kscript icon indicating copy to clipboard operation
kscript copied to clipboard
verified publisher icon kscripting

Access Gitlab Maven Repo

Open max-grossmann opened this issue 5 years ago • 8 comments

Hi! I don't manage to include a private maven repository from gitlab maven repos (https://docs.gitlab.com/ee/user/packages/maven_repository)

Using the library from gradle in intellij works, but not with kscript dependencies. Is this currently supported? Details below.

Thank you very much!

Snippet from .kts-File:

#!/usr/bin/env kscript

@file:MavenRepository("gitlab-timolia","https://gitlab.timolia.de/api/v4/projects/446/packages/maven", user="Private-Token", password="xxx")
@file:DependsOn("de.timolia.admin:foldermonitoringapi:1.0")

Error from kscript:

[kscript] [ERROR] Failed while connecting to the server. Check the connection (http/https, port, proxy, credentials, etc.) of your maven dependency locators. If you suspect this is a bug, you can create an issue on https://github.com/holgerbrandl/kscript
[kscript] [ERROR] Exception: java.lang.RuntimeException: File 'de.timolia.admin:foldermonitoringapi:1.0' not found
org.eclipse.aether.resolution.DependencyResolutionException: Could not find artifact de.timolia.admin:foldermonitoringapi:jar:1.0 in maven central (https://repo.maven.apache.org/maven2/)
org.eclipse.aether.resolution.DependencyResolutionException: Could not find artifact de.timolia.admin:foldermonitoringapi:jar:1.0 in https://gitlab.timolia.de/api/v4/projects/446/packages/maven (https://gitlab.timolia.de/api/v4/projects/446/packages/maven)

Working gradle code:

repositories {
    mavenCentral()
    maven {
        url "https://gitlab.timolia.de/api/v4/projects/446/packages/maven"
        name "GitLab"
        credentials(HttpHeaderCredentials) {
            name = 'Private-Token'
            value = 'xxx'
        }
        authentication {
            header(HttpHeaderAuthentication)
        }
    }
}


dependencies {
    implementation('de.timolia.admin:foldermonitoringapi:1.0')
}

max-grossmann avatar Nov 14 '20 23:11 max-grossmann

Okay. I looked into the problem again.

The Problem seems the following:

  • Gitlab authenticates via HTTP Headers (e.g. Key=Private-Token Value=MyPassword)
  • These headers are not added with the current AetherResolveSession implementation in kotlin.script.experimental.dependencies.maven.impl, which is instantiated by MavenRepositoryCoordinates, also part of kotlin.script.experimental.dependencies.maven, which is one of the CompoundDependenciesResolver's specified in DependencyUtil.kt of this library
  • Headers can be added into the Property with Key "aether.connector.http.headers" (https://maven.apache.org/resolver-archives/resolver-LATEST/configuration.html) to repositorySystemSession (Part of the AetherResolveSession)
  • I created a new ExternalDependencyResolver, added it to CompoundDependenciesResolver, modified some lines to pass the username/password speified in the file:MavenRepository Annotation to the aether header variable und reused a lot of stuff of MavenDependenciesResolver and AetherResolveSession
  • These are my changes: https://github.com/Timolia/kscript/commit/c7fa9bf38c966e74fd6d6ac7deaa7c1821e64db4 (I added comments to the important changes. The rest is copy paste boilerplate code)
  • The code is not pull request worthy. This implementation changes should probably be done in the Kotlin-Repo

MaaxGr avatar Nov 15 '20 14:11 MaaxGr

Thanks @MaaxGr for this great analysis.

@ligee Would you agree that this is rather an upstream issue which may be better addressed in kotlin-scripting? To me, an upstream fix seems the best solution here, since with the change-set mentioned above the resolver-API feels a bit cumbersome. Or is it rather a rare edge case in your opinion which should not be supported in kotlin-scripting-resolver?

holgerbrandl avatar Nov 15 '20 17:11 holgerbrandl

Of course, it will be better to extend/fix authentication support right in the kotlin-scripting-dependencies-maven, and I would happily accept a good PR for it to the kotlin repo. :) But if nobody volunteers, I have already a few auth-related issues in YT, so it most likely will be done at some point.

ligee avatar Nov 16 '20 10:11 ligee

Thanks, maybe you could point to the corresponding reference YT ticket in case users want upvote the issue.

holgerbrandl avatar Nov 16 '20 11:11 holgerbrandl

I'm not quite sure what the best implementation also for the dsl of this library would be:

The Gradle documentation points out, that there are three types of authentication: BasicAuth, DigestAuth and HttpHeaderAuth https://docs.gradle.org/current/userguide/declaring_repositories.html#sec:authentication_schemes

In gradle we have to specify explicitly, which type of authentication should be used.

How should kscript handle this matter:

  • Own Annotation for each auth types?
  • New enum parameter, that specifies the type of authentication?
  • Should the MavenDepencyResolver figure it out by itself and we change nothing in this API?
  • Is this a new resolver, that has to be added to CompoundResolver?

MaaxGr avatar Nov 16 '20 12:11 MaaxGr

Hi @MaaxGr @holgerbrandl! The problem with authorization should be fixed in the Kotlin master: https://github.com/JetBrains/kotlin/commit/b77a8228220c272f9f97dbe9673f9e1d14fe3400

The solution was to switch to another transporter factory (from HTTP to Wagon) that actually supports username and password in the authorization. MavenRepositoryCoordinates are considered deprecated now, please use Options instead. Usage example is given here in the test: https://github.com/JetBrains/kotlin/commit/b77a8228220c272f9f97dbe9673f9e1d14fe3400#diff-7e5be2a922d8dcb241e12de7e8a63130f727a8a4da27a7ffb7ff461563b723feR90-R101

ileasile avatar May 17 '21 16:05 ileasile

@holgerbrandl Could you please try it with other repositories?

ileasile avatar May 17 '21 16:05 ileasile

I would certainly extend the test suite, but I don't know any other repos with authentication which I could use here.

holgerbrandl avatar May 28 '21 11:05 holgerbrandl