I want to clone a private repository in my system. I am able to clone a public repo using:
def myrepo = org.ajoberstar.grgit.Grgit.clone(dir:'', uri:'')
but in case of a private repo, I need to provide credentials to clone. I have gone through this link, but the properties given here like Force, Hardcoded are not available in my gradle. So, I am not able to make use of the properties given here.
The following properties are available for me:
org.ajoberstar.grgit.auth.AuthConfig.FORCE_OPTION
org.ajoberstar.grgit.auth.AuthConfig.USERNAME_OPTION
org.ajoberstar.grgit.auth.AuthConfig.PASSWORD_OPTION
and if I give any value to these, I get error Cannot assign value to final fields
Can anybody help with the authentication part?
I am using dependency org.ajoberstar:grgit:1.3.0.
The link you provided clearly states that system properties need to be used to pass appropriate settings.
So you need to run gradle passing all the properties via command line. Assume this is build.gradle file:
buildscript {
repositories {
mavenCentral()
}
dependencies {
classpath 'org.ajoberstar:grgit:1.3.0'
}
}
task cloneRepo << {
org.ajoberstar.grgit.Grgit.clone(dir: '', uri: '<link to private repo>')
}
Run it with:
gradle cloneRepo -Dorg.ajoberstar.grgit.auth.username=your_username -Dorg.ajoberstar.grgit.auth.password=your_pass -Dorg.ajoberstar.grgit.auth.force=sshagent
Related
I'm not that experienced with Gradle and are currently running into problems when trying to use the new version catalog feature.
Goal:
Using a Gradle 7.4.2 version catalog, managed in a standalone GIT repository and published to private JFrog artifactory, in a second project.
Every project member's artifactory credentials are already available in $HOME/.gradle/gradle.properties (auto-generated by JFrog) and are supposed to be re-used.
Issue:
according to the current Gradle documentation, a published version catalog is supposed to be defined in settings.gradle(.kts) within any project that wants to use the catalog;
inserting that piece of code results in an error because Gradle has no repository definition available for artifact look-up
therefore, adding a repository definition:
// my settings.gradle.kts
rootProject.name = "catalog-consumer"
dependencyResolutionManagement {
val catalogVersion = "0.1.0"
val artifactoryUri = "..."
val catalogGAV = "..."
repositories{
maven {
url = uri("$artifactoryUri")
credentials {
// TODO: how to access user's local gradle.properties for credentials?
username = "$artifactory_user" // key as generated by JFrog
password = "$artifactory_password" // key as generated by JFrog
}
}
}
versionCatalogs {
create("libs") {
from("$catalogGAV")
}
}
}
now, facing the problem that the user's gradle.properties does not seem to be loaded, yet - but hardcoding credentials is not viable :)
Question:
Is the only option to manually check for and load the user's gradle.properties file?
Originally, when reading the documentation, I assumed that the settings file would probably try to look up existing repository definitions from the project's build.gradle.kts, but that wasn't the case either. If I understand it correctly, the settings file is evaluated before everything else, isn't it?
Manually loading the user's config just seems odd to me, therefore, I wanted to ask whether or not I'm missing a mechanism or lifecycle hook that would take care of this. Also possible that I use the version catalog feature incorrectly :D
Any hints very much appreciated!
See the docs here: https://docs.gradle.org/current/userguide/declaring_repositories.html#sec:handling_credentials
Named repository credentials
If you named the repository and add credentials(PasswordCredentials::class)...
// ./settings.gradle.kts
dependencyResolutionManagement {
repositories {
maven {
name = "mySecureRepository"
credentials(PasswordCredentials::class)
// url = uri(<<some repository url>>)
}
}
}
then Gradle will automatically fetch the username/pass from the first found definition:
Using a command line argument
./gradlew build -PmySecureRepositoryUsername=my-username
environment variables prefixed with ORG_GRADLE_PROJECT_ (this is useful for CI/CD)
ORG_GRADLE_PROJECT_mySecureRepositoryUsername=my-username
ORG_GRADLE_PROJECT_mySecureRepositoryPassword=my-password
$GRADLE_USER_HOME/gradle.properties
mySecureRepositoryUsername=my-username
mySecureRepositoryPassword=my-password
gradle.properties in the project root - obviously don't put credentials in your project!
gradle.properties in the Gradle installation directory
Manual providers
If you need to manually set the property names, then you can define your own providers.
