Gradle Build Failing Upload to S3 Latest
Gradle can resolve dependencies from one or many repositories based on Maven, Ivy or flat directory formats. Check out the full reference on all types of repositories for more data.
Declaring a publicly-bachelor repository
Organizations building software may want to leverage public binary repositories to download and consume open source dependencies. Popular public repositories include Maven Fundamental and the Google Android repository. Gradle provides congenital-in shorthand notations for these widely-used repositories.
Figure i. Declaring a repository with the help of autograph notations
Under the covers Gradle resolves dependencies from the respective URL of the public repository defined by the shorthand notation. All shorthand notations are available via the RepositoryHandler API. Alternatively, you can spell out the URL of the repository for more fine-grained command.
Maven Key repository
Maven Cardinal is a popular repository hosting open up source libraries for consumption by Java projects.
Example 1. Adding fundamental Maven repository
build.gradle
repositories { mavenCentral() } build.gradle.kts
repositories { mavenCentral() } Google Maven repository
The Google repository hosts Android-specific artifacts including the Android SDK. For usage examples, see the relevant Android documentation.
Example 2. Calculation Google Maven repository
build.gradle
repositories { google() } build.gradle.kts
repositories { google() } Declaring a custom repository by URL
About enterprise projects gear up up a binary repository available only inside an intranet. In-business firm repositories enable teams to publish internal binaries, setup user direction and security measure and ensure uptime and availability. Specifying a custom URL is also helpful if you want to declare a less pop, just publicly-available repository.
Repositories with custom URLs tin can be specified equally Maven or Ivy repositories by calling the corresponding methods bachelor on the RepositoryHandler API. Gradle supports other protocols than http or https equally office of the custom URL e.yard. file, sftp or s3. For a total coverage see the section on supported repository types.
You can also define your ain repository layout by using ivy { } repositories equally they are very flexible in terms of how modules are organised in a repository.
Declaring multiple repositories
Y'all can define more than one repository for resolving dependencies. Declaring multiple repositories is helpful if some dependencies are only bachelor in one repository simply not the other. Yous tin mix any type of repository described in the reference section.
This instance demonstrates how to declare various named and custom URL repositories for a project:
Instance iii. Declaring multiple repositories
build.gradle
repositories { mavenCentral() maven { url "https://repo.jump.io/release" } maven { url "https://repository.jboss.org/maven2" } } build.gradle.kts
repositories { mavenCentral() maven { url = uri("https://repo.spring.io/release") } maven { url = uri("https://repository.jboss.org/maven2") } } | The guild of declaration determines how Gradle will check for dependencies at runtime. If Gradle finds a module descriptor in a particular repository, information technology will endeavor to download all of the artifacts for that module from the aforementioned repository. You can larn more about the inner workings of dependency downloads. |
Strict limitation to alleged repositories
Maven POM metadata can reference additional repositories. These will exist ignored by Gradle, which will only use the repositories declared in the build itself.
| This is a reproducibility condom-guard merely as well a security protection. Without it, an updated version of a dependency could pull artifacts from anywhere into your build. |
Supported repository types
Gradle supports a wide range of sources for dependencies, both in terms of format and in terms of connectivity. You lot may resolve dependencies from:
-
Different formats
-
a Maven compatible artifact repository (east.g: Maven Central)
-
an Ivy compatible artifact repository (including custom layouts)
-
local (flat) directories
-
-
with different connectivity
-
authenticated repositories
-
a wide multifariousness of remote protocols such as HTTPS, SFTP, AWS S3 and Google Cloud Storage
-
Flat directory repository
Some projects might prefer to store dependencies on a shared drive or as part of the project source code instead of a binary repository production. If you desire to use a (apartment) filesystem directory as a repository, simply blazon:
Case 4. Flat repository resolver
build.gradle
repositories { flatDir { dirs 'lib' } flatDir { dirs 'lib1', 'lib2' } } build.gradle.kts
repositories { flatDir { dirs("lib") } flatDir { dirs("lib1", "lib2") } } This adds repositories which wait into one or more directories for finding dependencies.
