I need employer authorized SSO to login to jfrog in the browser.
I'm not sure how exactly to enter these credentials in gradle files
I tried installing the jfrog plugin in IntelliJ and adding the URLs in JFrog global configuration, but the test connection failed.
Original repo has
credentials {
username = artifactory_user
password = artifactory_password
}
in settings.gradle and artifactory.gradle
I tried replacing artifactory_user with my SSO username and password with the API key generated in JFrog. Still I get the same error on
Gradle sync failed: Could not install Gradle distribution from "http://employer.jfrog.io/employer/gradle-distribution/gradle-7.0-bin.zip'
Please can anyone help?
I'm not sure how exactly to enter these credentials in gradle files
have you tried gradle.properties or env variable ?
What am using to access mine is this function in gradle.build
String getConfigurationProperty(String envVar, String sysProp, String defaultValue) {
def result = System.getenv(envVar) ?: project.findProperty(sysProp)
result ?: defaultValue
}
and then i have local variable to retrive the values , wither from env variable or gradle.properties
artifactoryUser = getConfigurationProperty("ARTIFACTORY_USER", "artifactoryUser", null)
artifactoryPwd = getConfigurationProperty("ARTIFACTORY_PWD", "artifactoryPwd", null)
where ARTIFACTORY_USER is enviroment var and artifactoryUser is gradle.properties variable .
and my gradle.properties look like this
artifactoryUser=user
artifactoryPwd=pass
make sure to add the gradle.properties to .gitignore if your using on Project level . or use on global level at %USER%/.gradle/gradle.properties if your using windows , $HOME/. gradle/gradle.properties or ( ~/. gradle/gradle.properties ) if your using Linux/ubuntu .
Related
I'm not that experienced with Gradle and are currently running into problems when trying to use the new version catalog feature.
Goal:
Using a Gradle 7.4.2 version catalog, managed in a standalone GIT repository and published to private JFrog artifactory, in a second project.
Every project member's artifactory credentials are already available in $HOME/.gradle/gradle.properties (auto-generated by JFrog) and are supposed to be re-used.
Issue:
according to the current Gradle documentation, a published version catalog is supposed to be defined in settings.gradle(.kts) within any project that wants to use the catalog;
inserting that piece of code results in an error because Gradle has no repository definition available for artifact look-up
therefore, adding a repository definition:
// my settings.gradle.kts
rootProject.name = "catalog-consumer"
dependencyResolutionManagement {
val catalogVersion = "0.1.0"
val artifactoryUri = "..."
val catalogGAV = "..."
repositories{
maven {
url = uri("$artifactoryUri")
credentials {
// TODO: how to access user's local gradle.properties for credentials?
username = "$artifactory_user" // key as generated by JFrog
password = "$artifactory_password" // key as generated by JFrog
}
}
}
versionCatalogs {
create("libs") {
from("$catalogGAV")
}
}
}
now, facing the problem that the user's gradle.properties does not seem to be loaded, yet - but hardcoding credentials is not viable :)
Question:
Is the only option to manually check for and load the user's gradle.properties file?
Originally, when reading the documentation, I assumed that the settings file would probably try to look up existing repository definitions from the project's build.gradle.kts, but that wasn't the case either. If I understand it correctly, the settings file is evaluated before everything else, isn't it?
Manually loading the user's config just seems odd to me, therefore, I wanted to ask whether or not I'm missing a mechanism or lifecycle hook that would take care of this. Also possible that I use the version catalog feature incorrectly :D
Any hints very much appreciated!
See the docs here: https://docs.gradle.org/current/userguide/declaring_repositories.html#sec:handling_credentials
Named repository credentials
If you named the repository and add credentials(PasswordCredentials::class)...
// ./settings.gradle.kts
dependencyResolutionManagement {
repositories {
maven {
name = "mySecureRepository"
credentials(PasswordCredentials::class)
// url = uri(<<some repository url>>)
}
}
}
then Gradle will automatically fetch the username/pass from the first found definition:
Using a command line argument
./gradlew build -PmySecureRepositoryUsername=my-username
environment variables prefixed with ORG_GRADLE_PROJECT_ (this is useful for CI/CD)
ORG_GRADLE_PROJECT_mySecureRepositoryUsername=my-username
ORG_GRADLE_PROJECT_mySecureRepositoryPassword=my-password
$GRADLE_USER_HOME/gradle.properties
mySecureRepositoryUsername=my-username
mySecureRepositoryPassword=my-password
gradle.properties in the project root - obviously don't put credentials in your project!
gradle.properties in the Gradle installation directory
Manual providers
If you need to manually set the property names, then you can define your own providers.
