I have a Maven project and want to build it using mvn clean deploy so that the built artifact is deployed into a Nexus repository.
The access data (username and password) for that repository are stored in Jenkins credentials.
I want to call mvn deploy in Jenkins so that the credentials for that Nexus repository are read from Jenkins (not hardcoded in settings.xml).
How can I do it, if I cannot access settings.xml on the Jenkins server?
Update 1:
I created an entry in "Config File Management" (JENKINS_URL/configfiles/index) with following data:
Type: Maven settings.xml
Replace All: Yes
Server ID: myServer
Credentials: Credentials for the Nexus repository
Content:
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>myServer</id>
<username>foo</username>
<password>bar</password>
</server>
</servers>
</settings>
myServer is also used in the pom.xml of the artifact I want to build:
<distributionManagement>
<repository>
<id>myServer</id>
<url>http://nexus.mycompany.com</url>
</repository>
</distributionManagement>
In the configuration of the job, I include those settings as shown below. Nexus settings.xml is the configuration from "Config File Management".
But it does not work -- I get "Forbidden" error when the build attempts to deploy artifacts to Nexus.
Update 2: When I run mvn -X deploy locally with the same credentials as in Jenkins (stored in my local settings.xml), I see following output:
[DEBUG] Failed to decrypt password for server XXX release repository: org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException: java.io.FileNotFoundException: /XXXXXXXXXXXXXXX/.m2/settings-security.xml (No such file or directory)
org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException: org.sonatype.plexus.components.sec.dispatcher.SecDispatcherException: java.io.FileNotFoundException: /XXXXXXXXXXXXXXX/.m2/settings-security.xml (No such file or directory)
at org.sonatype.plexus.components.sec.dispatcher.DefaultSecDispatcher.decrypt(DefaultSecDispatcher.java:121)
at org.apache.maven.settings.crypto.DefaultSettingsDecrypter.decrypt(DefaultSettingsDecrypter.java:107)
at org.apache.maven.settings.crypto.DefaultSettingsDecrypter.decrypt(DefaultSettingsDecrypter.java:63)
at org.apache.maven.internal.aether.DefaultRepositorySystemSessionFactory.newRepositorySession(DefaultRepositorySystemSessionFactory.java:165)
However, the password in settings.xml is not encrypted at all:
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
https://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository/>
<interactiveMode/>
<offline/>
<pluginGroups/>
<servers>
<server>
<id>NEXUS_REPOSITORY_SNAPSHOTS</id>
<username>user</username>
<password>password</password>
</server>
</servers>
<mirrors/>
<proxies/>
<profiles/>
<activeProfiles/>
</settings>
I found a report about similar error here.
You can use the Jenkins config-file-provider plugin ( link: https://plugins.jenkins.io/config-file-provider/ ) to create one or several Maven settings.xml files.
NOTE: Really this helps also if you need differents settings.xml for
different projects.
Then on the maven deploy step of your Jenkins project you can select to point to one of the settings.xml files defined ( instead of pointing to the general Jenkins server /.m2/settings.xml )
Related
I'm getting this error when I call any Maven command:
[ERROR] Plugin org.apache.maven.plugins:maven-enforcer-plugin:3.1.0 or one of its dependencies could not be resolved: Failed to read artifact descriptor for org.apache.maven.plugins:maven-enforcer-plugin:jar:3.1.0: Could not transfer artifact org.apache.maven.plugins:maven-enforcer-plugin:pom:3.1.0 from/to central (https://repo.maven.apache.org/maven2): transfer failed for https://repo.maven.apache.org/maven2/org/apache/maven/plugins/maven-enforcer-plugin/3.1.0/maven-enforcer-plugin-3.1.0.pom: Cannot assign requested address: connect -> [Help 1]
Things that I've already checked:
1. Windows Firewall is not blocking outbound/inbound requests
2. Not behind any proxy
3. Connected to the internet
4. Settings file credentials and repo url OK <settings>
<servers>
<server>
<id>maven-snapshots</id>
<username>dummy-username</username>
<password>dummy-pwd</password>
</server>
<server>
<id>maven-releases</id>
<username>dummy-username</username>
<password>dummy-pwd</password>
</server>
</servers>
<activeProfiles>
<activeProfile>local</activeProfile>
</activeProfiles>
<profiles>
<profile>
<id>local</id>
<repositories>
<repository>
<id>maven-releases</id>
<url>https://dev-repo.tech5-sa.com/repository/maven-releases/</url>
</repository>
</repositories>
</profile>
</profiles>
</settings>
5. Can access repo using browser
6. Cleaned caches
This was also happening with Gradle - this: Cannot assign requested address: connect - , before I switch the project to be under Maven control, so I'm guessing, some configuration in the machine (Machine is new).
Java version: 11.0.16
Apache Maven 3.8.7
IntelliJ IDEA 2022.3.1
Build #IC-223.8214.52, built on December 20, 202
Can anyone give me some hints ?
Thank You for your time.
Leo
I have a maven project with a few custom dependencies that reside on a private repository. I'm attempting to create a docker image based on one of the maven images with these dependencies pre-loaded into the local maven repository.
