Deploy to Internal Maven Repo without hardcoding credentials

Is there a recent answer to this question from the old forum?

What is the recommended practice these days for storing credentials needed to publish artifacts into a private maven repository requiring such credentials?

You could possibly store the credentials in the ~/.gradle/ file and then reference those properties from the builds. By doing so the credentials can be stored/secured per system. IE CI systems can have credentials no one else has, or perhaps just different values than those configured on developer systems, just depends what you want to do with them.

I use these plugins
apply plugin: ‘maven-publish’
apply plugin: ‘maven-publish-auth’

project.ext.set(“mavenUploadRepository”, project.version.endsWith(’-SNAPSHOT’) ? ‘snapshots’ : ‘releases’)

publishing {
publications {
mavenJava(MavenPublication) {

repositories {
  maven {
    name "${project.mavenUploadRepository}"
    url "http://mvnrepo/nexus/content/repositories/${project.mavenUploadRepository}"


Which link publish to maven and the $HOME/.m2/settings
I can then store auth (be it Nexus user tokens, keys or hard coded passwords) outside of source control.