How do I get secure user input (i.e. passwords) during the build if using the daemon?


(andrew.oberstar) #1

Per GRADLE-1818, and my own testing, the user’s System.in is passed to the daemon. While this supports the base use case, I would like to prompt for a password without displaying it on the screen. I’m currently using System.console() to do this, which works fine when not using the daemon, but returns null with the daemon. I am falling back to regular System.in in this case.

I’m not even sure if it’s possible for the daemon process to have access to System.console(). Is there anything that can be done in Gradle to support this?

Any alternative suggestions for secure user input would be welcome.


(Luke Daley) #2

There’s nothing at this point, but we’ll likely do something at some point. Unlikely to happen before 1.0 though.

One approach that has been used when there is no option for secure input is to have the user enter the path to a file that contains the sensitive info.


(andrew.oberstar) #3

Thanks for the response. Didn’t think there was going to be anything at this point, but good to know it’s a possibility for the future.