This plugin provides the ability to create and alter encrypted credential files based on the Kotlin Credentials package.
Add the bintray repository to your plugin management.
// settings.gradle
pluginManagement {
repositories {
gradlePluginPortal()
maven {
url = uri("https://dl.bintray.com/camuthig/maven")
}
}
}
// The remainder of your settings file. Plugin management must be first.
Add the plugin to our build file
// gradle.build.kts
plugins {
id("org.camuthig.credentials") version "0.1.0"
}
The plugin adds a new extension, credentials
// gradle.build.kts
credentials {
masterKeyFile = 'path/to/your/key/file.key'
credentialsFile = 'path/to/your/credentials/file.conf.enc'
}
The plugin extension exposes two functions allow you to access your credentials from within your build process. This can be used, for example, if you need to include database credentials for running migrations in your build system.
flyway {
url = 'jdbc:h2:file:./target/foobar'
// This will throw an error, stopping your build, if it is unable to find the credentials files or the key
user = credentials.getString('sa')
}
Another possible usage would be to help you deploy a package to a code repository, like Bintray, as this package does itself. In this case, it is always possible that you don't have your key accessible, maybe while you are running tests on a CI server for example.
bintray {
// This will print a warning and use "defaultValue" if the files are missing or the key is not defined.
user = credentials.getStringOrElse("bintray.user", "defaultValue")
// THis will default to an empty string if the key cannot be found
key = credentials.getStringOrElse("bintray.key")
}
There are five commands made available through this plugin.
credentialsGenerate
: Create a new credentials/master key pair in the projectcredentialsRekey
: Reencrypt the credentials file using a newly generated keycredentialsUpsert --key=myKey --value=secret
: Add a new key to the credentials file with the given valuecredentialsDelete --key=myKey
Remove the given key from te credentials filecredentialsShow
: Print out the decrypted credentials file