Hi, I am using command line to pass the mysql clear text password to Liquibase on our AWS EC2 Linux servers. The same password is displayed via ps command. Is there a way to somehow either use encrypted password with Liquibase or hide this password when someone uses “ps -ef” command?
Put the username and password into a liquibase.properties file, then it will not show in a ps.
https://docs.liquibase.com/workflows/liquibase-community/creating-config-properties.html
Thanks. But password in the properties file on disk is in clear text which is still unsafe as it can be read. Is there a way to allow Liquibase to use encrypted password in that file or command line like MySql mask the password given in command line so that in “ps -ef” it shows as all stars?
Permissions on the liquibase.properties file needs to be set appropriately for your needs. As far as I know there is no ability to encrypt the password on the command line.
@liquibase_rah and @daryldoak You should look into using propertyProviderClass provided by Liquibase now - Create and Configure a liquibase.properties File
Some helpful links -
PS: I can’t add more than 2 links so just extract the link. Remove .