// ./settings.gradle.kts
val artifactoryUser = providers.gradleProperty("artifactory_user")
val artifactoryPassword = providers.gradleProperty("artifactory_password")
dependencyResolutionManagement {
repositories {
maven {
name = "mySecureRepository"
credentials {
username = artifactoryUser.get()
password = artifactoryPassword.get()
}
// url = uri(<<some repository url>>)
}
}
}
Again, then Gradle will fetch these properties from either
$GRADLE_USER_HOME/gradle.properties
artifactory_user=my-username
artifactory_password=my-password
or environment variables
ORG_GRADLE_PROJECT_artifactory_user=myUsername
ORG_GRADLE_PROJECT_artifactory_password=my-password
This is my first attempt at publishing a package on GitHub.
I have set up my project’s build.gradle according to the instructions - the relevant excerpt from the former being:
publishing {
publications {
mavenJava(MavenPublication) {
artifactId = 'moss'
from components.java
}
}
repositories {
maven {
name = "GitHubPackages"
url = "https://maven.pkg.github.com/hansi_b/moss"
credentials {
username = project.hasProperty("GITHUB_ACTOR") ? GITHUB_ACTOR : ""
password = project.hasProperty("GITHUB_REPO_PAT") ? GITHUB_REPO_PAT : ""
}
}
}
}
I am using
my GitHub username as the username (in GITHUB_ACTOR) and
a PAT with the necessary scopes (AFAICS: delete:packages, repo, write:packages) as the password.
Both are set in my ~/.gradle/gradle.properties, and they look right when I do a println from the publish task. I have verified that with the right user name and PAT, I can clone a repo from the command line.
However, when I issue gradle publish, the result is:
Execution failed for task ':publishGprPublicationToMavenRepository'.
> Failed to publish publication 'mavenJava' to repository 'GitHubPackages'
> Could not PUT 'https://maven.pkg.github.com/hansi_b/moss/org/hansi_b/moss/0.2.0/moss-0.2.0.jar'. Received status code 401 from server: Unauthorized
I get the same error if I mess up either the username or the password on purpose. I have retried publishing with a different, private repository, and failed in the same manner.
Is there any way to get further information on what is going wrong? Is there some piece of configuration I am missing?
I’d be grateful for any pointers.
I was in your exactly situation and I resolved removing quotes in my properties file, like that:
//Before
gpr.user="cappee"
gpr.key="key"
//After
gpr.user=cappee
gpr.key=key
I hope you can fix with this advice!
So basically this is what I want, I want to configure the artifactory server in build.gradle file like
Artifcatory {
Contexturl = ***
Resolve{
Repository {
Repokey = **
Username = $artuser
Password= $artpass
}
}
}
And I have put the artuser and artpass in the gradle.properties file in my local machine. But if I try it in Jenkins it will not be able to find the properties artuser and artpass
So currently I have 2 build.gradle file one for local and one for Jenkins which is not having this artifcatory configuration. But configuring it in the build stage. so is there a way I could use only one build.gradle file so that it will work in both cases
I'd suggest using the credentials plugin on Jenkins to manage credentials, and then pass them as environment variables to gradle. That way, there is no need to put the credentials in clear text on the build server.
If you are using declarative Jenkinsfile, you can pass credentials this way (https://jenkins.io/doc/book/pipeline/jenkinsfile/#usernames-and-passwords):
Jenkinsfile:
pipeline {
...
environment {
AUTH = credentials('artifactory-credentials-id') # as configured in the Jenkins web interface
}
...