// ./settings.gradle.kts
val artifactoryUser = providers.gradleProperty("artifactory_user")
val artifactoryPassword = providers.gradleProperty("artifactory_password")
dependencyResolutionManagement {
repositories {
maven {
name = "mySecureRepository"
credentials {
username = artifactoryUser.get()
password = artifactoryPassword.get()
}
// url = uri(<<some repository url>>)
}
}
}
Again, then Gradle will fetch these properties from either
$GRADLE_USER_HOME/gradle.properties
artifactory_user=my-username
artifactory_password=my-password
or environment variables
ORG_GRADLE_PROJECT_artifactory_user=myUsername
ORG_GRADLE_PROJECT_artifactory_password=my-password
I'd like to check if two project properties are set and if not, set them to empty values in order to avoid a build failure. These properties are supposed come from ~/.gradle/gradle.properties (if configured).
The goal is to have credentials to a Maven repository in S3 defined in that local file. Every user has to put his own data there, but I want the build to just output a warning and continue if these are not set. Chances are high it will still be successful even without contacting S3.
I have got it running with Groovy DSL, but I am now switching to Kotlin and I just can't get the syntax right.
This is how ~/.gradle/gradle.properties looks like:
s3AccessKeyId=ABCDEFGHIJKLMNOPQRST
s3SecretKey=abcdefghijklmnopqrstuvwxyz1234567890abcd
And here are the relevant sections of the build.gradle.kts
if (!project.hasProperty("s3AccessKeyId") || !project.hasProperty("s3SecretKey")) {
logger.lifecycle("WARNING: s3AccessKeyId and s3SecretKey not set!")
project.extra["s3AccessKeyId"] = ""
project.extra["s3SecretKey"] = ""
}
repositories {
mavenLocal()
maven {
url = uri("s3://maven-repo.mycompany.com.s3.eu-central-1.amazonaws.com/")
credentials(AwsCredentials::class) {
accessKey = project.extra["s3AccessKeyId"].toString()
secretKey = project.extra["s3SecretKey"].toString()
}
}
}
No matter how I write the s3AccessKeyId="" lines, I am always getting the error:
Cannot get property 's3AccessKeyId' on extra properties extension as it does not exist
If all artifacts are found in the local Maven repository, I expect the build to work, even without gradle.properties. Only if some artifact is missing, the build should abort with some "credentials wrong" error.
As I said, it already worked with Groovy.
For that you need to use the properties attibute which is different from the extra like:
project.properties["s3SecretKey"].toString()
And then you need to have in your gradle.properties:
s3AccessKeyId=ABCDEFGHIJKLMNOPQRST
If the value is not there it might return null so you can do:
(project.properties["s3SecretKey"] ?: "default value").toString()
And it should work
I have a Java project that makes use of Gradle to build and package. My purpose is to create artifacts that are published to Maven Central.
As a first step, I configured my Gradle project as shown in the following example from the documentation:
https://docs.gradle.org/current/userguide/publishing_maven.html#publishing_maven:complete_example
When I run gradle publishToMavenLocal, I get the following files installed in my local repository:
maven-metadata-local.xml
my-library-1.0.2-SNAPSHOT.jar
my-library-1.0.2-SNAPSHOT.jar.asc
my-library-1.0.2-SNAPSHOT-javadoc.jar
my-library-1.0.2-SNAPSHOT-javadoc.jar.asc
my-library-1.0.2-SNAPSHOT.pom
my-library-1.0.2-SNAPSHOT.pom.asc
my-library-1.0.2-SNAPSHOT-sources.jar
my-library-1.0.2-SNAPSHOT-sources.jar.asc
The files are all OK. The only issue I have is that checksum files (md5 and sha1) are not generated. However, checksum files are a requirement to have artifacts deployed on Maven Central via OSS Sonatype.
How can I generate the missing checksum files? It seems the maven-publish or signing plugins do not have an option for this purpose? what is wrong?
