In the following, replace the REPO_NAME value with the natural-language name of your repository, replace REPOSITORY with the domain name (e.g. repo1.maven.org) and replace USERNAME with your repository user.
credentials += {
val Password = """.*password: "([^"]+)".*""".r
var lines: String = ""
val logger = new ProcessLogger {
def info(s: => String) = {}
def error(s: => String) = lines += s
def buffer[T](f: => T): T = f
}
"security find-generic-password -a USERNAME -g" ! logger
val pass = lines split "\n" find { _ startsWith "password" } flatMap { Password.unapplySeq(_) } flatMap { _.headOption }
Credentials(
"REPO_NAME",
"REPOSITORY",
"USERNAME",
pass.get) // throw an exception if it doesn't work
}Place the above contents in a file in the ~/.sbt/0.13/. For example, ~/.sbt/0.13/credentials.sbt.
In order to use this trick, you must manually add your credentials to the OS X Keychain. To do this, open the Keychain Access application (you can find it under /Applications/Utilities/). Select the login keychain and press the + button at the bottom of the window. Enter the following values for the three fields within:
- Item name: natural-language description of your repository
- Account name: your repository username
- Password: your repository password
The password will be encrypted by OS X using your login password to generate a secret key, which is in turn maintained in a secure region of kernel memory. Thus, this represents a truly secure way of managing your repository credentials.
The first time you start SBT after making this change, you will be prompted to allow access to your system keychain. Click Always Allow.