Closed eddiewebb closed 10 years ago
I second this... would love to see this enhancement.
for uploading gems via the gem nexus ....
command that is doable since
all the code comes from the nexus gem. when downloading via gem install ...
or gem update ...
or via bundler that the only way right now is to
add the credential into the url of the server. I guess for that a feature
request to rubygems and bundler could help since that is the place to
implement it.
definitely I will look into the nexus command !!!!
Awesome, thanks @mkristian.
downloading artifacts is less important for us as we only restrict publishing, and leave reads/downloads wide open.
forgot to mention that in case the implementation does need some modification to fit your needs - please let me know since I am not the main user of that feature ;)
Thanks for the change.
Can you provide info around how the new process works?
hoops. I guess I missed the whole cipher part. I will read the maven docu again. will look into it tomorrow.
the only thing it does it to store the credentials in an external file which can be configured.
well, another shot ;) just pushed nexus-1.2.0.gem
please see https://github.com/sonatype/nexus-ruby-support/wiki/Gem-Nexus-Command
or just $ gem nexus --encrypt if you want the credentials stored somewhere else use $ gem nexus --secrets /path/to/file
anything can be reverted anytime ! but encryption always prompts for the master password (unlike the setup of maven settings)
so please give also feedback if you find something done oddly or not working as stated or . . .
time to close - just reopen it if there are problems
We run a central CI server for many teams, and saving passwords in ~/.gem/nexus is a large risk for us as anyone who can push builds to the server can get the password.
I would like a similar approach as the Maven Encryption that uses a secret key to encrypt passwords (rather then base64). The tools should provide no external way to decrypt passwords, but allow it to occur via
gem nexus
operations.http://maven.apache.org/guides/mini/guide-encryption.html