问题
How to secure server/proxy settings in settings.xml in maven?
I assume this is mostly about login and passwords stored there and I assume that those can't be placed placed there explicitly, should they be stored in env variables/etc?
how should example of a secure settings.xml look?
回答1:
You have 2 options:
1)If you need only use in settings.xml:
Execute:
mvn --encrypt-password <password>
You will get the encrypted password like this:
{COQLCE6DU6GtcS5P=}
You can use this password in you settings.xml:
<settings>
...
<servers>
...
<server>
<id>my.server</id>
<username>foo</username>
<password>{COQLCE6DU6GtcS5P=}</password>
</server>
...
</servers>
...
</settings>
2)If you need to use in multiple uses:
Execute:
mvn --encrypt-master-password <password>
Yo will get the encrypted password like this:
{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}
Store this password in the ${user.home}/.m2/settings-security.xml it should look like:
<settingsSecurity>
<master>{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</master>
</settingsSecurity>
回答2:
If a settings.xml is shared (maybe it's a 'team' file, maybe it sits on a shared build/CI box) then sensitivie details within it - specifically passwords - can (should :) be encrypted.
Create a master password:
mvn --encrypt-master-password <password>Add the master password to
settings-security.xmlEncrypt your password
mvn --encrypt-password <password>Add the encrypted value to your
settings.xml
More details in the docs.
来源:https://stackoverflow.com/questions/46661480/how-to-secure-and-encrypt-setting-xml-paswords-file-in-maven