries. Ivy can get dependencies from the Nexus server by using a ibilio resolver and m2compatible=true, but I have to put my credentials in a ivysettings.xml file.

如何不同的开发人员应该存储他们的凭据？

How are different developers supposed to store their credentials?

是不应该的ivysettings.xml文件中VCS中COMMITED？

Is the ivysettings.xml file not supposed to be commited in vcs?

我真的不希望存储密码以纯文本格式。

I really don't want to store my password in plain text.

推荐答案

使用一个设置与性能控制的Nexus凭证文件：

Use a settings file with properties controlling the Nexus credentials:

<ivysettings>
    <property name="repo.host" value="default.mycompany.com" override="false"/>
    <property name="repo.realm" value="Sonatype Nexus Repository Manager" override="false"/>
    <property name="repo.user" value="deployment"  override="false"/>
    <property name="repo.pass" value="deployment123"  override="false"/>          

    <credentials host="${repo.host}" realm="${repo.realm}" username="${repo.user}" passwd="${repo.pass}"/>

    ..
    ..
</ivysettings>

在运行构建则可以指定真实的用户名和密码：

When you run the build you can then specify the true username and password:

ant -Drepo.user=mark -Drepo.pass=s3Cret

更新/增强

存储密码的文件系统上的属性需要加密。

Update/Enhancement

Storing passwords as properties on the file system requires encryption.

Jasypt 有一个命令行程序，它可以生成加密的字符串：

Jasypt has a command-line program that can generate encrypted strings:

$ encrypt.sh verbose=0 password=123 input=s3Cret
hXiMYkpsPY7j3aIh/2/vfQ==

这可以被保存在构建的属性文件：

This can be saved in the build's property file:

username=bill
password=ENC(hXiMYkpsPY7j3aIh/2/vfQ==)

下面的ANT目标将解密任何加密的ANT属性：

The following ANT target will decrypt any encrypted ANT properties:

<target name="decrypt">
    <taskdef name="groovy" classname="org.codehaus.groovy.ant.Groovy" classpathref="build.path"/>

    <groovy>
    import org.jasypt.properties.EncryptableProperties
    import org.jasypt.encryption.pbe.StandardPBEStringEncryptor

    StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor()
    encryptor.setPassword(properties["master.pass"])

    Properties props = new EncryptableProperties((Properties)properties, encryptor);

    props.propertyNames().each {
        properties[it] = props.getProperty(it)
    }
    </groovy>
</target>

当然，使这项工作，用于加密属性的密码需要指定为构建的一部分。

Of course to make this work, the password used for encrypting the properties needs to be specified as part of the build.

ant -Dmaster.pass=123

这意味着该解决方案仅适用于在休息隐藏数据良好。

This means the solution is only good for hiding data at rest.

这篇关于在哪里使用Ivy和一家私人公司资料库，当我把我的凭据？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！