Latest sonar-application zip not deployed to codehaus repository - sonarqube

We have a situation where we need to customer the sonar zip created by the sonar-application maven project. In the past we have done this by referencing the zip thru a maven dependency. In this case many of the other sub-projects for sonar 3.5.1 have been deployed, to the CodeHaus Nexus repository, but not the sonar-application artifact. In fact, it hasn't been deployed since version 1.4.x. I was hoping someone can tell me why this is.

Indeed zip file is not uploaded as a maven artifact. It's available at http://dist.sonar.codehaus.org/

Related

How to download only one jar with pom.xml?

I want to use a project called projectA that I have in a maven repository as dependency of a projectB.
The mvn deploy of projectA is successful (I can see in the repository the projectA-0.0.1-20190902.072951-1.jar, projectA-0.0.1-20190902.072951-1.pom and maven-metadata.xml files), but when I specify the dependency in the pom.xml file of projectB, the project works but it downloads two JARs of projectA from the repository:
- projectA-0.0.1-20190902.072951-1.jar
- projectA-0.0.1-SNAPSHOT.jar and the same issue for every file downloaded by the dependency to this project.
I think that only one JAR is necessary, and I don't know what I need to put maybe in settings.xml or in the pom.xml file of any project to get only one JAR when the dependency is downloaded.
Thank you so much for your help!
In the past it was possible to tell Maven to deploy Non-unique Snapshot Deployments but in Maven 3
... snapshot artifacts will always be deployed using a timestamped version
So:
the files with the timestamps are the one you have deployed to your remote repo (mvn deploy ...) and then downloaded from there as dependencies
the ones with -SNAPSHOT are the result of the local builds (install goal)
If your concern is download traffic - that is not an issue. The -SNAPSHOT ones are not downloaded.
If your concern is disk space then you can have a cron job or use something like Build Helper Maven Plugin to remove old version artifacts from the local repository.

How to include csjdbc.jar as part of maven dependency?

I have been looking for a dependency for csjdbc.jar in Maven repository so that I can build my app using maven and retrieve that jar on the fly. However, I cannot find a dependency in Maven repository related to that jar. Can anyone help, please?
Hopefully you have already resolved this issue.
csjdbc.jar is not listed in maven repositories. If you have composite software installed you can copy the jar from
~\Composite Software\CIS 6.1.0\apps\jdbc\lib
directory to your local machine's maven repository like below with proper versioning:
C:\maven\repository\composite\csjdbc\6.1\csjdbc-6.1.jar
(I have 6.1 jar)

Can I avoid Maven deployed war version with timestamp in Archiva?

In out project we are using using deployed war file in /archiva-2.2.0/repositories/internal/com/xyz/1-SNAPSHOT/proj-1-20160204.122021-15.war path using shell script to copy to jboss. However finding the latest build timestamp and build number is very difficult. Is there a way to avoid using timestamp while storing it in archiva like proj-1-SNAPSHOT.war?
I have already read about <uniqueVersion>false</uniqueVersion> whcih is not supported in maven 3.
I am using archiva-2.2.0, maven-3.3.9.
Maven repositories wasn't designed to distribute deployable components, your continuous integration environment should take care of this. Jenkins has eg Archive Artifacts (native) and Copy Artifact Plugin which you can use to store and recover binaries in your pipelines.
But you can workaround this behavior changing the version of the war to a stable one - removing the -SNAPSHOT suffix. This will lead you with a predictable URL.
I am posting this as it is a new finding, if I wget http://xx.xx.xx.xx:8083/repository/internal/com/xyz/1-SNAPSHOT/proj-1-SNAPSHOT.war. I get the latest deployed artifact in the archiva repository. So archiva does a 302 redirect to point to url of http://xx.xx.xx.xx:8083/repository/internal/com/xyz/1-SNAPSHOT/proj-1-20160204.122021-15.war location and downloads the latest build. I am not sure if this works for other repositories like nexus or artifactory etc.
Ofcourse I will need a cron job to periodically clear of the stale snapshot artifacts.

why does maven check for updates when I have specified a version?

I have trouble understanding, why maven has to check for updates each time we build a project.
The pom has specific version mentioned for each dependency. Once those versions are downloaded to the local repo, then maven can use that local copy to build the project. So why does maven have to check for updates when we build the project each time other than just using the local copy?
a side question.
can a maven artifact be changed after releasing it to a repo under a specific version?
As per Maven, an artifact mainly can be of two types - a RELEASE one and a SNAPSHOT one. RELEASE dependency(eg: 1.0.1, 2.3.0 etc) of an artifact is a source of truth. Means 1.0.1 version of a jar (say test.jar) will always be the same always. We will release artifacts to remote repository, whenever the product matures or after a sequence of bug fixes.
On the other hand, a development is on going in a project, then specified its version number as SNAPSHOT(eg: 2.0-SNAPSHOT, 1.1-SNAPSHOT etc).
Say if we specified test-2.0-SNAPSHOT.jar as dependency in our project pom. If we look at the remote repository (Nexus, archiva etc), we can see that it is not saved as version 2.0-SNAPSHOT rather it will be saved artifact version as date-timestamp-buildnumber format, the date-timestamp at which the artifact was built and uploaded to remote repo. (eg: test-2.0-20150105082634.jar)
So when ever the development team does the fix for an issue on a daily basis the updated jar with date timestamp will be in uploaded to the remote repo. So it is necessary for maven to do look up for the latest date timestamp of SNAPSHOT artifacts. Maven does this by maven-metadata.xml file in the artifact directory in the repo.
Hope this clarifies your query. Let me know, if you need any clarifications

How to deploy JAR to Maven remote repository

Is there any way to put my JAR file in remote repository, so my maven project can get this JAR file from any place via Internet?
I have downloaded and did some fixes in the ReportNG project: https://github.com/dwdyer/reportng .
Using ANT I have compiled this project into JAR, now I want to put it into remote Maven repository, but don't know how I can do that.
Could somebody please suggest me the way, how I can perform that?
If it is a released version you want to make available in maven central follow this guide: http://maven.apache.org/guides/mini/guide-central-repository-upload.html
I'm no github professional but since a maven repo is just a file structure with some meta-data you can put it anywhere maven can read it (ftp, http, ...). so you could create a git repo to host your maven artifacts. see http://cemerick.com/2010/08/24/hosting-maven-repos-on-github/ for an example. (it may be outdated - github may have something like maven repo hosting, I just dont know)
A lightweight way to create your own maven repository is to store it on github. See Hosting a Maven repository on github for more details
I followed sonatype open source project maven deployment guide https://docs.sonatype.org/display/Repository/Sonatype+OSS+Maven+Repository+Usage+Guide and successfully deployed the latest version of reportNG into maven central repository. Now maven have both 1.1.3 and 1.1.4
http://search.maven.org/#search%7Cgav%7C1%7Cg%3A%22org.uncommons%22%20AND%20a%3A%22reportng%22
You should do a pull request to the github project. If the maintainer likes your fix he will put it in the next version.
If you need your fix in a remote repo NOW then you'll have to setup your own maven repository.

Resources