sbt:publish - Do I really need to include credentials in my repo?

I've looked at the example on how to integrate sbt:publish as part of the pipelines you offer 


One thing that disurbs me is the need to have the credentials inlined in the repo.

This means that anyone with access to the repo can perform the publish operation from their laptop. For obvious reasons it's rather undesirable to allow anyone to push code to the binary repo. 

With sbt one normally uses the ~/.ivy2/.credentials file to contain the credentials needed to push binaries to e.g. Artifactory.
Using e.g. Jenkins one configures the user running Jenkins with the correct access rights thus only the Jenkins user/process is allowed to push binaries.

Is there no way as admin of a project/repo I can set the credentials outside the repo to be used by the build pipeline?

0 answers

Suggest an answer

Log in or Sign up to answer
Community showcase
Published Nov 06, 2018 in Bitbucket

Upgrade Best Practices

Hello! My name is Mark Askew and I am a Premier Support Engineer for products Bitbucket Server/Data Center, Fisheye & Crucible. Today, I want to bring the discussion that Jennifer, Matt, and ...

216 views 3 7
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you