This blazon of repository does not support whatever meta-data formats like Ivy XML or Maven POM files. Instead, Gradle will dynamically generate a module descriptor (without whatever dependency information) based on the presence of artifacts.
| As Gradle prefers to use modules whose descriptor has been created from existent meta-data rather than being generated, flat directory repositories cannot be used to override artifacts with real meta-data from other repositories alleged in the build. For example, if Gradle finds merely For the use case of overriding remote artifacts with local ones consider using an Ivy or Maven repository instead whose URL points to a local directory. |
If yous only piece of work with flat directory repositories y'all don't need to fix all attributes of a dependency.
Local repositories
The following sections draw repositories format, Maven or Ivy. These can be alleged every bit local repositories, using a local filesystem path to access them.
The deviation with the apartment directory repository is that they exercise respect a format and contain metadata.
When such a repository is configured, Gradle totally bypasses its dependency enshroud for it as at that place tin can be no guarantee that content may not change between executions. Because of that limitation, they can have a performance affect.
They also brand build reproducibility much harder to achieve and their use should be limited to tinkering or prototyping.
Maven repositories
Many organizations host dependencies in an in-firm Maven repository but accessible within the company'southward network. Gradle can declare Maven repositories past URL.
For adding a custom Maven repository you tin can do:
Example 5. Calculation custom Maven repository
build.gradle
repositories { maven { url "http://repo.mycompany.com/maven2" } } build.gradle.kts
repositories { maven { url = uri("http://repo.mycompany.com/maven2") } } Setting up composite Maven repositories
Sometimes a repository will have the POMs published to one location, and the JARs and other artifacts published at some other location. To define such a repository, you can practise:
Case vi. Adding additional Maven repositories for JAR files
build.gradle
repositories { maven { // Look for POMs and artifacts, such equally JARs, here url "http://repo2.mycompany.com/maven2" // Wait for artifacts here if non found at the above location artifactUrls "http://repo.mycompany.com/jars" artifactUrls "http://repo.mycompany.com/jars2" } } build.gradle.kts
repositories { maven { // Await for POMs and artifacts, such as JARs, here url = uri("http://repo2.mycompany.com/maven2") // Look for artifacts here if not found at the above location artifactUrls("http://repo.mycompany.com/jars") artifactUrls("http://repo.mycompany.com/jars2") } } Gradle volition look at the base url location for the POM and the JAR. If the JAR tin can't be found at that place, the actress artifactUrls are used to look for JARs.
Accessing authenticated Maven repositories
Y'all tin can specify credentials for Maven repositories secured by dissimilar type of authentication.
Come across Supported repository transport protocols for hallmark options.
Local Maven repository
Gradle can consume dependencies available in the local Maven repository. Declaring this repository is benign for teams that publish to the local Maven repository with i project and eat the artifacts past Gradle in another project.
| Gradle stores resolved dependencies in its own cache. A build does not demand to declare the local Maven repository even if y'all resolve dependencies from a Maven-based, remote repository. |
| Before adding Maven local every bit a repository, yous should brand sure this is really required. |
To declare the local Maven cache as a repository add this to your build script:
Example 7. Calculation the local Maven cache equally a repository
build.gradle
repositories { mavenLocal() } build.gradle.kts
repositories { mavenLocal() } Gradle uses the aforementioned logic as Maven to identify the location of your local Maven cache. If a local repository location is defined in a settings.xml, this location will exist used. The settings.xml in USER_HOME/.m2 takes precedence over the settings.xml in M2_HOME/conf. If no settings.xml is available, Gradle uses the default location USER_HOME/.m2/repository.
The instance for mavenLocal()
As a general communication, y'all should avoid adding mavenLocal() equally a repository. In that location are different problems with using mavenLocal() that you should be aware of:
-
Maven uses it as a cache, not a repository, pregnant information technology can incorporate partial modules.
-
For example, if Maven never downloaded the source or javadoc files for a given module, Gradle will not find them either since it searches for files in a single repository in one case a module has been found.
