Handling password

Next Topic
 
classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Handling password

ahardy42
As part of the build process, I create an nginx reverse proxy docker image using docker-maven-plugin.

I run debian's apt-get package manager to install a few unix tools into the nginx docker image.

However I'm working behind a corporate proxy server that demands a username:password. I have a service account with a password and for the last couple of days, I had this in a config file in my source code which is then used to build the docker image.

For security, I don't want to check this in to our code repo.

The service account is already stored in the settings.xml proxy info on the CI server, but if I try to grab this info during the build with ${settings.proxies.ci-server-proxy.username}, I get null.

Is there another way?


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Handling password

ahardy42
After a bit of creative thinking, I put the username:password into variables
in a profile in the settings file and let maven substitute them into the
file at build time. Now the security issue is a problem for the person
maintaining the CI server - which is me too but at least no-one will find it
by searching the code base for instances of 'username'.

However, maven-resources-plugin fails to substitute the last property
because it comes after the '@' sign:

Acquire::http::Proxy "http://${proxy.username}:${proxy.pw}@${proxy.host}";

Can I do anything about that?

Regards
Adam



--
Sent from: http://maven.40175.n5.nabble.com/Maven-Users-f40176.html

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Handling password

Robert Scholte-8
Is ${settings.proxies[0].username} an options?

Robert

On Wed, 06 Dec 2017 17:28:20 +0100, ahardy42  
<[hidden email]> wrote:

> After a bit of creative thinking, I put the username:password into  
> variables
> in a profile in the settings file and let maven substitute them into the
> file at build time. Now the security issue is a problem for the person
> maintaining the CI server - which is me too but at least no-one will  
> find it
> by searching the code base for instances of 'username'.
>
> However, maven-resources-plugin fails to substitute the last property
> because it comes after the '@' sign:
>
> Acquire::http::Proxy  
> "http://${proxy.username}:${proxy.pw}@${proxy.host}";
>
> Can I do anything about that?
>
> Regards
> Adam
>
>
>
> --
> Sent from: http://maven.40175.n5.nabble.com/Maven-Users-f40176.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: Handling password

ahardy42
Robert Scholte-8 wrote
> Is ${settings.proxies[0].username} an options?
>
> Robert

Thanks Robert but no, that doesn't work.

Seems that maven-resources-plugin can't dereference lists or arrays.





--
Sent from: http://maven.40175.n5.nabble.com/Maven-Users-f40176.html

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]