I'm trying to migrate from using Ivy to using the Aether resolver in a Grails 2.4 project.
The issue I am having is in relation to externalising the credentials. Info related to this can be found in the Grails manual here: http://grails.org/doc/latest/guide/conf.html#dependencyRepositories
There doesn't seem to be a documented way to externalise the credentials for using Maven the way you could with Ivy.
With Ivy I could place something like this into my .grails/settings.groovy file:
grails.project.ivy.authentication = {
credentials {
realm = "My Repo"
host = "repo.mycustomrepo.com"
username = "user"
password = "password"
}
}
To use Aether, I'm forced to place the credentials block directly in my BuildConfig.groovy like so:
repositories {
inherits true // Whether to inherit repository definitions from plugins
grailsPlugins()
grailsHome()
mavenLocal()
grailsCentral()
mavenCentral()
mavenRepo("http://repo.mycustomrepo.com") {
//Add authentication details to repository connection
auth([
username: 'user',
password: 'password'
])
}
}
Unfortunately this is really problematic for me, as within my organisation we use Artifactory which is configured to use our LDAP credentials. This is a problem because I don't want to be committing my credentials in source control.
Is there an undocumented solution for this or does Grails simply not support it?
Define your repo with an id:
mavenRepo(id:'myrepo', url:"http://localhost:8085/artifactory/libs-release-local/")
Then define your credentials in ~/.grails/settings.groovy using the previously specified id:
grails.project.dependency.authentication = {
credentials {
id = "myrepo"
username = "foo"
password = "bar"
}
}
Related
I am running into problems with gradle while resolving dependencies. Some of my projects uses a core-lib which I provide by my private repository - nexus3. And the weirdest part is, one of this projects resolves the dependency, while the others can't. I have no Idea what I am doing wrong:
This is how I define my gradle repositories:
repositories {
maven {
credentials {
username = "user"
password = "password"
}
url = uri("https://my-nexus-url/repository/group-repo/")
}
mavenCentral()
}
This is how the dependency is implemented:
dependencies {
...
implementation("my.lib.core:core:1.0")
...
}
This is how is the puiblishing configure block:
publishing {
publications {
create<MavenPublication>("maven") {
groupId = "my.lib.core"
artifactId = "core"
version = "1.0"
from(components["java"])
}
}
repositories {
maven {
credentials {
username = "user"
password = "password"
}
url = uri("https://my-nexus-url/repository/release-repo/")
}
}
}
I am also able to download the artifact via nexus web ui and curl. Furthermore already one of these projects is able to implement it. The rest of them throws:
Could not resolve my.lib.core:core:1.0.
Required by:
project :lib
Possible solution:
- Declare repository providing the artifact, see the documentation at https://docs.gradle.org/current/userguide/declaring_repositories.html
Running gradlew ass --refresh-dependencies works fine and ends with:
Cached resource https://my-nexus-url/repository/group-repo/my/lib/core/core/1.0/core-1.0.jar is up-to-date (lastModified: Tue Mar 08 23:05:19 CET 2022).
After the recent security fixes in Gradle 5.6.2+, we're unable to use global plugin management in init.gradle script.
The section, which is described in the Gradle documentation does not provide any help about using Nexus server requiring authentication.
The workaround I've found is following: I had to manually hardcode credentials inside of the script even though the nexusUsername and nexusPassword is already defined in gradle.properties.
allprojects {
repositories {
mavenLocal()
maven {
url "https://nexus-repo-requiring-auth/"
credentials {
username nexusUsername
password nexusPassword
}
}
}
settingsEvaluated { settings ->
settings.pluginManagement.repositories {
//This is a workaround, because the global properties are not available here
def localNexusUsername = "nexusUser1"
def localNexusPassword = "nexusPass1"
maven {
url "https://nexus-repo-requiring-auth/"
credentials {
username localNexusUsername
password localNexusPassword
}
}
}
}
Is there a way, how to read global variables inside of the settingsEvaluated block? Or any other way to define the plugin repository?