-
-
As a local repository, Gradle does non trust its content, because:
-
Origin of artifacts cannot be tracked, which is a correctness and security trouble
-
Artifacts can be easily overwritten, which is a security, correctness and reproducibility problem
-
-
To mitigate the fact that metadata and/or artifacts can be changed, Gradle does not perform any caching for local repositories
-
Every bit a event, your builds are slower
-
Given that club of repositories is of import, adding
mavenLocal()starting time ways that all your builds are going to exist slower
-
There are a few cases where y'all might accept to utilise mavenLocal():
-
For interoperability with Maven
-
For case, project A is built with Maven, project B is congenital with Gradle, and yous demand to share the artifacts during development
-
Information technology is e'er preferable to use an internal full featured repository instead
-
In instance this is non possible, you should limit this to local builds just
-
-
For interoperability with Gradle itself
-
In a multi-repository world, you desire to bank check that changes to project A work with project B
-
Information technology is preferable to use blended builds for this utilize example
-
If for some reason neither composite builds nor full featured repository are possible, and so
mavenLocal()is a last resort option
-
Afterward all these warnings, if you stop upward using mavenLocal(), consider combining it with a repository filter. This will make sure it only provides what is expected and nothing else.
Ivy repositories
Organizations might decide to host dependencies in an in-house Ivy repository. Gradle can declare Ivy repositories by URL.
Defining an Ivy repository with a standard layout
To declare an Ivy repository using the standard layout no additional customization is needed. You just declare the URL.
Example viii. Ivy repository
build.gradle
repositories { ivy { url "http://repo.mycompany.com/repo" } } build.gradle.kts
repositories { ivy { url = uri("http://repo.mycompany.com/repo") } } Defining a named layout for an Ivy repository
You can specify that your repository conforms to the Ivy or Maven default layout by using a named layout.
Example 9. Ivy repository with named layout
build.gradle
repositories { ivy { url "http://repo.mycompany.com/repo" layout "maven" } } build.gradle.kts
repositories { ivy { url = uri("http://repo.mycompany.com/repo") layout("maven") } } Defining custom design layout for an Ivy repository
To define an Ivy repository with a non-standard layout, yous tin define a design layout for the repository:
Example x. Ivy repository with blueprint layout
build.gradle
repositories { ivy { url "http://repo.mycompany.com/repo" patternLayout { artifact "[module]/[revision]/[type]/[antiquity].[ext]" } } } build.gradle.kts
repositories { ivy { url = uri("http://repo.mycompany.com/repo") patternLayout { artifact("[module]/[revision]/[type]/[artifact].[ext]") } } } To define an Ivy repository which fetches Ivy files and artifacts from different locations, y'all can define separate patterns to use to locate the Ivy files and artifacts:
Each artifact or ivy specified for a repository adds an additional design to use. The patterns are used in the club that they are divers.
Example eleven. Ivy repository with multiple custom patterns
build.gradle
repositories { ivy { url "http://repo.mycompany.com/repo" patternLayout { artifact "tertiary-party-artifacts/[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" antiquity "company-artifacts/[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" ivy "ivy-files/[organization]/[module]/[revision]/ivy.xml" } } } build.gradle.kts
repositories { ivy { url = uri("http://repo.mycompany.com/repo") patternLayout { artifact("3rd-party-artifacts/[organisation]/[module]/[revision]/[artifact]-[revision].[ext]") artifact("company-artifacts/[organisation]/[module]/[revision]/[artifact]-[revision].[ext]") ivy("ivy-files/[organization]/[module]/[revision]/ivy.xml") } } } Optionally, a repository with pattern layout tin can have its 'organisation' part laid out in Maven style, with forrad slashes replacing dots equally separators. For instance, the system my.company would then be represented as my/visitor.
Instance 12. Ivy repository with Maven compatible layout
build.gradle
repositories { ivy { url "http://repo.mycompany.com/repo" patternLayout { artifact "[organisation]/[module]/[revision]/[artifact]-[revision].[ext]" m2compatible = true } } } build.gradle.kts
repositories { ivy { url = uri("http://repo.mycompany.com/repo") patternLayout { artifact("[organisation]/[module]/[revision]/[artifact]-[revision].[ext]") setM2compatible(true) } } } Accessing authenticated Ivy repositories
You tin specify credentials for Ivy repositories secured by basic authentication.
