在哪里使用Ivy和一家私人公司资料库,当我把我的凭据? [英] Where do I put my credentials when using Ivy and a private company repository?
问题描述
我使用ANT +常春藤,我的公司最近成立了自己的私人图书馆一台Nexus服务器。常春藤可以通过使用ibilio解析器和m2compatible =真正得到了Nexus服务器的依赖,但我必须把我的凭据在ivysettings.xml文件。
I'm using Ant + Ivy, and my company has recently set up a Nexus server for our own private libraries. Ivy can get dependencies from the Nexus server by using a ibilio resolver and m2compatible=true, but I have to put my credentials in a ivysettings.xml file.
如何不同的开发人员应该存储他们的凭据?
How are different developers supposed to store their credentials?
是不应该的ivysettings.xml文件中VCS中COMMITED?
Is the ivysettings.xml file not supposed to be commited in vcs?
我真的不希望存储密码以纯文本格式。
I really don't want to store my password in plain text.
推荐答案
使用一个设置与性能控制的Nexus凭证文件:
Use a settings file with properties controlling the Nexus credentials:
<ivysettings>
<property name="repo.host" value="default.mycompany.com" override="false"/>
<property name="repo.realm" value="Sonatype Nexus Repository Manager" override="false"/>
<property name="repo.user" value="deployment" override="false"/>
<property name="repo.pass" value="deployment123" override="false"/>
<credentials host="${repo.host}" realm="${repo.realm}" username="${repo.user}" passwd="${repo.pass}"/>
..
..
</ivysettings>
在运行构建则可以指定真实的用户名和密码:
When you run the build you can then specify the true username and password:
ant -Drepo.user=mark -Drepo.pass=s3Cret
更新/增强
存储密码的文件系统上的属性需要加密。
Update/Enhancement
Storing passwords as properties on the file system requires encryption.
Jasypt 有一个命令行程序,它可以生成加密的字符串:
Jasypt has a command-line program that can generate encrypted strings:
$ encrypt.sh verbose=0 password=123 input=s3Cret
hXiMYkpsPY7j3aIh/2/vfQ==
这可以被保存在构建的属性文件:
This can be saved in the build's property file:
username=bill
password=ENC(hXiMYkpsPY7j3aIh/2/vfQ==)
下面的ANT目标将解密任何加密的ANT属性:
The following ANT target will decrypt any encrypted ANT properties:
<target name="decrypt">
<taskdef name="groovy" classname="org.codehaus.groovy.ant.Groovy" classpathref="build.path"/>
<groovy>
import org.jasypt.properties.EncryptableProperties
import org.jasypt.encryption.pbe.StandardPBEStringEncryptor
StandardPBEStringEncryptor encryptor = new StandardPBEStringEncryptor()
encryptor.setPassword(properties["master.pass"])
Properties props = new EncryptableProperties((Properties)properties, encryptor);
props.propertyNames().each {
properties[it] = props.getProperty(it)
}
</groovy>
</target>
当然,使这项工作,用于加密属性的密码需要指定为构建的一部分。
Of course to make this work, the password used for encrypting the properties needs to be specified as part of the build.
ant -Dmaster.pass=123
这意味着该解决方案仅适用于在休息隐藏数据良好。
This means the solution is only good for hiding data at rest.
这篇关于在哪里使用Ivy和一家私人公司资料库,当我把我的凭据?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!