I'm trying to store some of our private artifacts on Github and would like to access them as if they were part of a Maven repo. There are lots of pages that explain how to create a public Maven repo on Github: you just put the artifacts in the proper directory structure in your project, and then access them using a "raw" URL:
<repositories>
<repository>
<id>myrepo.myname.github.com</id>
<url>https://github.com/myname/myproject/raw/master/repositories/releases/</url>
</repository>
</repositories>
So far, so good. Now the trouble is that I can't figure out how to access the repo if it's private. I've added a username and password to my settings.xml, but it doesn't work:
<servers>
<server>
<id>myrepo.myname.github.com</id>
<username>myusername</username>
<password>mypassword</password>
</server>
</servers>
What's the trick?
The question is now moot. Github has eliminated downloads. They don't host binaries any more. Probably because of exactly the kind of abuse I've proposed...
You can access private repositories from Maven pom.xml using the following URL:
https://api.github.com/users/username/repos?login=username&token=oauthtoken&repositoryname=reponame
Related
I have a private maven repository. Publishing on this repository with authentication works well. But when I try use the repository to resolve dependencies, the authentication credentials defined in the settings.xml are not applied. Only way to make it work is to provide the credentials in the repository URL defined in the pom.xml
Is this a bug or did I miss something during setup?
Snippet from the pom.xml
<repositories>
<repository>
<id>myServer</id>
<name>My Servers Name</name>
<url>https://someHost/repository/maven-public/</url>
</repository>
</repositories>
Snippet from the settings.xml
<servers>
<server>
<id>myServer</id>
<username>myUser</username>
<password>myPass</password>
</server>
</servers>
I use Apache Maven 3.0.5 (Red Hat 3.0.5-17) and on the server's side I see that no credentials are applied, so a 401 is responded.
The above setup does work if I remove the server-setup from settings.xml and add the credentials myUser:myPass to the URL defined in the pom.xml.
Finally it appeared that I had a typo in the auth-credentials so, all works as expected.
http://numberformat.wordpress.com/2011/05/18/nexus-repository/
I am following the above link to setup Maven and Nexus, everything new. I couldn't left a new comment there so I post here.
After so long, I am in another company, when I tried to setup a simple sample in my local PC, I got this error in "mvn deploy" to the simple Maven my-app sample. I installed the simple Nexus Open Source w/o Tomcat.
[WARNING] Could not transfer metadata com.mycompany.app:my-app:1.0-SNAPSHOT/maven-metadata.xml from/to snapshots (localhost:8081/nexus/content/repositories/snapshots): Access denied to: localhosts:8081/nexus/content/repositories/snapshots/com/mycompany/app/my-app/1.0-SNAPSHOT/maven-metadata.xml , ReasonPhrase:Forbidden.
In your settings.xml located in MAVEN_HOME/conf you have to add in servers section
<server>
<id>nexus-releases</id>
<username>deploy</username>
<password>123456</password>
</server>
And in your pom must looks like
<distributionManagement>
<repository>
<id>nexus-releases</id>
<url>http://localhost:8081/nexus/content/repositories/releases</url>
</repository>
</distributionManagement>
Ids have to be the same.
Richard Seddon resolved my issue in nexus-users group.
Add this to nonProxyHosts:
localhost
You need to be authorized to run deployment. This is done by having the server section in your settings.xml. Check out the Nexus eval guide, specifically the publishing section and the sample projects in there for more detail.
I have a private Nexus with a repository protected via authentication.
Pulling libraries works like a charm, but if I want to use one of the archetypes stored up there I always need to write plaintext username and password in the URL of the archetype catalog like this:
mvn archetype:generate -DarchetypeCatalog=http://username:password#maven.mycompany.com/nexus/content/repositories/myrepo/archetype-catalog.xml
I read http://maven.apache.org/archetype/maven-archetype-plugin/faq.html#authentication and updated my settings.xml with what I understood from that very tiny bit of help:
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd">
<servers>
<server>
<id>myrepo</id>
<username>username</username>
<password>{HASHED_PASSWORD}</password>
</server>
<server>
<id>pretty-archetype-unicorn-repo</id>
<username>username</username>
<password>{HASHED_PASSWORD}</password>
</server>
</servers>
<profiles>
<profile>
<id>someid</id>
<repositories>
<repository>
<id>myrepo</id>
<name>My Repo</name>
<url>http://maven.mycompany.com/nexus/content/repositories/myrepo/</url>
</repository>
</repositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>someid</activeProfile>
</activeProfiles>
</settings>
Needless to say, it doesn't work and when I try:
mvn archetype:generate -DarchetypeCatalog=http://maven.mycompany.com/nexus/content/repositories/myrepo/archetype-catalog.xml
I get the same old:
[WARNING] Error reading archetype catalog http://maven.mycompany.com/nexus/content/repositories/myrepo/archetype-catalog.xml
org.apache.maven.wagon.authorization.AuthorizationException: Access denied to: http://maven.mycompany.com/nexus/content/repositories/myrepo/archetype-catalog.xml
Any hints, or better documentation with working example?
