This message was deleted.

repositories {
    maven {
        name = "myMavenRepo"
        url = uri("<https://myMavenRepo.com/android-sdk>")
        credentials {
            username = "secretUsername"
            password = "secretPassword"
        }
    }
}

What options do i have to stop having to have

secretUsername

and

secretPassword

visible?

A few options: 1. Use Gradle properties, which can be set via the command line, environment variables, or in ~/.gradle/gradle.properties; 2. Pull from environment variables via System.env 3. Use a custom ValueSource to obtain the credentials from <wherever works for you>, which could be a Keychain, API call, etc.

Wrt properties, see https://docs.gradle.org/current/userguide/declaring_repositories.html#sec:handling_credentials

Thanks both. 👍 That docs link is what I needed.

You can use ejson - https://github.com/Shopify/ejson I wrote a Kotlin implementation of it that can be embedded in a project (not documented unfortunately) - https://github.com/eygraber/ejson-kotlin

If you’re using an Enterprise hosted Nexus repository, that instance can store the credentials and do the proxy for you.

you’d still need to store the credentials to access Nexus, regardless of whether it is proxying (and authenticating) to other repositories.

That I’d assume would be the case and normally people would have those in methods as above, my comment was more for 3rd party dependencies that require credentials for each of those. For example, pulling from Githubs repositories or a private jfrog instance. You’d be able to keep those credentials out of your build scripts. With our Nexus repository, read access is open as it’s all on an internal network. It’s publish that requires credentials.