Example 13. Ivy repository with authentication
build.gradle
repositories { ivy { url "http://repo.mycompany.com" credentials { username "user" countersign "password" } } } build.gradle.kts
repositories { ivy { url = uri("http://repo.mycompany.com") credentials { username = "user" password = "password" } } } See Supported repository transport protocols for authentication options.
Repository content filtering
Gradle exposes an API to declare what a repository may or may not comprise. There are unlike use cases for it:
-
performance, when you know a dependency volition never be found in a specific repository
-
security, by avoiding leaking what dependencies are used in a private project
-
reliability, when some repositories comprise corrupted metadata or artifacts
It's even more than of import when considering that the alleged order of repositories affair.
Declaring a repository filter
Case xiv. Declaring repository contents
build.gradle
repositories { maven { url "https://repo.mycompany.com/maven2" content { // this repository *only* contains artifacts with group "my.company" includeGroup "my.visitor" } } mavenCentral { content { // this repository contains everything BUT artifacts with group starting with "my.visitor" excludeGroupByRegex "my\\.company.*" } } } build.gradle.kts
repositories { maven { url = uri("https://repo.mycompany.com/maven2") content { // this repository *only* contains artifacts with grouping "my.company" includeGroup("my.company") } } mavenCentral { content { // this repository contains everything BUT artifacts with group starting with "my.visitor" excludeGroupByRegex("my\\.visitor.*") } } } By default, repositories include everything and exclude nothing:
-
If you lot declare an include, then it excludes everything but what is included.
-
If you declare an exclude, and then it includes everything but what is excluded.
-
If y'all declare both includes and excludes, then it includes only what is explicitly included and not excluded.
Information technology is possible to filter either by explicit group, module or version, either strictly or using regular expressions. When using a strict version, it is possible to use a version range, using the format supported by Gradle. In add-on, there are filtering options by resolution context: configuration name or even configuration attributes. See RepositoryContentDescriptor for details.
Declaring content exclusively found in one repository
Filters declared using the repository-level content filter are not exclusive. This means that declaring that a repository includes an artifact doesn't hateful that the other repositories can't have it either: yous must declare what every repository contains in extension.
Alternatively, Gradle provides an API which lets y'all declare that a repository exclusively includes an artifact. If y'all practice so:
-
an antiquity alleged in a repository can't be found in any other
-
exclusive repository content must be declared in extension (just similar for repository-level content)
Case xv. Declaring exclusive repository contents
build.gradle
repositories { // This repository will _not_ be searched for artifacts in my.visitor // despite being alleged first mavenCentral() exclusiveContent { forRepository { maven { url "https://repo.mycompany.com/maven2" } } filter { // this repository *but* contains artifacts with group "my.company" includeGroup "my.company" } } } build.gradle.kts
repositories { // This repository volition _not_ be searched for artifacts in my.visitor // despite being declared first mavenCentral() exclusiveContent { forRepository { maven { url = uri("https://repo.mycompany.com/maven2") } } filter { // this repository *but* contains artifacts with group "my.visitor" includeGroup("my.company") } } } It is possible to filter either by explicit group, module or version, either strictly or using regular expressions. See InclusiveRepositoryContentDescriptor for details.
| If y'all leverage sectional content filtering in the Your options are either to declare all repositories in settings or to use not-sectional content filtering. |
Maven repository filtering
For Maven repositories, information technology's often the case that a repository would either contain releases or snapshots. Gradle lets you declare what kind of artifacts are found in a repository using this DSL:
Instance 16. Splitting snapshots and releases
build.gradle
repositories { maven { url "https://repo.mycompany.com/releases" mavenContent { releasesOnly() } } maven { url "https://repo.mycompany.com/snapshots" mavenContent { snapshotsOnly() } } } build.gradle.kts
repositories { maven { url = uri("https://repo.mycompany.com/releases") mavenContent { releasesOnly() } } maven { url = uri("https://repo.mycompany.com/snapshots") mavenContent { snapshotsOnly() } } } When searching for a module in a repository, Gradle, by default, checks for supported metadata file formats in that repository. In a Maven repository, Gradle looks for a .pom file, in an ivy repository it looks for an ivy.xml file and in a flat directory repository it looks directly for .jar files as information technology does not expect whatever metadata. Starting with v.0, Gradle also looks for .module (Gradle module metadata) files.