The solution I found was to use shadow along with ant.checksum:
tasks.withType(Jar) { task ->
task.doLast {
ant.checksum algorithm: 'md5', file: it.archivePath
ant.checksum algorithm: 'sha1', file: it.archivePath
ant.checksum algorithm: 'sha-256', file: it.archivePath, fileext: '.sha256'
ant.checksum algorithm: 'sha-512', file: it.archivePath, fileext: '.sha512'
}
}
Invoking gradle publishShadowPublicationToMavenLocal will generate the signatures as needed, although won't publish them to ~/.m2.
At first I thought those signatures should have been automatic, so I opened https://github.com/johnrengelman/shadow/issues/718 to discuss.
I thought this was a bug in Gradle and I opened an issue, but as described here this actually mimics mvn install behavior. It sounds like Maven Local works a little different than a Maven Repository.
The proper way to test this locally is to use a file based repository. Since you're only using it to test (and not to actually share things with other projects) I think putting that into the build directory is best. Add the repositories section from below to the publishing block. Then when you ./gradlew publish it will publish to your build directory.
Kotlin
repositories {
maven {
// change URLs to point to your repos, e.g. http://my.org/repo
val releasesRepoUrl = uri(layout.buildDirectory.dir("repos/releases"))
val snapshotsRepoUrl = uri(layout.buildDirectory.dir("repos/snapshots"))
url = if (version.toString().endsWith("SNAPSHOT")) snapshotsRepoUrl else releasesRepoUrl
}
}
Groovy
repositories {
maven {
// change URLs to point to your repos, e.g. http://my.org/repo
def releasesRepoUrl = layout.buildDirectory.dir('repos/releases')
def snapshotsRepoUrl = layout.buildDirectory.dir('repos/snapshots')
url = version.endsWith('SNAPSHOT') ? snapshotsRepoUrl : releasesRepoUrl
}
}
These two samples are actually from the link you shared. It's possible they were added later or you (like me) thought that publishToMavenLocal should behave the same as publish (apart from where the files actually go).
Am very new to Gradle and I wanted to know if there is a way to clone code down from GitLab.
I've looked at the Gradle repository documentation to no avail.
Am supposing it’s something along the lines of the below or am I way off?
repositories {
maven {
url = 'http://central.megacorp.com/main/repo'
credentials {
username 'repouser'
password 'badly-protected-secret'
}
}
}
For clarity the URL am trying to pull from looks something like: https://mysite.com/my-group/my-project.git
Thanks all.
I have a gradle project with several subprojects - all of which I want to be able to publish at once to a local artifactory repository. This is quite happily managed with uploadArchives. However, uploading requires credentials which I don't want to have stored anywhere. I've found several hacky ways of achieving this with setting extra properties as part of the root project and picking them up in subprojects, but it feels like the correct way to do this is something along the lines of:
task getAuth << {
ext {
username = getUsername()
password = getPassword()
}
}
uploadArchives.dependsOn(getAuth)
However, uploadArchives appears to be run before it's dependency, hence the auth is set before username or password is set and the script errors out. This seems like exceedingly unexpected behaviour to me.
Personally I would set username and password in a task action (uploadArchives.doFirst { ... }), but a configuration task should also work. If it doesn't, chances are that something is wrong with the rest of your build script(s). Note that you are setting extra propertiesgetAuth.username and getAuth.password, not project.username and project.password.
So it turns out my question was somewhat wrong. I'd wrongly assumed that the closure for adding publishing repos for maven would be run at the time of the task. However:
uploadArchives {
addSomeRepos()
}
is configuring the uploadArchives task, and so is run at the time at which it is found in the buildscript. Hence setting the username and password in a task, which will run after the buildscript, means they're null at setup.
I fixed this by changing my getAuth task to a createPublishTargets task which does the configuration of the uploadArchives task inside the task. This works perfectly.
task createPublishTarget << {
ext {
username = System.console().readLine("\nusername: ")
password = System.console().readPassword("password: ").toString()
}
allprojects {
uploadArchives {
repositories {
mavenDeployer {
repository(url: "my-artifactory") {
authentication(userName: createPublishTarget.username, password: createPublishTarget.password)
}
}
}
}
}
}
Although I did still come across an interesting issue that authentication(//blah) configures a different object than I was expecting, so you have to explicitly get the set properties from the task.
I would suggest to put credentials into $HOME/.gradle/gradle.properties or may be creating a $HOME/.gradle/init.gradle script which contains the definitions for the repositories.