3

我想使用Maven 资源过滤插件在外部为 Android 项目定义敏感配置数据。因此,我创建了一个包含敏感数据的 .properties 文件。它被排除在版本控制之外。

# /.app_config.properties
# Application configuration
#
# Do not add this file to source control.
# The values are read and inserted into source files by Maven.

google.maps.v2.api.key = abc123
api.base.url = https://example.com/api

在 Android 项目中,我在一个单独的 .xml 文件中管理所有敏感数据:

<!-- /res/values/app_config.xml -->
<?xml version="1.0" encoding="utf-8"?>
<resources>    
  <string name="config_google_maps_v2_api_key">ENTER_YOUR_GOOGLE_MAPS_V2_API_KEY_HERE</string>
  <string name="config_base_url">ENTER_YOUR_SERVER_URL_HERE</string>
</resources>

对于 Maven,我创建了另一个 .xml 文件,它告诉在构建 .apk 时应该替换哪些字符串:

<!-- /filteres-res/app_config.xml -->
<?xml version="1.0" encoding="utf-8"?>
<resources>    
  <string name="config_google_maps_v2_api_key">${google.maps.v2.api.key}</string>
  <string name="config_base_url">${api.base.url}</string>
</resources>

pom.xml以下是Maven 过滤的相关部分:

<!-- /pom.xml -->
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" 
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
         http://maven.apache.org/maven-v4_0_0.xsd">
  <modelVersion>4.0.0</modelVersion>

  <!-- Sure there is more configuration here -->

  <build>
    <finalName>${project.artifactId}</finalName>
    <sourceDirectory>src</sourceDirectory>
    <filters>
      <filter>${project.basedir}/.app_config.properties</filter>
    </filters>
    <resources>
      <resource>
        <directory>${project.basedir}/filtered-res</directory>
        <filtering>true</filtering>
        <targetPath>${project.basedir}/res/values/</targetPath>
        <includes>
          <include>**/*.xml</include>
        </includes>
      </resource>
      <resource>
        <directory>${project.basedir}/filtered-res</directory>
        <filtering>false</filtering>
        <excludes>
          <exclude>**/*.xml</exclude>
        </excludes>
      </resource>
    </resources>
    <pluginManagement>
      <plugins>
        <plugin>
          <groupId>com.jayway.maven.plugins.android.generation2</groupId>
          <artifactId>android-maven-plugin</artifactId>
          <version>${android-maven-plugin.version}</version>
          <extensions>true</extensions>
        </plugin>
        <plugin>
          <groupId>org.apache.maven.plugins</groupId>
          <artifactId>maven-compiler-plugin</artifactId>
          <version>${maven-compiler-plugin.version}</version>
          <configuration>
            <compilerArgument>-Xlint:deprecation</compilerArgument>
            <!-- <resourceDirectory>${project.build.directory}/filtered-res</resourceDirectory> -->
          </configuration>
        </plugin>
      </plugins>
    </pluginManagement>
    <plugins>
      <plugin>
        <groupId>com.jayway.maven.plugins.android.generation2</groupId>
        <artifactId>android-maven-plugin</artifactId>
        <configuration>
          <sdk>
            <platform>${sdk.platform}</platform>
          </sdk>
          <undeployBeforeDeploy>true</undeployBeforeDeploy>
        </configuration>
      </plugin>
      <plugin>
        <artifactId>maven-resources-plugin</artifactId>
        <version>${maven-resources-plugin.version}</version>
        <executions>
          <execution>
            <phase>initialize</phase>
            <goals>
              <goal>resources</goal>
            </goals>
          </execution>
          <execution>
            <id>default-resources</id>
            <phase>DISABLED</phase>
          </execution>
        </executions>
      </plugin>
    </plugins>
  </build>

</project>

问题是敏感数据实际上是写入/res/values/app_config.xml而不是仅写入构建。这是构建后文件的样子:

<!-- /res/values/app_config.xml -->
<?xml version="1.0" encoding="utf-8"?>
<resources>    
  <string name="config_google_maps_v2_api_key">abc123</string>
  <string name="config_base_url">https://example.com/api</string>
</resources>
4

2 回答 2

2

所描述的效果是由targetPath您的资源规范中创建的,它过滤源文件并在之后覆盖它。

以下两种配置都会将过滤后的资源复制到构建文件夹中:

<resources>
  <resource>
    ...
    <!-- following defines a replacement target in the source part -->
    <targetPath>${project.basedir}/res/values/</targetPath>
    ...
</resource>

或者你正确定义它

<resources>
  <resource>
    ...
    <targetPath>${project.build.directory}/res/values/</targetPath>
    ...
</resource>

但这不会创建正确的 apk,因为com.jayway.maven.plugins.android.generation2:android-maven-plugin不会使用构建文件夹中的文件。

作为结论,我们可以说,没有办法使用资源过滤器和com.jayway.maven.plugins.android.generation2:android-maven-plugin. 可能会替换创建的未签名 apk 中的 xml 文件,或者您在构建后将 xml 文件替换为原始文件。

于 2013-09-30T10:37:50.757 回答
0

在 Android Maven 插件中,您可以设置它应该从哪里读取资源文件,因此在您的 pom 中,您将拥有如下内容:

  <plugin>
    <groupId>com.jayway.maven.plugins.android.generation2</groupId>
    <artifactId>android-maven-plugin</artifactId>
    <configuration>
      <sdk>
        <platform>${sdk.platform}</platform>
      </sdk>
      <undeployBeforeDeploy>true</undeployBeforeDeploy>
      <resourceDirectory>${project.build.directory}/res</resourceDirectory>
    </configuration>
  </plugin>

和:

 <resources>
   <resource>
     ...
     <targetPath>${project.build.directory}/res</targetPath>
     ...
 </resource>

链接:android-maven-plugin 和资源过滤

希望这可以帮助。

于 2013-12-30T14:44:04.760 回答