However, if you define a customized repository you might desire to configure this beliefs. For instance, you tin define a Maven repository without .pom files just but jars. To practise and so, you can configure metadata sources for any repository.
Example 17. Maven repository that supports artifacts without metadata
build.gradle
repositories { maven { url "http://repo.mycompany.com/repo" metadataSources { mavenPom() artifact() } } } build.gradle.kts
repositories { maven { url = uri("http://repo.mycompany.com/repo") metadataSources { mavenPom() artifact() } } } You can specify multiple sources to tell Gradle to keep looking if a file was not constitute. In that case, the order of checking for sources is predefined.
The following metadata sources are supported:
| Metadata source | Clarification | Order | Maven | Ivy / flat dir |
|---|---|---|---|---|
| | Await for Gradle | 1st | yep | aye |
| | Wait for Maven | second | yes | yes |
| | Look for | 2nd | no | yes |
| | Look directly for antiquity | 3rd | yeah | yes |
| The defaults for Ivy and Maven repositories modify with Gradle 6.0. Earlier half-dozen.0, |
Since Gradle 5.3, when parsing a metadata file, be it Ivy or Maven, Gradle will look for a marking indicating that a matching Gradle Module Metadata files exists. If it is institute, it will be used instead of the Ivy or Maven file.
Starting with Gradle 5.half-dozen, yous tin disable this behavior by calculation ignoreGradleMetadataRedirection() to the metadataSources annunciation.
Example 18. Maven repository that does non apply gradle metadata redirection
build.gradle
repositories { maven { url "http://repo.mycompany.com/repo" metadataSources { mavenPom() artifact() ignoreGradleMetadataRedirection() } } } build.gradle.kts
repositories { maven { url = uri("http://repo.mycompany.com/repo") metadataSources { mavenPom() artifact() ignoreGradleMetadataRedirection() } } } Plugin repositories vs. build repositories
Gradle will apply repositories at two different phases during your build.
The first phase is when configuring your build and loading the plugins it applied. To do that Gradle will employ a special set of repositories.
The second phase is during dependency resolution. At this point Gradle volition apply the repositories declared in your project, every bit shown in the previous sections.
Plugin repositories
Nonetheless, for different reasons, there are plugins available in other, public or not, repositories. When a build requires one of these plugins, additional repositories demand to be specified so that Gradle knows where to search.
As the manner to declare the repositories and what they are expected to contain depends on the manner the plugin is applied, information technology is best to refer to Custom Plugin Repositories.
Centralizing repositories announcement
Instead of declaring repositories in every subproject of your build or via an allprojects cake, Gradle offers a way to declare them in a central place for all projection.
| Key annunciation of repositories is an incubating feature |
Repositories used by convention by every subproject can be declared in the settings.gradle(.kts) file:
Instance 19. Declaring a Maven repository in settings
settings.gradle
dependencyResolutionManagement { repositories { mavenCentral() } } settings.gradle.kts
dependencyResolutionManagement { repositories { mavenCentral() } } The dependencyResolutionManagement repositories block accepts the aforementioned notations as in a project, which includes Maven or Ivy repositories, with or without credentials, etc.
