sbt:publish - Do I really need to include credentials in my repo?

I've looked at the example on how to integrate sbt:publish as part of the pipelines you offer 

JfrogDev/sbt-example

One thing that disurbs me is the need to have the credentials inlined in the repo.

This means that anyone with access to the repo can perform the publish operation from their laptop. For obvious reasons it's rather undesirable to allow anyone to push code to the binary repo. 

With sbt one normally uses the ~/.ivy2/.credentials file to contain the credentials needed to push binaries to e.g. Artifactory.
Using e.g. Jenkins one configures the user running Jenkins with the correct access rights thus only the Jenkins user/process is allowed to push binaries.

Is there no way as admin of a project/repo I can set the credentials outside the repo to be used by the build pipeline?

0 answers

Suggest an answer

Log in or Sign up to answer
How to earn badges on the Atlassian Community

How to earn badges on the Atlassian Community

Badges are a great way to show off community activity, whether you’re a newbie or a Champion.

Learn more
Community showcase
Posted Jun 12, 2018 in Bitbucket

Do you use any Atlassian products for your personal projects?

After spinning my wheels trying to get organized enough to write a book for National Novel Writing Month (NaNoWriMo) I took my affinity for Atlassian products from my work life and decided to tr...

25,798 views 26 12
Join discussion

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you