Add support for writing credentials in Gradle's build file

[jaferkhan]

Hello people,

This pull request enhances the existing Gradle's build file writer in order to support writing credentials (if provided) for custom repositories. It has been submitted as a response to issue #997

I've also written some test cases to cover my feature.

I would highly appreciate someone's feedback on my pull request and make improvements accordingly.

Thanks,
Jafer

[tgeens]

This PR would allow you to put maven credentials in your build.gradle, but that's not what anyone should be doing!

[jaferkhan]

@tgeens,
I agree that this isn't the correct way to deal with this issue but I might have misunderstood your comment regarding the issue.

The gradle-build-writer can check if there are (non-default) credentials provided and write those to the build.gradle if necessary.

We can choose to pick those credentials from environment variables. So, the credentials class would then have fields that correspond to the environment variables (containing username and password).

Would that be okay to change for this PR?

[tgeens]

Clarification:

• when the credentials object is empty, skip it in the gradle-build-writer.
• when the credentials object is non-empty, write the multi-line repository-definition (like you did in the PR)

What I did not explicitly talk about: the username/password should really not be a literal String. The question is: how can MavenRepositoryCredentials be modeled, so it references a property in gradle

Additionally: this model is shared with the maven-build-writer, so it should make sense there as well! Or can we simply ignore credentials there ?

Disclaimer: I'm not a spring-io/initializr committer, they might not agree with my ideas 😉

[wilkinsona]

Thanks for the PR, @jaferkhan, and for your patience. While working on merging this and polishing it to use property lookups rather than hardcoding the username and password values, I was reminded of Gradle 6.6's built-in support for this.

With this new support, we'd need to name the repository and indicate that it should use password credentials. Gradle will then automatically handle looking up the username and password via properties based on the repository's name. With this support being new in 6.6, we'd need to do something that's equivalent for Gradle 6.5 and earlier. This version-specific writing support complicates things quite a bit and deviates further and further from the code that's been proposed here.

Unfortunately, given the above, I think the best route to implementing this is to close this PR and start over with an approach that uses Gradle's new credential handling support with 6.6 and later and mimics it with earlier versions of Gradle. Thanks anyway for the pull request.