By default, repositories alleged past a project will override whatever is alleged in settings. Yous can modify this behavior to make certain that yous e'er apply the settings repositories:
Example xx. Preferring settings repositories
settings.gradle
dependencyResolutionManagement { repositoriesMode.set(RepositoriesMode.PREFER_SETTINGS) } settings.gradle.kts
dependencyResolutionManagement { repositoriesMode.set up(RepositoriesMode.PREFER_SETTINGS) } If, for some reason, a project or a plugin declares a repository in a projection, Gradle would warn yous. You can however make it fail the build if you want to enforce that merely settings repositories are used:
Instance 21. Enforcing settings repositories
settings.gradle
dependencyResolutionManagement { repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS) } settings.gradle.kts
dependencyResolutionManagement { repositoriesMode.set up(RepositoriesMode.FAIL_ON_PROJECT_REPOS) } Eventually, the default is equivalent to setting PREFER_PROJECT:
Example 22. Preferring project repositories
settings.gradle
dependencyResolutionManagement { repositoriesMode.set(RepositoriesMode.PREFER_PROJECT) } settings.gradle.kts
dependencyResolutionManagement { repositoriesMode.set(RepositoriesMode.PREFER_PROJECT) } Supported repository transport protocols
Maven and Ivy repositories support the utilise of various ship protocols. At the moment the following protocols are supported:
| Type | Credential types | Link |
|---|---|---|
| | none | |
| | username/password | Documentation |
| | username/password | Documentation |
| | username/password | Documentation |
| | access key/underground key/session token or Environment variables | Documentation |
| | default application credentials sourced from well known files, Environment variables etc. | Documentation |
| Username and countersign should never be checked in obviously text into version control as part of your build file. Y'all can store the credentials in a local |
The transport protocol is part of the URL definition for a repository. The following build script demonstrates how to create HTTP-based Maven and Ivy repositories:
Example 23. Declaring a Maven and Ivy repository
build.gradle
repositories { maven { url "http://repo.mycompany.com/maven2" } ivy { url "http://repo.mycompany.com/repo" } } build.gradle.kts
repositories { maven { url = uri("http://repo.mycompany.com/maven2") } ivy { url = uri("http://repo.mycompany.com/repo") } } The following case shows how to declare SFTP repositories:
Example 24. Using the SFTP protocol for a repository
build.gradle
repositories { maven { url "sftp://repo.mycompany.com:22/maven2" credentials { username "user" password "password" } } ivy { url "sftp://repo.mycompany.com:22/repo" credentials { username "user" countersign "password" } } } build.gradle.kts
repositories { maven { url = uri("sftp://repo.mycompany.com:22/maven2") credentials { username = "user" countersign = "password" } } ivy { url = uri("sftp://repo.mycompany.com:22/repo") credentials { username = "user" password = "password" } } } For details on HTTP related authentication, come across the section HTTP(S) authentication schemes configuration.
When using an AWS S3 backed repository you lot need to authenticate using AwsCredentials, providing admission-fundamental and a private-key. The following example shows how to declare a S3 backed repository and providing AWS credentials:
Case 25. Declaring an S3 backed Maven and Ivy repository
build.gradle
repositories { maven { url "s3://myCompanyBucket/maven2" credentials(AwsCredentials) { accessKey "someKey" secretKey "someSecret" // optional sessionToken "someSTSToken" } } ivy { url "s3://myCompanyBucket/ivyrepo" credentials(AwsCredentials) { accessKey "someKey" secretKey "someSecret" // optional sessionToken "someSTSToken" } } } build.gradle.kts
repositories { maven { url = uri("s3://myCompanyBucket/maven2") credentials(AwsCredentials::class) { accessKey = "someKey" secretKey = "someSecret" // optional sessionToken = "someSTSToken" } } ivy { url = uri("s3://myCompanyBucket/ivyrepo") credentials(AwsCredentials::course) { accessKey = "someKey" secretKey = "someSecret" // optional sessionToken = "someSTSToken" } } } You can also consul all credentials to the AWS sdk by using the AwsImAuthentication. The following instance shows how:
Example 26. Declaring an S3 backed Maven and Ivy repository using IAM
build.gradle
repositories { maven { url "s3://myCompanyBucket/maven2" authentication { awsIm(AwsImAuthentication) // load from EC2 role or env var } } ivy { url "s3://myCompanyBucket/ivyrepo" authentication { awsIm(AwsImAuthentication) } } } build.gradle.kts
repositories { maven { url = uri("s3://myCompanyBucket/maven2") authentication { create<AwsImAuthentication>("awsIm") // load from EC2 role or env var } } ivy { url = uri("s3://myCompanyBucket/ivyrepo") authentication { create<AwsImAuthentication>("awsIm") } } } For details on AWS S3 related hallmark, meet the department AWS S3 repositories configuration.
When using a Google Cloud Storage backed repository default application credentials volition be used with no further configuration required:
Example 27. Declaring a Google Cloud Storage backed Maven and Ivy repository using default application credentials
build.gradle
repositories { maven { url "gcs://myCompanyBucket/maven2" } ivy { url "gcs://myCompanyBucket/ivyrepo" } } build.gradle.kts
repositories { maven { url = uri("gcs://myCompanyBucket/maven2") } ivy { url = uri("gcs://myCompanyBucket/ivyrepo") } } For details on Google GCS related authentication, see the section Google Deject Storage repositories configuration.
