Azure 管道上的 Maven release:perform 失败,因为它无法读取存储库的密码

Maven release:perform on azure pipeline fails as it can't read password for the repo

我有一个父 pom,我在其中使用了 maven-release-plugin,其中包含需要推送到 Azure 工件的工件。我能够让它在我的本地工作,现在我正在尝试使用 azure 管道自动化它,但是我得到以下 mvn release:perform.

的错误

错误:

[ERROR] Failed to execute goal org.apache.maven.plugins:maven-release-plugin:3.0.0-M1:perform (default-cli) on project my-parent-repo: Unable to checkout from SCM
[ERROR] Provider message:
[ERROR] The git-clone command failed.
[ERROR] Command output:
[ERROR] Cloning into 'checkout'...
[ERROR] fatal: could not read Password for 'https:********@dev.azure.com': terminal prompts disabled
[ERROR] -> [Help 1]

我的pom:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<scm>
    <developerConnection>scm:git:https://$(PAT)@dev.azure.com/my-org/my-prjt/_git/my-parent-repo/</developerConnection>
  <tag>HEAD</tag>
</scm>
<groupId>dispute</groupId>
<artifactId>my-parent</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>pom</packaging>
<name>Microservice DI parent</name>
<description>DI microservice parent </description>
<distributionManagement>  
  <!-- Publish the versioned releases here -->  
  <repository>  
    <id>repo</id>  
    <name>Artifact repo</name>  
    <url>https://xxx.pkgs.visualstudio.com/2abc/_packaging/my-maven-artifacts/maven/v1</url>  
  </repository>  
</distributionManagement>  

<build>
<plugins>
  <plugin>
    <groupId>org.apache.maven.plugins</groupId>
    <artifactId>maven-release-plugin</artifactId>
    <version>3.0.0-M1</version>
  </plugin>
</plugins>
</build>

<repositories>
    <repository>
        <id>my-maven-artifacts</id>
        <url>
            https://xxx.pkgs.visualstudio.com/2abc/_packaging/my-maven-artifacts/maven/v1
        </url>
        <releases>
            <enabled>true</enabled>
        </releases>
        <snapshots>
            <enabled>true</enabled>
        </snapshots>
    </repository>
</repositories>
<pluginRepositories>
    <pluginRepository>
        <id>Pod4-artifacts</id>
        <url>
            https://xxx.pkgs.visualstudio.com/2abc/_packaging/my-maven-artifacts/maven/v1
        </url>
        <releases>
            <enabled>true</enabled>
        </releases>
        <snapshots>
            <enabled>true</enabled>
        </snapshots>
    </pluginRepository>
</pluginRepositories>

<properties>
    <!-- Build properties -->
    <maven.version>3.3.9</maven.version>
    <java.version>11</java.version>
</properties>
</project>

已尝试修复: 我在代理作业上启用了 Allow scripts to access the OAuth token。我还为项目集合服务帐户和项目集合构建服务提供了在存储库下创建标签、分支和贡献的权限。 此外,有一个 ci-settings.xml 以及 repo id 的用户名和密码,它们在 Azure 管道的 Maven 任务中作为参数提供。 -e -B -s $(System.DefaultWorkingDirectory)/ci-settings.xml

如果有什么遗漏,请告诉我。请注意,它在我的本地完美运行。

由于您使用的是 PAT 令牌而不是 OAuth 令牌,我们不需要启用选项 Allow scripts to access the OAuth token。如果你想用这个,你可以用这个 URL

https://$env:SYSTEM_ACCESSTOKEN@dev.azure.com/my-org/my-prjt/_git/my-parent-repo

我们应该在select repo权限下为账户Project Collection Build Service(Org name)提供创建标签、分支、贡献的权限,而不是在All Repositories权限页面下配置权限。

我们也可以尝试在 pom 文件中设置 PAT token 而不是变量。