在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称(OpenSource Name):etiennestuder/gradle-credentials-plugin开源软件地址(OpenSource Url):https://github.com/etiennestuder/gradle-credentials-plugin开源编程语言(OpenSource Language):Java 69.0%开源软件介绍(OpenSource Introduction):gradle-credentials-plugin
OverviewGradle plugin that allows to store and access encrypted credentials using password-based encryption (PBE). The credentials plugin is hosted at the Gradle Plugin Portal. Build scanRecent build scan: https://scans.gradle.com/s/vzlk2e4dnfzge Find out more about build scans for Gradle and Maven at https://scans.gradle.com. GoalsOne typical use case of the 'gradle.properties' file in the Gradle user home directory is to store credentials, and to reference them from Gradle builds as project properties. This is a very convenient functionality at the cost that, by default, these properties are stored in plain text. It happens quickly that such credentials are exposed accidentally while giving a Gradle presentation or while pair-programming with a colleague. The credentials plugin provides a parallel functionality to the 'gradle.properties' file to store and access credentials in an encrypted format through a 'gradle.encrypted.properties' files, thereby avoiding that credentials are ever stored in plain text. FunctionalityThe following functionality is provided by the credentials plugin:
DesignAll access and storage of credentials goes through password-based encryption. The passphrase can either be specified as a project property from the command line, or a default passphrase is used. The JDK encryption algorithm applied is AES using a key that is generated using PBKDF2WithHmacSHA1 from an 8-byte salt, an iteration count of 65536, and a key length of 128 (longer keys require local installation of the JRE Security Extension). Access to the stored credentials from within a Gradle build happens through the
Please note that the author of this plugin is by far not a security expert. It is also not the primary goal of this plugin to provide high-security encryption, but rather to provide a convenient way to avoid having to store credentials in plain text. ConfigurationApply credentials pluginProject-applicationApply the plugins {
id 'nu.studer.credentials' version '3.0'
} Settings-applicationApply the plugins {
id 'nu.studer.credentials' version '3.0'
} Invoke credentials tasksStore encrypted credentialsYou can store new credentials or update existing credentials through the
Optionally, pass along a custom passphrase through the
Optionally, pass along a custom directory location of the credentials file through the
Remove encrypted credentialsYou can remove existing credentials through the
Optionally, pass along a custom passphrase through the
Optionally, pass along a custom directory location of the credentials file through the
Access credentials in buildGet credentials from within a buildGet the desired credentials from the String accountPassword = credentials.forKey('someAccountPassword') If no explicit passphrase is passed when starting the build, the If a custom passphrase is passed through the If a custom directory location is passed through the Compatibility
See the Migration section on how to migrate your build from older to newer credentials plugin versions. MigrationMigrating from credentials plugin 2.x to 3.xWhen migrating your build from credentials plugin 2.x to 3.x, follow these steps:
ExamplesProject-applicationYou can find a self-contained example build script here. Settings-applicationThe credentials plugin can also be applied to a Gradle settings file. You can find a self-contained example build script here. Feedback and ContributionsBoth feedback and contributions are very welcome. AcknowledgementsLicenseThis plugin is available under the Apache License, Version 2.0. (c) by Etienne Studer |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论