There's currently no way to do that if you don't specify at least -DarchetypeArtifactId. As per the official docs you linked:
The server id used to download the artifact is [archetypeArtifactId]-repo
hence there's no way to just browse the catalog if it's password protected (and you're not willing to expose username/password on your shell history).
In the meanwhile, you can go ahead and vote for ARCHETYPE-204. They have a patch already available since years, they probably just need a bit of a push.
UPDATE
Looking into the source code of the maven archetype project, looks like the following snippet in the settings.xml might work for you:
<servers>
<server>
<id>archetype</id>
<username>${your username}</username>
<password>${your password}</password>
</server>
</servers>
There is a default ID of archetype when building the Repository object while fetching a remote catalog. I don't think it's the official way of dealing with such situations, and it's a bit dirty IMO. But it might still work for you :-)
Also, you should be able to set profiles for reusing the archetype ID for different servers.
I think it should be in your settings.xml
<servers>
<server>
<id>myrepo</id>
<username>${your username}</username>
<password>${your password}</password>
</server>
</servers>
you need to add <server> for each of password protected repositories.
Looks like this is a known issue and you can't use archetypes from protected repository. See https://issues.apache.org/jira/browse/ARCHETYPE-204
There is a workaround available by doing the following:
mvn archetype:generate -DarchetypeCatalog=https://username:password#maven.mycompany.com/nexus/content/repositories/myrepo/
I have installed nexus on my local machine. I want my pom file to point to this repo. How can I add my custom repository to my pom.xml file?
From Maven - Settings Reference
The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml.
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0
http://maven.apache.org/xsd/settings-1.0.0.xsd">
...
<servers>
<server>
<id>server001</id>
<username>my_login</username>
<password>my_password</password>
<privateKey>${user.home}/.ssh/id_dsa</privateKey>
<passphrase>some_passphrase</passphrase>
<filePermissions>664</filePermissions>
<directoryPermissions>775</directoryPermissions>
<configuration></configuration>
</server>
</servers>
...
</settings>
id: This is the ID of the server (not of the user to login as) that matches the id element of the repository/mirror that Maven tries to connect to.
username, password: These elements appear as a pair denoting the login and password required to authenticate to this server.
privateKey, passphrase: Like the previous two elements, this pair specifies a path to a private key (default is ${user.home}/.ssh/id_dsa) and a passphrase, if required. The passphrase and password elements may be externalized in the future, but for now they must be set plain-text in the settings.xml file.
filePermissions, directoryPermissions: When a repository file or directory is created on deployment, these are the permissions to use. The legal values of each is a three digit number corrosponding to *nix file permissions, ie. 664, or 775.
Note: If you use a private key to login to the server, make sure you omit the element. Otherwise, the key will be ignored.
All you should need is the id, username and password
The id and URL should be defined in your pom.xml like this:
<repositories>
...
<repository>
<id>acme-nexus-releases</id>
<name>acme nexus</name>
<url>https://nexus.acme.net/content/repositories/releases</url>
</repository>
...
</repositories>
If you need a username and password to your server, you should encrypt it.
Maven Password Encryption
First of all I can highly recommend reading the Nexus book. It will explain the benefits of using a Maven repository manager.
There is a section on how to configure your Maven build to use Nexus:
http://www.sonatype.com/books/nexus-book/reference/config.html
This leads me to question why you altering your POM file? I suspect what you really want to do is setup Nexus as a remote repository mirror. This is done in your Maven settings file.
The following tells Maven use Nexus as your default repository (Instead of Maven Central)
<settings>
..
..
<mirrors>
<mirror>
<id>nexus</id>
<url>http://localhost:8081/nexus/content/groups/public</url>
<mirrorOf>central</mirrorOf>
</mirror>
</mirrors>
This is desired behaviour since your Nexus repository is configured to cache artifacts retrieved from Central (which is good for build performance).
Note:
The "public" repository group could include other repositories proxied by your Nexus instance (Not just Maven Central). You probabily want this behaviour, as it centralizes all repository management. It just makes your build less portable for people outside of your organization.