Dockerfile
FROM maven:3.8.6-openjdk-11-slim
COPY settings-docker.xml /usr/share/maven/ref/
COPY bom.xml /tmp
RUN mvn -B -f /tmp/bom.xml -s /usr/share/maven/ref/settings-docker.xml dependency:resolve
settings-docker.xml
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
https://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository>/usr/share/maven/ref/repository</localRepository>
<mirrors>
<mirror>
<id>Mirror of Private Repo</id>
<mirrorOf>Private Repo</mirrorOf>
<name>allows http</name>
<url>http://here.it.is/repository/</url>
</mirror>
</mirrors>
</settings>
bom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>org.myproject</groupId>
<artifactId>bom</artifactId>
<packaging>pom</packaging>
<version>1.0</version>
<repositories>
<repository>
<id>Private Repo</id>
<url>http://here.it.is/repository/</url>
</repository>
</repositories>
<dependencies>
<dependency>
<groupId>codec</groupId>
<artifactId>codec</artifactId>
<version>1.10.0.</version>
</dependency>
</dependencies>
</project>
I followed the instructions from the official maven image on using /usr/share/maven/ref/repository for preloaded dependencies. The image builds successfully and when I start it I can see my dependency in both /usr/share/maven/ref/repository and in /root/.m2/repository.
Despite this when I run maven, it will always attempt to connect to my private repository. Is this some maven behavior I don't know about or is it ignoring my repository?
I believe you have faced with "enhanced local repository manager" feature:
Enhanced local repository manager is built upon the classical Maven
2.0 local repository structure but additionally keeps track of from what repositories a cached artifact was resolved. Resolution of
locally cached artifacts will be rejected in case the current
resolution request does not match the known source repositories of an
artifact, thereby emulating physically separated artifact caches per
remote repository.
For example:
% cat ~/.m2/repository/org/springframework/spring-core/5.3.9/_remote.repositories
#NOTE: This is a Maven Resolver internal implementation file, its format can be changed without prior notice.
#Wed Mar 16 08:49:28 AEDT 2022
spring-core-5.3.9.pom>internal-repository=
spring-core-5.3.9.pom>central=
spring-core-5.3.9.jar>central=
spring-core-5.3.9.jar>internal-repository=
You may either disable that feature via specifying -llr in maven opts or investigate how force maven to use the same "repository id" in different scenarios.
I am trying to publish third-party private package directly to my Azure Artifacts feed with mvn deploy:deploy-file command like this:
mvn deploy:deploy-file -Dpackaging="jar" -DrepositoryId="PXXXXX-inccoming" -Durl="https://pkgs.dev.azure.com/XxxXxxxXxxx/XxxXxx/_packaging/PXXXXX-incoming/maven/v1" -DgroupId="pl.group.id" -DartifactId="artifact" -Dversion="0.0.2" -Dfile="C:\path\pl\group\id\0.0.2\artifact-0.0.2.jar"
But I am getting strange error:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy-file (default-cli) on project CAST_2015: Failed to deploy artifacts: Could not transfer artifact pl.group.id:artifact:jar:0.0.2 from/to PXXXXX-inccoming (https://pkgs.dev.azure.com/XxxXxxxXxxx/XxxXxx/_packaging/PXXXXX-incoming/maven/v1): Transfer failed for https://pkgs.dev.azure.com/XxxXxxxXxxx/XxxXxx/_packaging/PXXXXX-incoming/maven/v1/pl/group/id/artifact/0.0.2/artifact-0.0.2.jar 401 Unauthorized ProxyInfo{host='proxy-host', userName='null', port=8080, type='http', nonProxyHosts='null'}
The provided user has full access for packaging in Azure.
Both proxy and server settings are actually in my setting.xml file.
What am I doing wrong?
Azure Artifacts deploy packages
When we receiving a 401 it is because maven is sending the wrong login credentials, or no credentials at all.
To resolve this issue, please add the following configuration to the <servers>...</servers> configuration node in the maven setting configuration file:
<server>
<id>releases</id>
<username>admin</username>
<password>admin123</password>
</server>
<server>
<id>snapshots</id>
<username>admin</username>
<password>admin123</password>
</server>
</servers>
Note:
The id configured in setting.xml must be the same as the id
configured in pom.xml.
If you try to publish something to a releases repository and that
version already exists in the repository
If it not work for you, please check below thread for some more details:
Why am I getting a "401 Unauthorized" error in Maven?
I have used this article (https://gist.github.com/fernandezpablo85/03cf8b0cd2e7d8527063) for creating a custom maven repo, and it works. But now I have a problem with a private repo. How can I specify credentials for the private repo?
You can set in .m2/settings.xml file
Like This:
<settings>
<servers>
<server>
<id>private-repo</id>
<username>xyz</username>
<password>${pass}</password>
</server>
</servers>
</settings>
And in pom.xml:
<project>
...
<repositories>
<repository>
<id>private-repo</id>
<url>${private-repo.url}</url>
</repository>
</repositories>
...
</project>
A settings.xml file is usually found in a couple of places:
Global settings in Mavens home directory: ${maven.home}/conf/settings.xml
User settings in the user’s home: ${user.home}/.m2/settings.xml
If both files exist, their contents are merged. Configurations from the user settings take precedence.
If your settings doesn't apply you can try to override the default settings.xml file location by adding --settings flag to your mvn ... command.
sources:
https://www.baeldung.com/maven-settings-xml#settings-level
https://www.baeldung.com/maven-settings-xml#3-override-the-default-location
I have auto-generated java code I want to deploy in our maven repo. The generated code has a pom.xml without the repo info. I what to know if I can deploy the complete maven project in my repo without touching the pom. And by complete maven project, I mean not only the final jar using the file-deploy maven command.
The repo has security enabled and requires usr/pass
I found a way. You need to add the server to the settings file as following:
<servers>
<server>
<id>my-server</id>
<username>user</username>
<password>pass</password>
</server>
</servers>
then I deploy using the following maven command (replacing <url> for the target repo):
mvn deploy -D"altDeploymentRepository=my-server::default::<url>"