Details
-
Bug
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
3.9.9
-
None
-
None
Description
Given a gitlab.com account,
a PAT (personal access token) that is passed to the gitlab.com repo via httpHeaders field cannot be encrypted,
while the regular password field for our legacy nexus repo can be encrypted.
settings.xml file is as follows:
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
<localRepository>/some/dir</localRepository>
<servers>
<server>
<id>nexus</id>
<username>bla</username>
<password>{SOMENCRYTPEDPASSWORD==}</password><!-- encrypted standard jenkins password here -->
</server>
<server>
<id>gitlab-maven</id>
<configuration>
<httpHeaders>
<property>
<name>Private-Token</name>
<value>{SOMEENCRYPTEDPAT==}</value> <!-- PAT encrypted -->
</property>
</httpHeaders>
</configuration>
</server>
</servers>
I know there is a possible workaround to add an extension like https://github.com/causalnet/full-servers-decryption-maven-extension for an individual project, but that is very annoying if you have to do it for every single project.
I just add this issue because this is by far the easiest way for the end user to use this type of connection for ALL projects, while also looking from a security point of view.
I'm also hoping this is not a duplicate (I could not find a similar issue at least.....)
Any info or opinion about this is highly appreciated.
Tom