This message was deleted Gradle Community #community-support

Join Slack

This message was deleted.

# community-support

Slackbot

03/09/2023, 7:54 PM

This message was deleted.

Adam

03/09/2023, 8:07 PM

Does this help? https://docs.gradle.org/current/userguide/declaring_repositories.html#sec:handling_credentials

ephemient

03/09/2023, 8:07 PM

the easiest way is to pass them in the environment. setting

ORG_GRADLE_PROJECT_mypassword=

behaves like adding

-Pmypassword=

to the Gradle command or as a Gradle property

👍 1

Adam

03/09/2023, 8:07 PM

This answer is related: https://stackoverflow.com/questions/72058462/gradle-version-catalog-published-how-to-dynamically-set-up-repository/72075210#72075210

ephemient

03/09/2023, 8:08 PM

and yes, if the password is for a maven repository or something else that uses Gradle's credentials support, do that.

Shaun Reich

03/09/2023, 8:11 PM

Those are useful links and some of which I've seen, but it all seems to boil back down to "pass it via environment variable". Which means my password is exposed in the environment vars. I feel like none of these solutions consider how CI systems actually behave. I wanted to just be able to give it a secure path to a securely stored properties file. I do this with maven currently, I pass in -Dsettings or whatever to settings.xml

Shaun Reich

03/09/2023, 8:11 PM

But..I can't do that with gradle? So the solution is to put my password in an environment variable which is then exposed? That can't be correct

ephemient

03/09/2023, 8:11 PM

CI systems all support a way to pass environment variables without displaying them in the logs

ephemient

03/09/2023, 8:11 PM

also, almost all of them support masking out secrets in the commands or log output

Shaun Reich

03/09/2023, 8:14 PM

Hm yes you are correct, checking the Azure pipelines docs. Thank you I'll give that a shot

16 Views

Open in Slack

Previous Next