}
In build.gradle, you can use pick credentials from either gradle.properties for local builds, and environment variables for Jenkins builds:
artifactory {
contextUrl = "..."
resolve {
repository {
repoKey = "..."
username = hasProperty('artusr') ? project.property('artusr') : System.env["AUTH_USR"]
password = hasProperty('artpass') ? project.property('artpass') : System.env["AUTH_PSW"]
}
For local builds it is then possible to put the credentials in ~/gradle.properties:
artusr=my-artifactory_user
artpass=my-secret-password
I want to clone a private repository in my system. I am able to clone a public repo using:
def myrepo = org.ajoberstar.grgit.Grgit.clone(dir:'', uri:'')
but in case of a private repo, I need to provide credentials to clone. I have gone through this link, but the properties given here like Force, Hardcoded are not available in my gradle. So, I am not able to make use of the properties given here.
The following properties are available for me:
org.ajoberstar.grgit.auth.AuthConfig.FORCE_OPTION
org.ajoberstar.grgit.auth.AuthConfig.USERNAME_OPTION
org.ajoberstar.grgit.auth.AuthConfig.PASSWORD_OPTION
and if I give any value to these, I get error Cannot assign value to final fields
Can anybody help with the authentication part?
I am using dependency org.ajoberstar:grgit:1.3.0.
The link you provided clearly states that system properties need to be used to pass appropriate settings.
So you need to run gradle passing all the properties via command line. Assume this is build.gradle file:
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.ajoberstar:grgit:1.3.0'
}
}
task cloneRepo << {
org.ajoberstar.grgit.Grgit.clone(dir: '', uri: '<link to private repo>')
}
Run it with:
gradle cloneRepo -Dorg.ajoberstar.grgit.auth.username=your_username -Dorg.ajoberstar.grgit.auth.password=your_pass -Dorg.ajoberstar.grgit.auth.force=sshagent
One of my project dependencies sits on a private Bintray repo, which requires a username and password to access. Locally, I have these set in my gradle.properties:
bintrayUsername=<myUserName>
bintrayPassword=<myPass>
This works (locally), where hasProperty(X) resolves true and it uses this property:
allprojects {
repositories {
jcenter()
def mahBintrayUsername = hasProperty(bintrayUsername) ? bintrayUsername : System.getenv('bintrayUsername')
def mahBintrayPassword = hasProperty(bintrayPassword) ? bintrayPassword : System.getenv('bintrayPassword')
maven {
credentials {
username mahBintrayUsername
password mahBintrayPassword
}
url 'http://dl.bintray.com/my-repo-org/maven-private'
}
}
}
On Travis, I use secure variables so I don't have to expose these values in my public repo, but with the aim of being able to build directly from my public repo. When the build starts, you can see that the variables are exported:
Setting environment variables from .travis.yml
$ export bintrayUsername=[secure]
$ export bintrayPassword=[secure]
$ export TERM=dumb
...
FAILURE: Build failed with an exception.
* Where:
Build file '/home/travis/build/ataulm/wutson/build.gradle' line: 15
* What went wrong:
A problem occurred evaluating root project 'wutson'.
> Could not find property 'bintrayUsername' on repository container.
* Try:
Run with --stacktrace option to get the stack trace. Run with --info or --debug option to get more log output.
BUILD FAILED
I'm unsure how to reference the exported environment variables in my build.gradle such that they would be found.
I've checked this answer which doesn't seem to work (as above), as well as this comment which results in the same build failure.
The series of commits I've tried can be seen here, with the latest: https://github.com/ataulm/wutson/commit/9331b8d91b4acf11fd3e286ff8ba1a24ed527177
The error is a result of your ternary statement attempting to evaluate bintrayUsername as part of the condition.
The hasProperty() method takes a String argument so you should use hasProperty('bintrayUsername'), instead of hasProperty(bintrayUsername). Doing the latter will attempt to evaluate a property that may not exist, leading to the MissingPropertyException.
Simply remember that trying to evaluate any symbol that doesn't exist will typically result in a MissingPropertyException.
Below an example to define a project property -not a local variable- if it is not defined, by getting the value from the Environment, i.e. where Travis puts your secure variable.
project.ext {
if (! project.hasProperty('some_prop')) {
some_prop = System.getenv('some_prop')
}
}
If you never set it as a property (not using gradle.properties files) and you always want to set it from the environment, just remove the IF part. :)
Note: I wanted a project property so I can use it also to set values in my spring-boot YAML file... both locally and in CI.