Where to save the setting-security.xml file to use Maven encryption?

Question

We are using TeamCity 9.1 and the default bundled Maven version 3.0.5

In the build, we are using Maven to interact with a Nexus server.

We would like to encrypt the password in the Maven settings.xml file as described in this article: http://maven.apache.org/guides/mini/guide-encryption.html

This requires a settings-security.xml file which should be in the same folder as the Maven settings.xml one. The setting.xml file is saved in TeamCity, and deployed to the server as a custom "User settings selection" file - so I don't know where it is being deploy to on the agent.

Where should we save the settings-security.xml file ? Should this be manually deployed to all the agents? and if so, in which folder should it be? (We have both Windows and Linux agents)

I'm not sure what is the best practice to use an encrypted Maven password in TeamCity, so I'd appriciate any help.

Thanks

Answer 1

"I don't know where it is being deploy to on the agent" .. You can find this within the build log output .. Just search for settings.. With User settings file, they are typically stored in a temp directory in the build agent.

When you attempt to encrypt your password using (as per the encryption guide):

mvn --encrypt-password my_password

It expects to find: settings-security.xml; if this isn't present you will get.

[ERROR] Error executing Maven.
[ERROR] java.io.FileNotFoundException: /home/krbuild/.m2/settings-security.xml (No such file or directory)
[ERROR] Caused by: /home/krbuild/.m2/settings-security.xml (No such file or directory)

So the security file needs to be stored on each agent on which you intend to run your build configuration (not in VCS). There is still no dedicated support for this feature; see TW-39595

The work around would be to set an agent property, e.g.

path.to.maven.security=/path/to/file/security-settings.xml

Then refer to it in your Maven build step:

-Dsettings.security=%path.to.maven.security%