Reputation: 1095
Using encrypted password in settings.xml for dockerfile-maven-plugin
We are using dockerfile-maven-plugin from spotify. The plugin configuration is below and also settings.xml snippet follows. Noticed that if we try to use encrypted password with master password configured in the settings-security.xml, dockerfile-maven-plugin fails. Question is whether dockerfile-maven-plugin allows us to use encrypted password or not.
<plugin>
<groupId>com.spotify</groupId>
<artifactId>dockerfile-maven-plugin</artifactId>
<version>1.3.6</version>
<executions>
<execution>
<id>default</id>
<goals>
<goal>build</goal>
<goal>push</goal>
</goals>
</execution>
</executions>
<configuration>
<repository>host:port/${project.artifactId}</repository>
<tag>${project.version}</tag>
<buildArgs>
<EAR_FILE>${project.build.finalName}.ear</EAR_FILE>
</buildArgs>
<useMavenSettingsForAuth>true</useMavenSettingsForAuth>
</configuration>
</plugin>
settings-security.xml
<settingsSecurity>
<master>{Ve/ckepqKaIHGVED4WvoUn3htWLfPef158/35o9gdcM=}</master>
</settingsSecurity>
settings.xml
<servers>
<server>
<id>host:port</id>
<username>zenDocker</username>
<password>{rdSNF21NPqMH70L7wKs1ZKg4nWF+8m+Hm3rFrpt/a+g=}</password>
</server>
</servers>
Upvotes: 2
Views: 3270
Answers (3)
Reputation: 608
Quote from README.md (v1.4.3):
Since version 1.4.3, using an encrypted password in the Maven settings file is supported. For more information about encrypting server passwords in
settings.xml, read the documentation here.
Upvotes: 2
Reputation: 21
I had the same problem and I solved it by using this maven extension:
<extension>
<groupId>com.github.shyiko.servers-maven-extension</groupId>
<artifactId>servers-maven-extension</artifactId>
<version>1.3.0</version>
</extension>
Reference I used: https://apexplained.wordpress.com/2015/08/08/password-encryption-in-the-liquibase-maven-plugin/
My config results the following:
settings.xml
<server>
<id>hub.example.com</id>
<username>myUsername</username>
<password>{q6S7TmCyTP0H0q0IGOSsgnHSdbQlwXRcAF6h4Jvh/b0=}</password>
</server>
pom.xml
<build>
<extensions>
<extension>
<groupId>com.github.shyiko.servers-maven-extension</groupId>
<artifactId>servers-maven-extension</artifactId>
<version>1.3.0</version>
</extension>
</extensions>
<plugins>
<groupId>com.spotify</groupId>
<artifactId>dockerfile-maven-plugin</artifactId>
<version>${com.spotify.dockerfile-maven-plugin.version}</version>
<configuration>
<repository>hub.example.com/${project.artifactId}</repository>
<useMavenSettingsForAuth>true</useMavenSettingsForAuth>
<buildArgs>
<JAR_FILE>target/${project.build.finalName}.jar</JAR_FILE>
</buildArgs>
</configuration>
</plugin>
</plugins>
Upvotes: 2
Reputation: 365
I came across the same problem/question. Based on code at https://github.com/spotify/dockerfile-maven/blob/master/plugin/src/main/java/com/spotify/plugin/dockerfile/MavenRegistryAuthSupplier.java#L50 and try-and-error exercises, password is expected to be in an open form
return RegistryAuth.builder()
.username(server.getUsername())
.password(server.getPassword())
.build();
Upvotes: 1
Related Questions
- Generate settings-security.xml file for maven password encryption
- Passing Secrets to Docker
- Maven use Encrypted passwords in POM
- How to password protect a docker container?
- Docker password store in .docker/config.json
- Maven: Read encrypted password from settings.xml in pom.xml
- How to put maven settings.xml with password in source control
- Passwords in Dockerfile
- How to handle passwords in config/properties files
- Saving docker credentials in docker config