Skip to content
/ keychain-passwd-maven-plugin Public

Maven plugin that accesses password from the keychain; sets it as value of given system property for use by other plugins in the same JVM.

License

View license
4 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

sriki77/keychain-passwd-maven-plugin

BranchesTags

Repository files navigation

OSX Keychain Password Maven Plugin

I use maven for deployments. This requires me to provide credentials - username and password to maven. You can provide the password when the command is run everytime or store it in maven pom file. Securing password is an issue with all the systems that support only username/password base authentication.

Thats the background for creation of this plugin. This plugin retrieves the password from OSX keychain and sets it as a Maven Project property - which can be used by other plugins. As expected, the plugin is OSX specific.

Usage

  • Create a password item in Mac key chain. Screenshot below. Password Item Image
  • Configure the maven plugin as follows to access the created keychain it
<plugin>
      <groupId>com.github.sriki77</groupId>
      <artifactId>keychain-passwd-maven-plugin</artifactId>
      <version>1.0</version>
      <configuration>
            <accountName>maven-test-item</accountName>
            <itemName>maven-test-item</itemName>
            <passwordProperty>password</passwordProperty>
      </configuration>
      <executions>
            <execution>
                  <goals>
                        <goal>getpasswd</goal>
                  </goals>
            </execution>
      </executions>
</plugin>
  • itemName (default: mvn-app-passwd) and accountName (default: mvn-app-passwd) are help identify the password item from keychain
  • passwordProperty (default: password)is the name of the system property to which the retrieved password value should be set. In the above case a Java system property named password will set the value retrieved from keychain.
  • When the keychain is accessed by maven plugin, OSX will prompt on whether you like the Java program to access keychain; reply Allow will cause the password to be retrived successfully.
  • If the password retrieval fails, an error is logged in console indicating the same. The failure to retrive password is not considered fatal and will not halt maven execution. The passwordProperty value will be null.
  • The plugin by default runs in validate phase of the maven build lifecycle.

Location of Maven Plugin

This maven plugin is found in OSS Sonatype repository

      <repository>
            <id>Sonatype repository</id>
            <name>Sonatype's Maven repository</name>
            <url>https://oss.sonatype.org/content/repositories/releases</url>
            <snapshots>
                  <enabled>false</enabled>
            </snapshots>
      </repository>

Acknowledgments

  • This maven plugin uses an excellent Java based implementation - osx-key-chain-java by Conor McDermottroe to access the OSX keychain. This implementation is core to the plugin. Thanks to him for letting me use the same for the plugin.

About

Maven plugin that accesses password from the keychain; sets it as value of given system property for use by other plugins in the same JVM.

Resources

Readme

License

View license
Activity

Stars

4 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages