First of all, I'm entirely new to Maven.
I've imported a big complex maven project to IntelliJ. It contains multiple pom.xml, and it also depends on another local project (that I've already imported and works well).
The import process went well; on IntelliJ, nothing is red underlined. It seems to find every dependency (whether local or not). However when I try to build the .jar of one of the project via the Maven menu:
I get this output:
/Library/Java/JavaVirtualMachines/jdk1.8.0_161.jdk/Contents/Home/bin/java -Dmaven.multiModuleProjectDirectory=/Users/bastiannanchen/Programmation/Backend/backend/Reconfigure "-Dmaven.home=/Applications/IntelliJ IDEA.app/Contents/plugins/maven/lib/maven3" "-Dclassworlds.conf=/Applications/IntelliJ IDEA.app/Contents/plugins/maven/lib/maven3/bin/m2.conf" "-javaagent:/Applications/IntelliJ IDEA.app/Contents/lib/idea_rt.jar=62186:/Applications/IntelliJ IDEA.app/Contents/bin" -Dfile.encoding=UTF-8 -classpath "/Applications/IntelliJ IDEA.app/Contents/plugins/maven/lib/maven3/boot/plexus-classworlds-2.5.2.jar" org.codehaus.classworlds.Launcher -Didea.version=2018.3.4 compile
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building Reconfigure 3.3.0
[INFO] ------------------------------------------------------------------------
[WARNING] The POM for <local_project> is missing, no dependency information available
[...]
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.276 s
[INFO] Finished at: 2019-02-12T11:08:44+01:00
[INFO] Final Memory: 10M/309M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal on project Reconfigure: Could not resolve dependencies for project <project_name> The following artifacts could not be resolved: <local_project> [...]
[...]
Do you know how to resolve this problem? I suppose I'm not proceeding correctly with the building process, but I am having a hard time to find an answer on the internet.
Thanks!
UPDATE
The structure of the project in summary:
├── backend
│ ├── project_1
│ ├── project_2
│ ├── project_3
│ └── project_4
└── utils
├── project_utils_1
├── project_utils_2
└── project_utils_3
I'm trying to build, e.g., the project_2 that has dependencies with all the projects in backend and some projects in utils.
I finally find a way to build the .jar file. Before building the package, I needed to use the Maven install plugin for the dependencies. FYI The Install Plugin is used during the install phase to add artifact(s) to the local repository.
Thank you to everybody that tried to help me :)
Related
A vulnerability scan highlighted the presence of Maven JARs in the Docker image for our Quarkus app which surprised me. These are being picked up from quarkus-app/lib/main. Running mvn quarkus:dependency-tree shows the route by which they're getting included:
[INFO] --- quarkus-maven-plugin:2.2.3.Final:dependency-tree (default-cli) # my-app ---
[INFO] Quarkus application PROD mode build dependency tree:
[INFO] my-group:my-app:pom:1.x-SNAPSHOT
...
[INFO] ├─ io.quarkus:quarkus-undertow-deployment:jar:2.2.3.Final (compile)
...
[INFO] │ ├─ io.quarkus:quarkus-core-deployment:jar:2.2.3.Final (compile)
...
[INFO] │ │ ├─ io.quarkus:quarkus-bootstrap-core:jar:2.2.3.Final (compile)
...
[INFO] │ │ │ ├─ io.quarkus:quarkus-bootstrap-maven-resolver:jar:2.2.3.Final (compile)
[INFO] │ │ │ │ ├─ org.apache.maven:maven-embedder:jar:3.8.1 (compile)
Again, I was surprised to see that it was pulling in deployment JARs as, based on my limited understanding, I would have not expected these to be needed at runtime for a non-mutable production app.
EDIT: The POM just references the extension and then there is a parent POM that references the Quarkus BOM.
<dependency>
<groupId>io.quarkus</groupId>
<artifactId>quarkus-undertow</artifactId>
</dependency>
If the deployment JARs are needed, why, and, if not, is there a way to exclude them?
As #Ladicek suggested, the cause of this issue was that one of dependencies was referencing the deployment artifact directly (just not the one I posted in the question!). This was then causing the deployment JARs for all of the extensions to be packaged in quarkus-app/lib/main.
Correcting quarkus-logging-json-deployment to quarkus-logging-json fixed the problem.
I have 2 Jenkins shared libraries which contain groovy files to be scanned. Both projects are using the same sonarqube call using maven but in one project the groovy files are scanned, whereas in the other they are not
Sonarqube call
...
String scanCmd = "mvn org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar " +
"-f pom.xml " +
"-Dsonar.branch=%GIT_BRANCH% " +
"-Dsonar.test.inclusions=**/*Test*/** " +
"-Dsonar.exclusions=**/*Test*/** " +
"-Dsonar.skipDesign=true "
bat scanCmd
...
We are using version 5.6.6, if that matters
Sonar scanner config
The sonar configuration is in the parent pom which contains the sonar properties
....
<properties>
<!-- Sonar -->
<sonar.sources>src,vars</sonar.sources>
<sonar.inclusions>**/**</sonar.inclusions>
</properties>
....
Both projects (pom.xml) use the this parent pom i.e. the same sonar properties
Project 1: 0 files indexed
The project structure looks like this:
D:.
│ .gitignore
│ Jenkinsfile
│ pom.xml
│ README.md
│
├───src
│ └───ch
│ └───swisscard
│ └───jenkins
│ └───pipeline
│ └───util
│ PipelineRabbitMQ.groovy
│
└───vars
ciPipeline.groovy
So there are two groovy files which should be scanned but the logfile shows 0 files indexed:
[INFO] Base dir: D:\jenkins\tools\ci-home\workspace\rabbitmq-ci-pipeline_master-2CYM2JXOI6CJM2T4MSNQTNPWY7LRY7PTSC3OG74TSX2Q2WNKXUSQ
[INFO] Working dir: d:\jenkins\tools\ci-home\workspace\rabbitmq-ci-pipeline_master-2CYM2JXOI6CJM2T4MSNQTNPWY7LRY7PTSC3OG74TSX2Q2WNKXUSQ\target\sonar
[INFO] Source paths: src, vars
[INFO] Binary dirs: target/classes
[INFO] Source encoding: UTF-8, default locale: en_US_US
[INFO] Index files
[INFO] Included sources:
[INFO] **/**
[INFO] Excluded sources:
[INFO] **/target/**/*
[INFO] **/*Test*/**
[INFO] **/*Test*/**
[INFO] Included tests:
[INFO] **/*Test*/**
[INFO] 0 files indexed
[INFO] 0 files ignored because of inclusion/exclusion patterns
Project 2: Files properly scanned
The second project structure looks like this:
D:.
│ .gitignore
│ Jenkinsfile
│ pom.xml
├───src
│ └───main
│ │ Utils.groovy
└───vars
checkQualityGate.groovy
defaultBuildApplication.groovy
ciPipeline.groovy
And here the log file indicates that all files were scanned:
[INFO] Load server rules (done) | time=98ms
[INFO] Base dir: D:\jenkins\tools\ci-home\workspace\pipeline_feature_sonar-scan-D6GRAK5PLQOMGCOOH2T6QP6BP4LA6O3LP23UC7VBSSL3RORI4ZXQ
[INFO] Working dir: d:\jenkins\tools\ci-home\workspace\pipeline_feature_sonar-scan-D6GRAK5PLQOMGCOOH2T6QP6BP4LA6O3LP23UC7VBSSL3RORI4ZXQ\target\sonar
[INFO] Source paths: src, vars
[INFO] Source encoding: UTF-8, default locale: en_US_US
[INFO] Index files
[INFO] Included sources:
[INFO] **/**
[INFO] Excluded sources:
[INFO] **/target/**/*
[INFO] **/*Test*/**
[INFO] **/*Test*/**
[INFO] Included tests:
[INFO] **/*Test*/**
[INFO] 5 files indexed
[INFO] 0 files ignored because of inclusion/exclusion patterns
Problem/Question
So apparently both projects have the same configuration and similar structure, however one is scanned and another not. At the moment I don't understand why?
I have checked other topics which did not help me
I do not have the sonar.basedir explicily set, but according to the log the base dir is fine
I had similar issue for my project. I added sonar.scm.exclusions.disabled=true in the sonar properties and the files were indexed and scanned fine.
I have a Jenkins+Nexus installation, and some project there that are automated.
Jenkins deploy the sources and javadocs to nexus in the deploy phase (I am using Maven Release) -- Javadoc could be ok but I don't want to have any sources in Nexus.
I was searching and googling and I don't know how to skip this step.
Thanks a lot
Output from jenkins
[INFO] [INFO]
[INFO] [INFO] --- maven-install-plugin:2.3.1:install (default-install) # projectA ---
[INFO] [INFO] Installing /var/lib/jenkins/jobs/MyBuild/workspace/target/checkout/MyProject/projectA/target/projectA-1227.jar to .../projectA-1227.jar
[INFO] [INFO] Installing /var/lib/jenkins/jobs/MyBuild/workspace/target/checkout/MyProject/projectA/pom.xml to .../projectA-1227.pom
[INFO] [INFO] Installing /var/lib/jenkins/jobs/MyBuild/workspace/target/checkout/MyProject/projectA/target/projectA-1227-sources.jar to .../projectA-1227-sources.jar
[INFO] [INFO] Installing /var/lib/jenkins/jobs/MyBuild/workspace/target/checkout/MyProject/projectA/target/projectA-1227-javadoc.jar to .../projectA-1227-javadoc.jar
[INFO] [INFO]
Try adding : -Darguments="-Dsource.skip=true -Dmaven.javadoc.skip=true"
to your maven release plugin config (Jenkins > your build configuration > Maven release build > Release goals and options
By default this actually does not happen automatically. Most likely you have configured a release profile somewhere in your pom hierarchy that adds the Maven Source Plugin execution.
You could remove that if you never want to use it or otherwise change the release plugin config to use a different profile or skip source creation or invoke the build with parameters to skip as Guilame has answered
I followed the instructions to the letter in this blog post by Sonatype on writing a Maven plugin in Ruby.
