Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow passing sensitive credentials for java_export with environment variables #927

Merged
merged 5 commits into from
Aug 17, 2023
Merged

Allow passing sensitive credentials for java_export with environment variables #927

merged 5 commits into from
Aug 17, 2023

Conversation

thirtyseven
Copy link
Contributor

This PR fixes #679 by allowing users to specify maven_user and maven_pass via environment variable when using maven_publish.

@thirtyseven thirtyseven requested a review from cheister as a code owner July 2, 2023 03:12
shs96c
shs96c reviewed Jul 5, 2023
View reviewed changes
private/tools/java/com/github/bazelbuild/rules_jvm_external/maven/MavenPublisher.java Outdated
Credentials credentials = new BasicAuthCredentials(
getArg(args, "MAVEN_USER", 2),
getArg(args, "MAVEN_PASSWORD", 3)
);

List<String> parts = Arrays.asList(args[4].split(":"));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If the user isn't passing in the user or password on the command line, then the coordinates are likely to be at args position 2, right? Or is it okay because the script it quoting them, so we end up with empty values?

Copy link
Contributor Author

@thirtyseven thirtyseven Jul 5, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, the quoted strings in _TEMPLATE in maven_publish.bzl will ensure the arg positions are consistent even if empty.

shs96c
shs96c approved these changes Aug 17, 2023
View reviewed changes
Copy link
Collaborator

@shs96c shs96c left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry for how long it took me to finish this review. LGTM.

@shs96c shs96c merged commit c960c88 into bazel-contrib:master Aug 17, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shs96c shs96c shs96c approved these changes

@cheister cheister Awaiting requested review from cheister cheister is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

java_export should not generate publisher script with credentials in it
2 participants
@thirtyseven @shs96c