Add 1Password integration #86
Comments
|
@cstamas Is it possible to not only externalize the master password but all kinds of credentials via some ID based lookup? |
|
Sure, I have no idea about requirements here, but yes, the idea is really just to provide external "sources" for passwords... pinentry and gpp-agent were "simple" (and already done in GPG plugin), but nothing stops us adding more integrations. |
|
The SPI https://github.com/codehaus-plexus/plexus-sec-dispatcher/blob/master/src/main/java/org/codehaus/plexus/components/secdispatcher/Dispatcher.java doesn’t seem to allow that. It is about encrypting/decrypting values, not about lookup. Or do you suggest to implement a Dispatcher which uses external ids as encrypted values and doesn’t support encryption? |
|
Yes, yes, dispatcher does not allow this, as primary goal was to externalize master password (to get rid of master-master-password, and possible master-master-master-password and so on, the turtles). Currently Maven 4 still expects sensitive data to be in effective settings (that is now completely decrypted, so one can encrypt even HTTP headers config and so on). To externalize "all kind of credentials"... we did discuss this with @gnodet : for this we'd need some sort of (new) Maven 4 API Service, but we are not yet there... our primary goal was to "fix" but also improve what Maven 3 did... |
1Password comes with an SDK, Shell Plugins as well as some CLI tools. There should be some description and potentially some glue code to leverage credentials directly from 1Password.
The text was updated successfully, but these errors were encountered: