有一个Github上的开源Java项目,使用Gradle构建。现在需要发布到Maven中央仓库,其中需要配置一些中央仓库的用户、密码、签名等信息。这些都是私密信息,直接贴build脚本里面放在Github上肯定是不合适的。
Google了很久找到一个解决办法,在项目目录下创建gradle.properties
文件。存放用户名密码信息,但实际值为空:
version=0.4.5-SNAPSHOT
signing.keyId=
signing.password=
signing.secretKeyRingFile=
ossrhUsername=
ossrhPassword=
现在只有一个问题,在使用travis-ci
自动构建的时候,提示错误:
:signArchives FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Could not evaluate onlyIf predicate for task ':signArchives'.
> Neither path nor baseDir may be null or empty string. path='' basedir='/home/travis/build/xyalan/marathon-cli'
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.
BUILD FAILED
我的build脚本部分内容:
artifacts {
archives javadocJar, sourcesJar
}
ext.isReleaseVersion = !version.endsWith("SNAPSHOT")
signing {
required {
boolean signed = isReleaseVersion && gradle.taskGraph.hasTask("uploadArchives")
print signed
signed
}
sign configurations.archives
}
uploadArchives {
repositories {
mavenDeployer {
beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }
repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2/") {
authentication(userName: ossrhUsername, password: ossrhPassword)
}
snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots/") {
authentication(userName: ossrhUsername, password: ossrhPassword)
}
pom.project {
name 'marathon-cli'
packaging 'jar'
// optionally artifactId can be defined here
description 'A application used as an example on how to set up pushing its components to the Central Repository.'
url 'http://www.example.com/example-application'
scm {
connection 'scm:git:git://github.com/xyalan/marathon-cli.git'
developerConnection 'scm:git:git@github.com:xyalan/marathon-cli.git'
url 'https://github.com/xyalan/marathon-cli'
}
licenses {
license {
name 'The Apache License, Version 2.0'
url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
}
}
developers {
developer {
id 'alan'
name 'Alan Yang'
email 'alanlhy@gmail.com'
}
}
}
}
}
请问这个如何配置这个路径信息?
Using placeholders directly should be the easiest way:
Fill in private information in the gradle.properties file, such as username and password:
Then use ${username}, ${password} directly in the build script instead. However, this method requires the user to configure their own gradle.properties. If not configured, the placeholder will not be found
See you mentioned travi-ci,
travis has two encryption commands used to process sensitive information in the project
Reference:
https://docs.travis-ci.com/us...
https://docs.travis-ci.com/us...
https://uedsky.com/2016-06/tr...
Save private content into files and add the files to .ignore, such as this article "Gradle in action: Publish aar packages to maven warehouse"
gradle-nexus-plugin
Credentials
In your ~/.gradle/gradle.properties you will need to set the mandatory Nexus credentials required for uploading your artifacts.
Plug-ins like the one above place the user password in the
~
directory by default.Also
Gradle
最大的一个优点就是灵活,因为是采用groovy
脚本直接编写的,所以你可以任何加载任何目录下的配置文件。比如在脚本中直接使用Properties
It is OK to read files in a directory and encrypt them in the specified format or otherwise.