It seems the answers here do not support an enterprise use case where a Nexus server has multiple users and has project-based isolation (protection) based on user id ALONG with using an automated build (CI) system like Jenkins. You would not be able to create a settings.xml file to satisfy the different user ids needed for different projects. I am not sure how to solve this, except by opening Nexus up to anonymous access for reading repositories, unless the projects could store a project-specific generic user id in their pom.xml.
From the Apache Maven site
<project>
...
<repositories>
<repository>
<id>my-internal-site</id>
<url>http://myserver/repo</url>
</repository>
</repositories>
...
</project>
"The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml." - Apache Maven site - settings reference
<servers>
<server>
<id>server001</id>
<username>my_login</username>
<password>my_password</password>
<privateKey>${user.home}/.ssh/id_dsa</privateKey>
<passphrase>some_passphrase</passphrase>
<filePermissions>664</filePermissions>
<directoryPermissions>775</directoryPermissions>
<configuration></configuration>
</server>
</servers>
If you don't want or you cannot modify the settings.xml file, you can create a new one at the root of your project, and call maven passing it as a parameter with the -s argument:
$ mvn COMMAND ... -s settings.xml
From maven setting reference, you can not put your username/password in a pom.xml
The repositories for download and deployment are defined by the repositories and distributionManagement elements of the POM. However, certain settings such as username and password should not be distributed along with the pom.xml. This type of information should exist on the build server in the settings.xml.
You can first add a repository in your pom and then add the username/password in the $MAVEN_HOME/conf/settings.xml:
<servers>
<server>
<id>my-internal-site</id>
<username>yourUsername</username>
<password>yourPassword</password>
</server>
</servers>
I am very close to finally having a working setup with archiva and maven.
The last thing that's really boggling me, is how to set up my internal and snapshot repositories - without using a profile which contains activeByDefault set to true.
I am using a SUPER super pom - a company-wide pom which contains distributionManagement information for releases. I was thinking that I could specify the repositories in this pom, and configure the authentication settings in settings.xml? Can I use repositories tag without a profile? There should be no "profile" for my internal and snapshot repositories, as they will never change...
What I'm trying to steer clear from, is using a "default" profile, which is active all the time. I hear activeByDefault is NOT a best practice and I don't intend to use it.
With that said, how should I go about doing this? My internal repo is a mirror of the maven central repo, so I would like to lock down my developers to ONLY use our internal artifact server. Remember - I do NOT want a profile with activeByDefault set to true. I cannot stress this enough! Should I use Maven mirrors? Should I "add" additional repositories?
If I take the repositories tag instead of the mirrors tag, will maven force builds to use ONLY my archiva settings, instead of the default maven central?
Or is what I seek to accomplish able to be done using only the mirrors tag in maven? I know how to configure repo credentials when using repositories tag, but not with mirrors. How is this done? Is providing credentials for anything in mirrors tags the same as for anything in repositories tags?
Am I missing something obvious? I've had it up to here with getting things up and running using maven. I know it will be worthwhile in the end, but it is surely causing me a ton of aggravation and resources seem to be sparse. Either that, or people are content using it however they please without regard to best-practices.
Thank you
To use your internal repo as a mirror of central you need to setup a mirror like this (in settings.xml):
<mirrors>
<mirror>
<id>my-internal-repo</id>
<mirrorOf>central</mirrorOf> // use * for do mirror of all
<name>Clinker Maven Repository</name>
<url>http://my-repo-host/my-repo-path</url>
</mirror>
</mirrors>
If my-internal-repo is protected you can set credentials:
<servers>
<server>
<id>my-internal-repo</id>
<username>youruser</username>
<password>yourpassword</password>
</server>
</servers>
Please, note the server id tag content should match the id of your mirror.
To use your internal-snapshots repository you must set a repository in your project POM, since the use of snapshots artifact should be controlled and clearly defined at the project level, not at the settings level:
<repository>
<id>internal-snapshots</id>
<url>http://your-repo-host/internal-snapshots-path</url>
<releases>
<enabled>false</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
And finally, you must exclude internal-snapshots from the mirror:
<mirrors>
<mirror>
<id>my-internal-repo</id>
<mirrorOf>central, !internal-snapshots</mirrorOf> // use * to do mirror of all
<name>Clinker Maven Repository</name>
<url>http://my-repo-host/my-repo-path</url>
</mirror>
</mirrors>
and add a server (if it's protected):
<servers>
<server>
<id>my-internal-repo</id>
<username>youruser</username>
<password>yourpassword</password>
</server>
<server>
<id>internal-snapshots</id>
<username>youruser</username>
<password>yourpassword</password>
</server>
</servers>