[PLUG] password in clear text in ant
Carlos Konstanski
ckonstanski at pippiandcarlos.com
Sun Jun 3 23:29:17 UTC 2007
On Sun, 3 Jun 2007, tkubaska at charter.net wrote:
> Date: Sun, 3 Jun 2007 16:04:14 -0700
> From: tkubaska at charter.net
> Reply-To: "General Linux/UNIX discussion and help; civil and on-topic"
> <plug at lists.pdxlinux.org>
> To: PLUG <plug at lists.pdxlinux.org>
> Subject: [PLUG] password in clear text in ant
>
> I've been working on an automated build system and I need to ftp results to a project server. This is working, but I'm not happy with the solution I got and wanted to know what more experienced people do.
>
> I run cruisecontrol with an <antpublisher/> which calls an ant file with a target that looks like the following. Note that I list my password in clear text in the ant file. Storing the password in ths antfile bothers me (not my real password BTW).
>
> <target name="deploy" depends="init">
> <ftp server="halibut" binary="true" verbose="true"
> userid="ted" password="tedsSecretPassword" remotedir="${xferlocation}" >
> <fileset dir="${output}">
> <include name="**/*.zip"/>
> </fileset>
> </ftp>
> </target>
>
> -ted
Sadly, this is the model Oracle seems to prefer.
Two ideas. The first one is the better, simpler choice. The second
one is more far-fetched.
You could use <scp/> along with authorized keys. The administrator on
the remote host end would have control over who connects, since they
have the power to add and remove public keys. No password would be
required.
Maybe mount the remote resource locally? Perhaps you could change the
remote repository over from ftp to webdav, and then use davfs2/cadaver
to mount the resource to the local filesystem. This would put the
security tokens in the hands of root. Or, if the remote host is in
the local network, perhps nfs is good enough.
Carlos Konstanski
More information about the PLUG
mailing list