Reputation: 805
Use Jenkins to swap a password parameter out when building git repo
I would like to have the following scenario:
- Jenkins to grab my github repo (check!)
- find a particular file in my project (persistence.xml let's say)
- locate the parameter (for example PASSWORD_PLACEHOLDER)
- swap it in with a password I've previously provided it before running my tests
- Run my tests (via Maven) that depend on the DB connection the password is for
Question: Can this be done easily and if so, how? Should this be a MAVEN responsibility or a Jenkins one?
Upvotes: 1
Views: 109
Answers (1)
Reputation: 27862
You could achieve it using Maven filtering on test resources (or on resources, if you prefer).
You can configure your POM as following:
<properties>
<secretPassword>xxxx</secretPassword>
</properties>
<build>
<testResources>
<testResource>
<filtering>true</filtering>
<directory>src/test/resources</directory>
</testResource>
</testResources>
</build>
And have your persistence.xml file under src/test/resources with the following sample content:
<test>
<password>${secretPassword}</password>
</test>
Then, from command line you can pass a value for this token as below:
mvn clean test -DsecretPasword="p4ssw0rd"
And Maven will automatically replace the token in the persistence.xml file with the provided value. As per Maven lifecycle, this replacement will occur before any test execution.
Once this mechanism is in place, you can then proceed with the Jenkins setup:
- Jenkins check the code out from version control
- Jenkins runs a Maven execution on the workspace passing to Maven the desired password value as on the example above
- Maven will replace the token and execute the tests
A common and good practice is also to place this behavior in a dedicated maven profile, having id ci for example, and then activate it as part of the Jenkins build (via the -Pci option, in this case, passed to maven).
Hence, back to your questions:
Can this be done easily and if so, how?
Yes, as described above
Should this be a MAVEN responsibility or a Jenkins one?
Maven and Jenkins working together
Additionally, beware that the password you passed would be part of the Jenkins build output on the Jenkins server (it will print the Maven command executed and as part of it the value you passed for the password, in clear).
You can check the Mask Password Jenkins Plugin to mask the password from the build output.
Upvotes: 1
Related Questions
- How to specify the private SSH-key to use when executing shell command on Git?
- When do you use Git rebase instead of Git merge?
- Receiving "fatal: Not a git repository" when attempting to remote add a Git repo
- Why is Github asking for username/password when following the instructions on screen and pushing a new repo?
- When should I use git pull --rebase?
- How do I provide a username and password when running "git clone [email protected]"?
- Jenkins plugin repo as proxy repo when behind a corporate proxy
- When would you use the different git merge strategies?
- Jenkins: How to get node name from label to use as a parameter