You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@maven.apache.org by "Hans Aikema (Jira)" <ji...@apache.org> on 2021/04/16 18:07:00 UTC

[jira] [Commented] (MRELEASE-1063) Maven release plugin should retain settings.security environment variable for its forked executions of release:prepare and release:perform

    [ https://issues.apache.org/jira/browse/MRELEASE-1063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17324003#comment-17324003 ] 

Hans Aikema commented on MRELEASE-1063:
---------------------------------------

Note that for the release:perform goal a relative path for the environment-variable needs modification for the nested execution inside target/checkout, so for the forked executions it would be better to use the resolved absolute location of the settings-security file

> Maven release plugin should retain settings.security environment variable for its forked executions of release:prepare and release:perform
> ------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: MRELEASE-1063
>                 URL: https://issues.apache.org/jira/browse/MRELEASE-1063
>             Project: Maven Release Plugin
>          Issue Type: Improvement
>    Affects Versions: 2.5.2
>            Reporter: Hans Aikema
>            Priority: Major
>
> While trying to create a build with on-demand local provisioning of the secrets for the technical build-user on the build-slave (removing them directly after their use) I found out the hard way that the Maven-release plugin does not support a custom location for settings-security in the way that is documented at MNG-4853.
> When running
> {{mvn --settings myGeneratedSettings.xml -Dsettings.security=myGeneratedSettings-security.xml -B release:prepare release:perform}}
> The user settings.xml flag is honored (by the fix of MRELEASE-577), but the custom settings-security from the environment variable is lost causing password decryption failures and therefor in the end a release failure when running against a repository that requires authentication.
>  As a workaround one has to change the invocation to
>  either
> {{mvn --settings myGeneratedSettings.xml -Dsettings.security=myGeneratedSettings-security.xml -B release:prepare release:perform -DpreparationGoals="clean verify -Dsettings.security=myGeneratedSettings-security.xml" -Dgoals="deploy site-deploy -Dsettings.security=../../myGeneratedSettings-security.xml"}}
>  or
>  {{mvn --settings myGeneratedSettings.xml -Dsettings.security=myGeneratedSettings-security.xml -B release:prepare release:perform -DpreparationGoals="clean verify -Dsettings.security=myGeneratedSettings-security.xml" -Dgoals="deploy -Dsettings.security=../../myGeneratedSettings-security.xml"}}
> depending on whether there is a site distribution configuration or not.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)