HTTP(S) authentication schemes configuration
When configuring a repository using HTTP or HTTPS send protocols, multiple authentication schemes are available. By default, Gradle will endeavour to use all schemes that are supported by the Apache HttpClient library, documented here. In some cases, information technology may be preferable to explicitly specify which hallmark schemes should be used when exchanging credentials with a remote server. When explicitly declared, just those schemes are used when authenticating to a remote repository.
You tin specify credentials for Maven repositories secured past basic hallmark using PasswordCredentials.
Case 28. Accessing password-protected Maven repository
build.gradle
repositories { maven { url "http://repo.mycompany.com/maven2" credentials { username "user" password "password" } } } build.gradle.kts
repositories { maven { url = uri("http://repo.mycompany.com/maven2") credentials { username = "user" password = "password" } } } The post-obit example prove how to configure a repository to use only DigestAuthentication:
Example 29. Configure repository to use only assimilate authentication
build.gradle
repositories { maven { url 'https://repo.mycompany.com/maven2' credentials { username "user" password "countersign" } authentication { digest(DigestAuthentication) } } } build.gradle.kts
repositories { maven { url = uri("https://repo.mycompany.com/maven2") credentials { username = "user" password = "password" } authentication { create<DigestAuthentication>("assimilate") } } } Currently supported authentication schemes are:
Using preemptive authentication
Gradle's default behavior is to merely submit credentials when a server responds with an hallmark challenge in the course of an HTTP 401 response. In some cases, the server will respond with a different lawmaking (ex. for repositories hosted on GitHub a 404 is returned) causing dependency resolution to fail. To go around this behavior, credentials may be sent to the server preemptively. To enable preemptive authentication but configure your repository to explicitly use the BasicAuthentication scheme:
Example thirty. Configure repository to use preemptive authentication
build.gradle
repositories { maven { url 'https://repo.mycompany.com/maven2' credentials { username "user" password "password" } authentication { basic(BasicAuthentication) } } } build.gradle.kts
repositories { maven { url = uri("https://repo.mycompany.com/maven2") credentials { username = "user" countersign = "countersign" } authentication { create<BasicAuthentication>("basic") } } } You tin specify whatever HTTP header for secured Maven repositories requiring token, OAuth2 or other HTTP header based authentication using HttpHeaderCredentials with HttpHeaderAuthentication.
Example 31. Accessing header-protected Maven repository
build.gradle
repositories { maven { url "http://repo.mycompany.com/maven2" credentials(HttpHeaderCredentials) { name = "Private-Token" value = "TOKEN" } authentication { header(HttpHeaderAuthentication) } } } build.gradle.kts
repositories { maven { url = uri("http://repo.mycompany.com/maven2") credentials(HttpHeaderCredentials::class) { name = "Private-Token" value = "TOKEN" } authentication { create<HttpHeaderAuthentication>("header") } } } AWS S3 repositories configuration
S3 configuration properties
The following organisation properties can be used to configure the interactions with s3 repositories:
-
org.gradle.s3.endpoint -
Used to override the AWS S3 endpoint when using a non AWS, S3 API compatible, storage service.
-
org.gradle.s3.maxErrorRetry -
Specifies the maximum number of times to retry a request in the effect that the S3 server responds with a HTTP 5xx status code. When not specified a default value of 3 is used.