It's not a solution, but a different work-around. I found that if I defined my plugin repositories in the settings.gradle file it was able to read the variables:
pluginManagement {
repositories {
maven {
authentication {
basic(BasicAuthentication)
}
url "https://artifactory.redacted.com/gradle-plugins-mirror/"
credentials {
username "$artifactory_user"
password "$artifactory_password"
}
}
}
}
This worked better for me as we add the ~/.gradle/init.gradle file for each user, so everyone uses the same internal mirors.
My private repo which is loaded from bintray used for all projects and needs credentials:
allprojects {
jcenter()
repositories {
maven {
url "http://myurl.bintray.com/sdk"
credentials {
username 'JohnDoe'
password 'somePassword'
}
}
}
}
What's the best way to hide them?
Is it possible without creating new instance of Properties?
Properties properties = new Properties()
properties.load(project.rootProject.file('local.properties').newDataInputStream())
One way to do it is to set properties in the user specific file $HOME/.gradle/gradle.properties:
thePassword=somePassword
and in the build.gradle file:
credentials {
username 'JohnDoe'
password thePassword
}
Repositories{
maven{
name='tomRepo'
url=''
credentials(PasswordCredentials)
}
}
run a command in the console like this
./gradlew build --refresh-dependecies -PtomsRepoUsername=aws -PtomRepoPassword=$TOMS_REPO_PASSWORD
is it possible put the repositories configuration in {gradle_home_user}/gradle.properties instead in {project}/build.gradle?
Something like this:
build.gradle
repositories {
maven {
url "maven_url"
credentials {
username = "user"
password = "password"
}
}
}
gradle.properties
repositories.maven.url=maven_url
repositories.maven.credentials.username=user
repositories.maven.credentials.password =password
Yes it is possible. But the property names with dots will need to be accessed using the following notation ${project["my.prop.name"]}. Instead I would recommend using underscores for property separators instead. These can be accessed simply by using ${my_prop_name}.
build.gradle
repositories {
maven {
url "${repositories_maven_url}"
credentials {
username = "${repositories_maven_credentials_username}"
password = "${repositories_maven_credentials_password}"
}
}
}
gradle.properties
repositories_maven_url=maven_url
repositories_maven_credentials_username=user
repositories_maven_credentials_password=password
I'm trying to get to the Artifactory Gradle plugin working to publish to my local Artifactory instance.
I have the latest version (default install) running at localhost:8081/artifactory. I can verify this with access via a webbrowser.
However, with my bare minimum example .. I am getting a "Context URL cannot be found error
Note that I have specified all the mandatory required Artifactory configurations settings - (as indicated on the Artifactory Gradle WebPage) .. including the Context URL.
buildscript {
repositories{ maven { url 'http://repo.jfrog.org/artifactory/gradle-plugins' } }
dependencies{ classpath 'org.jfrog.buildinfo:build-info-extractor-gradle:2.0.12'}
}
apply plugin: 'artifactory'
artifactory {
contextUrl = 'http://localhost:8081/artifactory' //The base Artifactory URL if not overridden by the publisher/resolver
publish {
repository {
repoKey = 'integration-libs' //The Artifactory repository key to publish to
username = 'admin' //The publisher user name
password = 'password'
}
}
resolve {
repository {
repoKey = 'libs-releases' //The Artifactory (preferably virtual) repository key to resolve from
}
}
}
This looks like a weird bug and I'm not sure what causes it. I get it in some of my gradle build files but others seem to work fine.
I fixed it by defining the contextUrl again inside the publish element, so your script will now look like:
artifactory {
contextUrl = 'http://localhost:8081/artifactory' //The base Artifactory URL if not overridden by the publisher/resolver
publish {
contextUrl = 'http://localhost:8081/artifactory' // <- this is the fix
repository {
repoKey = 'integration-libs' //The Artifactory repository key to publish to
username = 'admin' //The publisher user name
password = 'password'
}
}
resolve {
repository {
repoKey = 'libs-releases' //The Artifactory (preferably virtual) repository key to resolve from
}
}
}
You might also have to define it again inside the resolve element.