Azure-pipelines-tasks: maven task: mavenFeedAuthenticate does not work with plugin repositories

Created on 22 Nov 2018  路  9Comments  路  Source: microsoft/azure-pipelines-tasks

Environment

  • Azure Pipelines

    • account name: christian.[email protected]
      team project name: assentis / docfamily
      build definition: docfamily / #20181122.1

  • Agent - Hosted

    • not sure about the queue name

Issue Description

We are building a multimodule maven project using the Maven@3 task. We are using two package feeds, one to access build dependencies, like third-party libraries, and a second for our own developed maven plugins that are used during the build.

With the 'mavenFeedAuthenticate" we are able to access all the build dependencies in the respective package feed (3rd-party). But the maven task does not honor plugingRepositories (which are needed if you do have your own maven plugins that are nowhere else to be found). Consequently, the maven build fails with an authentication failure trying to access this package feed (maven_plugins). I looked into the source code of the maven task, and from what I found you only scan for repository entries to enable this feed authentication and just skip (forgot?) pluginRepositories.

Please add this functionality.

Also, the usage of the help:effective-pom mechanism causes a huge delay in our build. Especially since we are a multimodule build with 287 modules. At least, run the help:effective-pom goal with -N to not recurse into all modules. I would consider this unnecessary and a waste of performance and time. Also, can you not print the effective pom? As I saw from your source code, you are doing this, to find all repository entries so you know which ones you need to authenticate against. Not logging it into the console, or piping the output into a file and then scanning the file should work as well, but would make our maven builds much nicer and faster.

Task logs

logs_56.zip

Error logs

2018-11-22T09:35:27.1588554Z [ERROR] Plugin com.assentis.maven-plugins:patchStubs:1.0.2 or one of its dependencies could not be resolved: Failed to read artifact descriptor for com.assentis.maven-plugins:patchStubs:jar:1.0.2: Could not transfer artifact com.assentis.maven-plugins:patchStubs:pom:1.0.2 from/to dev-azure-com-assentis-maven_plugins (https://pkgs.dev.azure.com/assentis/_packaging/maven_plugins/maven/v1): Not authorized , ReasonPhrase:Unauthorized. -> [Help 1]

ArtifactsPackages CrossPlatform enhancement
Source
picture landrus
👍3

Most helpful comment

Has anyone heard any progress for this issue.

This is causing our build to fail trying to use the mavenAuthenticateFeed flag set to true. We need to use the ugly workaround to downloading a settings.xml file.

picture steph-moto on 24 Apr 2019
👍3

All 9 comments

Hey @landrus , this seems to be the same issue as #8896

We're working on adding an option in the Maven task to disable the help:effective-pom (see #8933)

For a temporary workaround, see: https://developercommunity.visualstudio.com/solutions/392864/view.html

Thank you for your feedback, please let me know if the workaround doesn't work for you.

joshmgross picture joshmgross on 28 Nov 2018

I got the idea of the workaround myself, already. For the moment, I can work. However, this workaround puts the personal access token into the checked in code, which I consider Very Bad(tm).

Thanks anyway for the answer. Looking forward to the solution :)

landrus picture landrus on 28 Nov 2018

Could you put the personal access token into a variable?
See: https://docs.microsoft.com/en-us/azure/devops/pipelines/process/variables?view=vsts&tabs=yaml%2Cbatch#secret-variables

joshmgross picture joshmgross on 28 Nov 2018
👎3

Yes, that works. Thanks for that information. Now, I can wait happily for this fix here :)

landrus picture landrus on 29 Nov 2018
👍1

Hey @joshmgross! He should not do it in the first place!

No progress from November 馃槥

azmelanar picture azmelanar on 23 Jan 2019

Has anyone heard any progress for this issue.

This is causing our build to fail trying to use the mavenAuthenticateFeed flag set to true. We need to use the ugly workaround to downloading a settings.xml file.

steph-moto picture steph-moto on 24 Apr 2019
👍3

Hi everyone - we're taking on work in this next quarter to simplify our pipelines task, heading towards a model where we set up auth and then let you run your own tools. I've added the context in this issue to the tracking of that work to make sure it gets fixed along with it.

elbatk picture elbatk on 26 Jun 2019
👍1

Hi - We have recently released the MavenAuthenticate task that can be used in a pipeline to authenticate with Azure Artifacts and other Maven repositories. The design philosophy behind this task is that we would authenticate all the repositories you describe in this task, and get out of the way leaving you fully in control of running your mvn commands in the pipeline as you see fit.

You can read more about the MavenAuthenticate task here: https://docs.microsoft.com/en-us/azure/devops/pipelines/tasks/package/maven-authenticate?view=azure-devops. It also gives some examples on how to configure the task.

I think this task is a good fit for your use case, you can use the MavenAuthenticate task to perform the authentication, and then use the same mvn command you use locally to run in the pipeline. Let me know if you need any more help in setting this up.

Aasim

aasim picture aasim on 14 Nov 2019

@aasim do you have any information on when this MavenAuthenticate task is expected to become available in Azure DevOps Server?

japj picture japj on 22 Jan 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

fedemkr picture fedemkr  路  3Comments
richard-ob picture richard-ob  路  3Comments
montebhoover picture montebhoover  路  3Comments
divyesh-parikh picture divyesh-parikh  路  3Comments
timfish picture timfish  路  3Comments