We are authenticating against a maven repository using properties defined by gradle.properies in each users .gradle directory. As part of our release process the project reports are published to an internal web server, allowing users to browse javadocs, junit result and the other project reports. However the properties report will now include the maven credentials in plain text. I could apply some custom filter to the reports but this made me wonder about the solution of storing plain text passwords in a file. Is there some other way of providing credentials to the maven repo?
With maven there exists a way of encrypting the passwords stored in .m2/settings.xml. http://maven.apache.org/guides/mini/guide-encryption.html Is something similar possible with gradle?
Gradle doesn’t currently support password encryption out-of-the-box. You’d have to roll it on your own.
Thanks, Assuming Nexus user tokens would do the trick: http://www.sonatype.com/books/nexus-book/reference/config-sect-usertoken.html
Yes, and they are a much better solution than client-side encryption.
But only available in Nexus Pro version.
Plain passwords is quite a no-go.