如何在不对其进行硬编码的情况下从buildscript发送Artifactory发布凭据?

时间:2014-08-12 10:58:18

标签: security gradle artifactory

例如,从Gradle构建中获取此代码段:

repository {
   repoKey = 'libs-snapshot-local'
   username = 'whatever'
   password = 'whatever123'
}

过去,我已将Maven(~/.m2下的某些设置)配置为简单地传递用户名/密码。如果可能的话,我想避免将我的Artifactory服务器的登录凭据放在buildscript中。有更安全的解决方法吗?

1 个答案:

答案 0 :(得分:4)

您可以将gradle.properties文件放入〜/ .gradle /文件夹。

在此文件中,您可以输入凭据:

artifactoryUserName = whatever
artifactoryUserPassword = whatever123

现在您可以在构建脚本中引用这些属性:

repository {
    repoKey = 'libs-snapshot-local'
    username = project.hasProperty('artifactoryUserName') ? artifactoryUserName : ''
    password = project.hasProperty('artifactoryUserPassword') ? artifactoryUserPassword : ''
}