After the recent security fixes in Gradle 5.6.2+, we're unable to use global plugin management in init.gradle script.
The section, which is described in the Gradle documentation does not provide any help about using Nexus server requiring authentication.
The workaround I've found is following: I had to manually hardcode credentials inside of the script even though the nexusUsername and nexusPassword is already defined in gradle.properties.
allprojects {
repositories {
mavenLocal()
maven {
url "https://nexus-repo-requiring-auth/"
credentials {
username nexusUsername
password nexusPassword
}
}
}
settingsEvaluated { settings ->
settings.pluginManagement.repositories {
//This is a workaround, because the global properties are not available here
def localNexusUsername = "nexusUser1"
def localNexusPassword = "nexusPass1"
maven {
url "https://nexus-repo-requiring-auth/"
credentials {
username localNexusUsername
password localNexusPassword
}
}
}
}
Is there a way, how to read global variables inside of the settingsEvaluated block? Or any other way to define the plugin repository?
It's not a solution, but a different work-around. I found that if I defined my plugin repositories in the settings.gradle file it was able to read the variables:
pluginManagement {
repositories {
maven {
authentication {
basic(BasicAuthentication)
}
url "https://artifactory.redacted.com/gradle-plugins-mirror/"
credentials {
username "$artifactory_user"
password "$artifactory_password"
}
}
}
}
This worked better for me as we add the ~/.gradle/init.gradle file for each user, so everyone uses the same internal mirors.
Related
My private repo which is loaded from bintray used for all projects and needs credentials:
allprojects {
jcenter()
repositories {
maven {
url "http://myurl.bintray.com/sdk"
credentials {
username 'JohnDoe'
password 'somePassword'
}
}
}
}
What's the best way to hide them?
Is it possible without creating new instance of Properties?
Properties properties = new Properties()
properties.load(project.rootProject.file('local.properties').newDataInputStream())
One way to do it is to set properties in the user specific file $HOME/.gradle/gradle.properties:
thePassword=somePassword
and in the build.gradle file:
credentials {
username 'JohnDoe'
password thePassword
}
Repositories{
maven{
name='tomRepo'
url=''
credentials(PasswordCredentials)
}
}
run a command in the console like this
./gradlew build --refresh-dependecies -PtomsRepoUsername=aws -PtomRepoPassword=$TOMS_REPO_PASSWORD
I'd like to be able to define a repository in settings (ideally user gradle.properties)
The end goal is something like this:
repositories {
mavenCentral() // Can't/don't want to use this
nexusCentral() // Can use these - on network Nexus server
nexusSnapshot()
}
How would I go about doing this? Again, this would go in the user-level gradle.properties file ideally, so we don't have to reference it in every single module.
This is just a plain maven style artifact repository provided by Maven, the manual way would be:
maven {
url "http://path/to/nexus"
}
One other requirement is the use of the "publish" task, which has credentials defined for a repository (that Jenkins uses to publish the module):
publishing {
...
maven {
url "http://path/to/nexus"
// Jenkins provides these as -P Gradle parameters.
credentials {
username = "${uploaderUser}"
password = "${uploaderPassword}"
}
}
These credentials would not be known to regular users, but would ideally be configured in Jenkin's gradle.properties. We wouldn't want users builds to fail because they can't resolve the credentials - they would never even use the "publish" task.
You can use somenthing like this:
maven {
credentials {
username getCredentialsMavenUsername()
password getCredentialsMavenPassword()
}
url 'xxxxx'
}
/**
* Returns the credential username used by Maven repository
* Set this value in your ~/.gradle/gradle.properties with CREDENTIALS_USERNAME key
* #return
*/
def getCredentialsMavenUsername() {
return hasProperty('CREDENTIALS_USERNAME') ? CREDENTIALS_USERNAME : ""
}
/**
* Returns the credential password used by Maven repository
* Set this value in your ~/.gradle/gradle.properties with CREDENTIALS_PASSWORD key
* #return
*/
def getCredentialsMavenPassword() {
return hasProperty('CREDENTIALS_PASSWORD') ? CREDENTIALS_PASSWORD : ""
}
If the user hasn't the credentials the script doesn't fail.
