Where do I put my credentials when using Ivy and a private company repository?

Question

I\'m using Ant + Ivy, and my company has recently set up a Nexus server for our own private libraries. Ivy can get dependencies from the Nexus server by using a ibilio resol

Answer 1

For my purposes the command-line credentials weren't an option because I'm running through Jenkins and they'd be clearly pasted on the build output, so here was my solution which strikes a balance by being reasonably secure.

• Create a properties file in your home directory that contains the sensitive information (we'll call it "maven.repo.properties")

  repo.username=admin
  repo.password=password
  

• Near the top of your build file, import the property file

• In your publish target under build.xml, set your ivy settings file location (which does get checked in to code control) but embed your credential properties

• Create your ivysettings.xml just as you did before, but strip out the username and passwd attributes

You can then leverage your operating system's permissions to make sure that the maven.repo.properties file is properly hidden from everybody except you (or your automatic build implementation).