java - 共享的Gradle脚本中如何配置一些私密信息
巴扎黑
巴扎黑 2017-04-18 09:58:36
0
4
809

有一个Github上的开源Java项目,使用Gradle构建。现在需要发布到Maven中央仓库,其中需要配置一些中央仓库的用户、密码、签名等信息。这些都是私密信息,直接贴build脚本里面放在Github上肯定是不合适的。
Google了很久找到一个解决办法,在项目目录下创建gradle.properties文件。存放用户名密码信息,但实际值为空:

version=0.4.5-SNAPSHOT
signing.keyId=
signing.password=
signing.secretKeyRingFile=
ossrhUsername=
ossrhPassword=

现在只有一个问题,在使用travis-ci自动构建的时候,提示错误:

:signArchives FAILED
FAILURE: Build failed with an exception.
* What went wrong:
Could not evaluate onlyIf predicate for task ':signArchives'.
> Neither path nor baseDir may be null or empty string. path='' basedir='/home/travis/build/xyalan/marathon-cli'
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.
BUILD FAILED

我的build脚本部分内容:

artifacts {
    archives javadocJar, sourcesJar
}

ext.isReleaseVersion = !version.endsWith("SNAPSHOT")
signing {
    required {
        boolean signed =  isReleaseVersion && gradle.taskGraph.hasTask("uploadArchives")
        print signed
        signed
    }
    sign configurations.archives
}

uploadArchives {
    repositories {
        mavenDeployer {
            beforeDeployment { MavenDeployment deployment -> signing.signPom(deployment) }

            repository(url: "https://oss.sonatype.org/service/local/staging/deploy/maven2/") {
                authentication(userName: ossrhUsername, password: ossrhPassword)
            }

            snapshotRepository(url: "https://oss.sonatype.org/content/repositories/snapshots/") {
                authentication(userName: ossrhUsername, password: ossrhPassword)
            }

            pom.project {
                name 'marathon-cli'
                packaging 'jar'
                // optionally artifactId can be defined here
                description 'A application used as an example on how to set up pushing  its components to the Central Repository.'
                url 'http://www.example.com/example-application'

                scm {
                    connection 'scm:git:git://github.com/xyalan/marathon-cli.git'
                    developerConnection 'scm:git:git@github.com:xyalan/marathon-cli.git'
                    url 'https://github.com/xyalan/marathon-cli'
                }

                licenses {
                    license {
                        name 'The Apache License, Version 2.0'
                        url 'http://www.apache.org/licenses/LICENSE-2.0.txt'
                    }
                }

                developers {
                    developer {
                        id 'alan'
                        name 'Alan Yang'
                        email 'alanlhy@gmail.com'
                    }
                }
            }
        }
    }

请问这个如何配置这个路径信息?

巴扎黑
巴扎黑

reply all(4)
伊谢尔伦

Using placeholders directly should be the easiest way:
Fill in private information in the gradle.properties file, such as username and password:

username=
password=

Then use ${username}, ${password} directly in the build script instead. However, this method requires the user to configure their own gradle.properties. If not configured, the placeholder will not be found

伊谢尔伦

See you mentioned travi-ci,
travis has two encryption commands used to process sensitive information in the project

# 加密命令需要登录后在项目目录执行,travis 网站说加密得到 linux 或 mac 上执行
gem install travis # 需要ruby才能有gem
travis login
# 加密环境变量或者文件
travis encrypt env.global.PASSWORD=your_password --add # 添加环境变量 PASSWORD 到 .travis.yml,程序中直接使用环境变量
travis encrypt-file secret-file  --add

Reference:

  • https://docs.travis-ci.com/us...

  • https://docs.travis-ci.com/us...

  • https://uedsky.com/2016-06/tr...

左手右手慢动作

Save private content into files and add the files to .ignore, such as this article "Gradle in action: Publish aar packages to maven warehouse"

阿神

gradle-nexus-plugin

Credentials
In your ~/.gradle/gradle.properties you will need to set the mandatory Nexus credentials required for uploading your artifacts.
Plug-ins like the one above place the user password in the ~ directory by default.

AlsoGradle最大的一个优点就是灵活,因为是采用groovy脚本直接编写的,所以你可以任何加载任何目录下的配置文件。比如在脚本中直接使用PropertiesIt is OK to read files in a directory and encrypt them in the specified format or otherwise.

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template