When I try running mvn install (Maven 3.0.4), the build is successful, but maven-plugin-plugin cannot find any mojo descriptors:
[INFO] ------------------------------------------------------------------------
[INFO] Building Example Ruby Mojo - firstruby-maven-plugin 1.0-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[WARNING] The POM for org.jruby:jruby:jar:0.9.9 is invalid, transitive dependencies (if any) will not be available, enable debug logging for more details
[INFO]
[INFO] --- maven-plugin-plugin:2.4:descriptor (default-descriptor) # firstruby-maven-plugin ---
[INFO] Using 3 extractors.
[INFO] Applying extractor for language: java
[INFO] Extractor for language: java found 0 mojo descriptors.
[INFO] Applying extractor for language: jruby
[INFO] Extractor for language: jruby found 0 mojo descriptors.
[INFO] Applying extractor for language: bsh
[INFO] Extractor for language: bsh found 0 mojo descriptors.
If I try bumping maven-plugin-plugin version to anything higher than 2.4, the build fails with this error message:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-plugin-plugin:2.5:descriptor (default-descriptor) on project firstruby-maven-plugin: The API of the mojo scanner is not compatible with this plugin version. Please check the plugin dependencies configured in the POM and ensure the versions match. org.apache.maven.tools.plugin.scanner.MojoScanner.populatePluginDescriptor(Lorg/apache/maven/tools/plugin/PluginToolsRequest;)V -> [Help 1]
Here's the output of tree to show that the directory structure is OK:
firstruby-maven-plugin
├── pom.xml
└── src
└── main
└── scripts
└── echo.rb
3 directories, 2 files
Any idea why it's not working?
The Codehaus jruby-maven-plugin seems to have been abandoned 5 years ago. If you're using Maven3, you can try using Maven2 but I'd look at https://github.com/torquebox/jruby-maven-plugins
I'm trying to purge the local repository of a project dependency before launching releasing it in order to make sure every dependency required is on the central repository and is downloaded from it.
In the project folder (containing the pom.xml), I launch the following command:
mvn clean dependency:purge-local-repository -DreResolve=false -Dverbose=true
The project's POM is very simple and just have a declared dependency to junit:junit:3.8.1
The command's output give me:
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building corelib-api 0.1.2-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-clean-plugin:2.4.1:clean (default-clean) # corelib-api ---
[INFO] Deleting d:\Users\fpaillard\git-repositories\TEST_CORELIB\corelib-api\target
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building corelib-api 0.1.2-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- maven-dependency-plugin:2.1:purge-local-repository (default-cli) # corelib-api ---
[WARNING] Missing POM for junit:junit:jar:3.8.1
[INFO] Skipping: corelib-api. It cannot be resolved.
[INFO] Nothing to do for project: test:corelib-api:jar:0.1.2-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 0.953s
[INFO] Finished at: Mon May 14 11:34:40 CEST 2012
[INFO] Final Memory: 6M/15M
[INFO] ------------------------------------------------------------------------
When I look in the local repository (path checked with mvn help:effetive-settings), junit JARs nor POMs are still in .m2/repository/junit/junit/3.8.1 folder.
Isn't dependency:purge-local-repository supposed to delete it?
I don't understand the WARNING of the output above. Why is junit:junit:jar:3.8.1 POM missing? It is still present at .m2/repository/junit/junit/3.8.1/junit-3.8.1.pom
Is the problem related to the INFO line Skipping: corelib-api. It cannot be resolved.? corelib-api is the artifact name of the project I ran mvn dependency:purge-local-repository against.
I know this is old, but I had the same issue, and adding -DactTransitively=false to the command line fixed this issue. I'm unable to tell why it helped, but it did...
I hope this helps.
Looking at the documentation, disabling the actTransitively option causes the purge goal to only purge the dependencies that are named directly by your pom.xml. When it is time for the build, Maven automatically pulls not only your direct dependencies, but all of the TRANSITIVE dependencies down into your local repo as well.
When the purge goal is looking for what to delete, if it finds other dependencies in the dependencies' poms, it transverses those dependencies to figure out the entire tree in your local repository that can be purged. To do this, it at least needs the transitive project's pom.xml. If it cannot find it in the local repo, or if it thinks there might be a more recent version to analyze, it will go to the external repositories to find it.
I don't think it actually tries to download full project content before it starts purging. But since it at least pulls down the projects' pom.xml files, it will complain if it can't find one just like it would if it were resolving dependencies for an actual build.
Besides just preventing Maven from accessing external repositories while purging, another practical reason would be if you have two projects that have the same transitive dependency, and you don't want the purge from one to affect the performance of the other (since the latter will have to download any missing dependencies again).
On the other hand, something to carefully consider is that if you do NOT allow the purge to consider all of the transitive dependencies possible, you stand to leave a set of downstream dependencies sitting in your local repository that you would otherwise have wanted to remove.
I could make a case for saying that the output you are getting is either unnecessary or preventable with another flag like "reportInaccessibleDependencies=false". But unless it is killing your build, I wouldn't say it is anything to worry about.