kaino / dbdeploy

Automatically exported from code.google.com/p/dbdeploy
0 stars 0 forks source link

Support encrypted database password in the maven plugin #81

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
Currently when using the dbdeploy maven plugin we are required to set the 
password as plaintext in the plugin configuration in the pom.xml. Most 
organizations have policies against checking in files when passwords into 
source control for the right reasons.

What is the expected output? What do you see instead?
Instead we should be able to alternately provide and encrypted password in the 
pom.xml that is decrypted on the fly by the dbdeploy maven plugin and used when 
connecting to the database.

What version of the product are you using? On what operating system?
Applies to all versions on all OSes.

Please provide any additional information below.
I've implemented a solution using the jasypt library. The (d)encryption key is 
passed in via a VM argument such as 

"-DencryptionKey=secretkey" 

and the encrypted password in supplied in the plugin configuration enclosed in 
"ENC()" such as

<password>ENC(G7+yPDK2Ci8fpu9OV67ZNw==)</password>

The patch file is attached. It would be great if we can get an updated version 
of the maven plugin pushed to maven central. So we won't have to maintained our 
in-house version.

Original issue reported on code.google.com by mail.sud@gmail.com on 17 Jun 2014 at 8:19

GoogleCodeExporter commented 8 years ago
[deleted comment]
GoogleCodeExporter commented 8 years ago
Created a pull request that resolves this:

https://github.com/tackley/dbdeploy/pull/11

Original comment by mail.sud@gmail.com on 23 Jun 2014 at 2:40