Not sure if that answers your question, but you can put this in the gradle.properties file:
nexusUrl=http://path/to/nexus
and do this in the build.gradle:
maven {
url project.property(nexusUrl)
}
EDIT:
regarding your credentials, all you should need is something like
if (project.hasProperty('uploaderUser') && project.hasProperty('uploaderPassword')) {
credentials {
username = project.property('uploaderUser')
password = project.property('uploaderPassword')
}
}
Solved this issue by replacing jcenter() in Project/andoird/build.gradle with maven { url 'http://nexusUrl' } under buildscript and allprojects:
buildscript {
repositories {
google()
maven { url 'http://nexusUrl' }
}
dependencies {
classpath 'com.android.tools.build:gradle:3.2.1'
}
}
allprojects {
repositories {
google()
maven { url 'http://nexusUrl' }
}
}
and in fluttersdk/packages/flutter_tools/gradle/flutter.gradle replaced jcenter with maven { url 'http://nexusUrl' } under buildscript:
buildscript {
repositories {
google()
maven { url 'nexusUrl' }
}
dependencies {
classpath 'com.android.tools.build:gradle:3.2.1'
}
}
is it possible put the repositories configuration in {gradle_home_user}/gradle.properties instead in {project}/build.gradle?
Something like this:
build.gradle
repositories {
maven {
url "maven_url"
credentials {
username = "user"
password = "password"
}
}
}
gradle.properties
repositories.maven.url=maven_url
repositories.maven.credentials.username=user
repositories.maven.credentials.password =password
Yes it is possible. But the property names with dots will need to be accessed using the following notation ${project["my.prop.name"]}. Instead I would recommend using underscores for property separators instead. These can be accessed simply by using ${my_prop_name}.
build.gradle
repositories {
maven {
url "${repositories_maven_url}"
credentials {
username = "${repositories_maven_credentials_username}"
password = "${repositories_maven_credentials_password}"
}
}
}
gradle.properties
repositories_maven_url=maven_url
repositories_maven_credentials_username=user
repositories_maven_credentials_password=password
I'm trying to migrate from using Ivy to using the Aether resolver in a Grails 2.4 project.
The issue I am having is in relation to externalising the credentials. Info related to this can be found in the Grails manual here: http://grails.org/doc/latest/guide/conf.html#dependencyRepositories
There doesn't seem to be a documented way to externalise the credentials for using Maven the way you could with Ivy.
With Ivy I could place something like this into my .grails/settings.groovy file:
grails.project.ivy.authentication = {
credentials {
realm = "My Repo"
host = "repo.mycustomrepo.com"
username = "user"
password = "password"
}
}
To use Aether, I'm forced to place the credentials block directly in my BuildConfig.groovy like so:
repositories {
inherits true // Whether to inherit repository definitions from plugins
grailsPlugins()
grailsHome()
mavenLocal()
grailsCentral()
mavenCentral()
mavenRepo("http://repo.mycustomrepo.com") {
//Add authentication details to repository connection
auth([
username: 'user',
password: 'password'
])
}
}
Unfortunately this is really problematic for me, as within my organisation we use Artifactory which is configured to use our LDAP credentials. This is a problem because I don't want to be committing my credentials in source control.
Is there an undocumented solution for this or does Grails simply not support it?
Define your repo with an id:
mavenRepo(id:'myrepo', url:"http://localhost:8085/artifactory/libs-release-local/")
Then define your credentials in ~/.grails/settings.groovy using the previously specified id:
grails.project.dependency.authentication = {
credentials {
id = "myrepo"
username = "foo"
password = "bar"
}
}
I've configured gradle build to use our company's nexus repo but maven does not seem to be able to authorized correctly - I keep getting erros such as
Failed to get resource: HEAD. [HTTP HTTP/1.1 401 Authorization Required: https://maven.gooddata.com/nexus/content/repositories/gooddata/org/codehaus/groovy/groovy-all/2.0.4/groovy-all-2.0.4.pom]
Strangely enough, the deploying to the same nexus repo (via mavenDeployer) is working seamlessly.
Below is part of my build script related to the maven repo configuration (maven_user and maven_password are defined in ~/.gradle/gradle.properties).
apply plugin: 'maven'
ext {
repos = [
my : "<my_repo_url>",
my_snapshot : "<my_snapshots_repo_url>"
]
}
repositories {
mavenLocal()
maven {
url repos.my
credentials {
username = maven_user
password = maven_password
}
}
maven {
url repos.my_snapshot
credentials {
userName = maven_user
password = maven_password
}
}
mavenCentral()
maven { url "http://repository.codehaus.org/" }
maven { url "http://sardine.googlecode.com/svn/maven" }
maven { url "http://snapshots.repository.codehaus.org" }
}
uploadArchives {
repositories.mavenDeployer {
repository(url : repos.my) {
authentication(userName : maven_user, password : maven_password)
}
snapshotRepository(url : repos.my_snapshot) {
authentication(userName : maven_user, password : maven_password)
}
}
}
Any suggestions what's going on?
Your username property is capitalized wrongly and you should leave out the '=' sign with the username and password setting. Changing your repository definition to the following should solve your problems:
maven {
url repos.my
credentials {
username maven_user
password maven_password
}
}
Thread is a bit old now, but just wanted to highlight a gotcha I had when following the above .. my admin had created a password with both a single and double quote in, which resulted in a similar 401