S3 URL formats
S3 URL's are 'virtual-hosted-style' and must be in the following format
s3://<bucketName>[.<regionSpecificEndpoint>]/<s3Key>
due east.m. s3://myBucket.s3.eu-fundamental-1.amazonaws.com/maven/release
-
myBucketis the AWS S3 saucepan name. -
s3.eu-central-1.amazonaws.comis the optional region specific endpoint. -
/maven/releaseis the AWS S3 key (unique identifier for an object within a saucepan)
S3 proxy settings
A proxy for S3 tin be configured using the following organization properties:
-
https.proxyHost -
https.proxyPort -
https.proxyUser -
https.proxyPassword -
http.nonProxyHosts
If the org.gradle.s3.endpoint belongings has been specified with a HTTP (not HTTPS) URI the following system proxy settings can be used:
-
http.proxyHost -
http.proxyPort -
http.proxyUser -
http.proxyPassword -
http.nonProxyHosts
AWS S3 V4 Signatures (AWS4-HMAC-SHA256)
Some of the AWS S3 regions (eu-central-1 - Frankfurt) crave that all HTTP requests are signed in accordance with AWS's signature version 4. It is recommended to specify S3 URL'southward containing the region specific endpoint when using buckets that require V4 signatures. eastward.g.
s3://somebucket.s3.eu-cardinal-1.amazonaws.com/maven/release
| When a region-specific endpoint is not specified for buckets requiring V4 Signatures, Gradle will use the default AWS region (united states-east-ane) and the following warning will appear on the console:
Failing to specify the region-specific endpoint for buckets requiring V4 signatures ways:
|
AWS S3 Cantankerous Account Access
Some organizations may take multiple AWS accounts, e.g. 1 for each team. The AWS account of the bucket possessor is oftentimes different from the antiquity publisher and consumers. The bucket owner needs to be able to grant the consumers access otherwise the artifacts will only be usable by the publisher's account. This is done by calculation the bucket-owner-full-command Canned ACL to the uploaded objects. Gradle will practise this in every upload. Make sure the publisher has the required IAM permission, PutObjectAcl (and PutObjectVersionAcl if saucepan versioning is enabled), either directly or via an assumed IAM Role (depending on your case). You tin can read more at AWS S3 Access Permissions.
Google Deject Storage repositories configuration
GCS configuration properties
The following organization backdrop can exist used to configure the interactions with Google Deject Storage repositories:
-
org.gradle.gcs.endpoint -
Used to override the Google Deject Storage endpoint when using a non-Google Cloud Platform, Google Cloud Storage API compatible, storage service.
-
org.gradle.gcs.servicePath -
Used to override the Google Cloud Storage root service path which the Google Cloud Storage customer builds requests from, defaults to
/.
GCS URL formats
Google Cloud Storage URL's are 'virtual-hosted-mode' and must be in the following format gcs://<bucketName>/<objectKey>
east.g. gcs://myBucket/maven/release
-
myBucketis the Google Cloud Storage bucket proper name. -
/maven/releaseis the Google Cloud Storage key (unique identifier for an object within a bucket)
Handling credentials
Repository credentials should never be function of your build script merely rather be kept external. Gradle provides an API in artifact repositories that allows you to declare simply the blazon of required credentials. Credential values are looked upwards from the Gradle Backdrop during the build that requires them.
For example, given repository configuration:
Instance 32. Externalized repository credentials
build.gradle
repositories { maven { name = 'mySecureRepository' credentials(PasswordCredentials) // url = uri(<<some repository url>>) } } build.gradle.kts
repositories { maven { proper noun = "mySecureRepository" credentials(PasswordCredentials::class) // url = uri(<<some repository url>>) } } The username and password will be looked up from mySecureRepositoryUsername and mySecureRepositoryPassword properties.
Note that the configuration property prefix - the identity - is determined from the repository name. Credentials tin then be provided in whatsoever of supported means for Gradle Properties - gradle.backdrop file, command line arguments, environs variables or a combination of those options.
Also, note that credentials will only be required if the invoked build requires them. If for example a project is configured to publish artifacts to a secured repository, but the build does not invoke publishing chore, Gradle will not crave publishing credentials to be present. On the other mitt, if the build needs to execute a task that requires credentials at some betoken, Gradle will check for credential presence get-go thing and volition non start running any of the tasks if it knows that the build volition fail at a later point because of missing credentials.
Lookup is only supported for credentials listed in the Tabular array 3.
| Type | Argument | Base property proper name | Required? |
|---|---|---|---|
| | | | required |
| | | required | |
| | | | required |
| | | required | |
| | | optional | |
| | | | required |
| | | required |
Source: https://docs.gradle.org/current/userguide/declaring_repositories.html
Postar um comentário for "Gradle Build Failing Upload to S3 Latest"