How to secure server/proxy settings in settings.xml in maven?
I assume this is mostly about login and passwords stored there and I assume that those can't be placed placed there explicitly, should they be stored in env variables/etc?
how should example of a secure settings.xml look?
You have 2 options:
1)If you need only use in settings.xml:
Execute:
mvn --encrypt-password <password>
You will get the encrypted password like this:
{COQLCE6DU6GtcS5P=}
You can use this password in you settings.xml:
<settings>
...
<servers>
...
<server>
<id>my.server</id>
<username>foo</username>
<password>{COQLCE6DU6GtcS5P=}</password>
</server>
...
</servers>
...
</settings>
2)If you need to use in multiple uses:
Execute:
mvn --encrypt-master-password <password>
Yo will get the encrypted password like this:
{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}
Store this password in the ${user.home}/.m2/settings-security.xml it should look like:
<settingsSecurity>
<master>{jSMOWnoPFgsHVpMvz5VrIt5kRbzGpI8u+9EF1iFQyJQ=}</master>
</settingsSecurity>