Where to set-up gradle credentials?


#1

Hi,

We are using couple of libraries in our Android app that we are pulling from a private Maven repo. Our credentials are stored into a gradle.properties not in source control for security reasons.

Here’s the build.gradle snippet where we define access to the private repo:

    maven {
        credentials {
            username ARTIFACTORY_USERNAME
            password ARTIFACTORY_PASSWORD
        }
        url 'https://xxxx.artifactoryonline.com/xxxxxxx'
    }

Where can I define ARTIFACTORY_USERNAME and ARTIFACTORY_PASSWORD gradle properties in a safe fashion e.g. without having them live in our repo source code.

Thanks!


#2

Hi,

Thanks for asking this here @antoine-dbr!

I think this should answer your question: Adding/overwriting configuration files (secrets, gitignored, not in repository)

If not, just let us know!

Happy Building! :slight_smile:


#3

Thanks for the fast feedback Viktor.

Solutions in other post may work, especially the one with using a secret env var and decrypting the file in a step after cloning the repo. It would be nice if that was supported out of the box in Bitrise though e.g. have some GRADLE_* env variables (secret or not) that can directly be injected into the build. I could see use cases beyond credentials, could be a server endpoint, etc.

Any plan to add this to the roadmap ? :slight_smile:


#4

We do have this on our roadmap but no ETA yet - feel free to create a #feature-requests for it, to bump its priority! :wink:

It’s already possible, with App Env Vars and Secret Env Vars - those are regular environment variables, so you can use those in your scripts/configs as you would any other env var. E.g. in Gradle you can use

System.getenv("ENV_VAR_KEY")

Example:


#5

Interesting, I was not familiar with the injection via System.getenv(), that would definitely work, thanks again Viktor!


#7

I’m seeing this same behavior now. I have a build job that expands secret variables in this way, using System.getEnv(“ENV_VAR_KEY”). I ran the job once and the call to System.getEnv retrieved the secret variable. I then ran the job a second time and the call to System.getEnv returned null. The build script being run is a Gradle build script in an Android build.

So I’m looking for information that would indicate why System.getEnv would fail sometimes when run in a Gradle build script, and of course more information on how to prevent it.

If anybody has any information that might help … ?

Thanks in advance.


#8

Hi @dexmagic,

Can you please supply a build URL and enable the support user?

Also: can you point to the two builds, where one is successful and the other is failing?