Gitlab 项目无法解决来自同一 gitlab 组中另一个项目的 Maven 依赖项
Gitlab project cant resolve a maven dependency from another project in the same gitlab group
在我的依赖项目中我有一个 ci_settings.xml:
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
<servers>
<server>
<id>gitlab-maven</id>
<configuration>
<httpHeaders>
<property>
<name>Job-Token</name>
<value>${env.CI_JOB_TOKEN}</value>
</property>
</httpHeaders>
</configuration>
</server>
</servers>
</settings>
并且我已经在 pom.xml:
中配置了注册表
<repositories>
<repository>
<id>gitlab-maven</id>
<!--suppress UnresolvedMavenProperty -->
<url>${env.CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url>
</repository>
</repositories>
<distributionManagement>
<repository>
<id>gitlab-maven</id>
<!--suppress UnresolvedMavenProperty -->
<url>${CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url>
</repository>
<snapshotRepository>
<id>gitlab-maven</id>
<!--suppress UnresolvedMavenProperty -->
<url>${CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url>
</snapshotRepository>
</distributionManagement>
当我 运行 带有以下 .gitlab-ci.yml 的 CI 管道时:
deploy:
image: maven:3.6-jdk-11
script:
- mvn deploy -s ci_settings.xml
only:
- main
依赖项正在成功部署到包存储库。
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.jar
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.jar (35 kB at 61 kB/s)
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.pom
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.pom (3.8 kB at 6.3 kB/s)
Downloading from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml
Downloaded from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml (283 B at 1.6 kB/s)
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/maven-metadata.xml
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/maven-metadata.xml (773 B at 1.3 kB/s)
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml (283 B at 455 B/s)
当我尝试在同一组中的另一个 gitlab 项目中使用部署使用的相同 ci_settings.xml 时,问题现在出现了。我已经像这样设置了 pom:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>de.group.my</groupId>
<artifactId>parent</artifactId>
<version>0.0.1-SNAPSHOT</version>
</parent>
<artifactId>app</artifactId>
<version>0.0.1-SNAPSHOT</version>
<dependencies>
...
<dependency>
<groupId>de.group.my</groupId>
<artifactId>model</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
...
</dependencies>
<repositories>
<repository>
<id>gitlab-maven</id>
<url>https://gitlab.my.de/api/v4/projects/255/packages/maven</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
<distributionManagement>
<repository>
<id>gitlab-maven</id>
<url>https://gitlab.my.de/api/v4/projects/255/packages/maven</url>
</repository>
<snapshotRepository>
<id>gitlab-maven</id>
<url>https://gitlab.my.de/api/v4/projects/255/packages/maven</url>
</snapshotRepository>
</distributionManagement>
</project>
但是当我使用 运行 CI 管道时,它总是以:
结尾
[ERROR] Failed to execute goal on project app: Could not resolve dependencies for project de.group.my:app:jar:0.0.1-SNAPSHOT: Could not find artifact de.group.my:model:jar:0.0.1-SNAPSHOT in gitlab-maven (https://gitlab.my.de/api/v4/projects/255/packages/maven) -> [Help 1]
...
Caused by: org.eclipse.aether.transfer.ArtifactNotFoundException: Could not find artifact de.group.my:model:jar:0.0.1-SNAPSHOT in gitlab-maven (https://gitlab.fronetic.de/api/v4/projects/255/packages/maven
- metadata.xml
- pom.xml
- 罐子
但是将 metadata.xml 的 link 复制到浏览器中它正在下载:
<?xml version="1.0" encoding="UTF-8"?>
<metadata modelVersion="1.1.0">
<groupId>de.group.my</groupId>
<artifactId>model</artifactId>
<version>0.0.1-SNAPSHOT</version>
<versioning>
<snapshot>
<timestamp>20211216.121731</timestamp>
<buildNumber>6</buildNumber>
</snapshot>
<lastUpdated>20211216121731</lastUpdated>
<snapshotVersions>
<snapshotVersion>
<extension>jar</extension>
<value>0.0.1-20211216.121731-6</value>
<updated>20211216121731</updated>
</snapshotVersion>
<snapshotVersion>
<extension>pom</extension>
<value>0.0.1-20211216.121731-6</value>
<updated>20211216121731</updated>
</snapshotVersion>
</snapshotVersions>
</versioning>
</metadata>
在它尝试下载的日志中:
Downloading from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-SNAPSHOT.jar
但是这个神器并不存在。它应该下载 model-0.0.1-20211216.121731-6 但它没有。
可以下载其他依赖项(镜像)
[INFO] Downloading from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom
[DEBUG] Writing tracking file /root/.m2/repository/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom.lastUpdated
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://repo.maven.apache.org/maven2
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://repo.maven.apache.org/maven2
[INFO] Downloading from central: https://repo.maven.apache.org/maven2/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom
[INFO] Downloaded from central: https://repo.maven.apache.org/maven2/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom (8.2 kB at 91 kB/s)
discussion, the OP Mulgard确认后:
I solved it locally.
I needed to add my gitlab user to the project as a maintainer. Adding it to the group was not enough.
But thats only for local.
The gitlab build still does not run since I cant get the CI_JOB_TOKEN inside the docker.
But that is a different topic I guess.
根据项目成员权限,至少需要 Developer 才能 package registry 发布。
CI_JOB_TOKEN 问题看起来像 this issue:
We are having this exact same issue on our gitlab-ce environment, with any attempt to push with "CI_JOB_TOKEN" as part of a pipeline resulting in:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-deploy)
on project <our project>:
Failed to deploy artifacts: Could not find artifact com.<our namespace>.spring.ext:<our jar>:0.0.1-20190207.112431-1
in gitlab-maven (https://git.<our tld>/api/v4/projects/19/packages/maven) -> [Help 1]
I suspect the issues are related as attempting to run the same commands from via the API directly return a 404 for unauthorised users (See: issue 42586).
Modifying our settings.xml to use a personal token with only the "api" scope enabled works.
在我们了解根本原因和解决方案之前,这个问题让我和整个团队困惑了一段时间。
因此,我们在 GitLab 中的同一个子组中有 2 个回购协议,比如 SubGroup1。 Repo1指的是在build.gradle文件中发布到Repo2的Package Registry的依赖,如下所示
repositories {
mavenLocal()
mavenCentral()
maven {
url 'https://gitlab.example.com/api/v4/projects/**projectID**/packages/maven'
credentials(HttpHeaderCredentials) {
name = project.findProperty("gitlab.token.name") ?: "Job-Token"
value = project.findProperty("gitlab.token.key") ?: System.getenv("CI_JOB_TOKEN")
}
authentication {
header(HttpHeaderAuthentication)
}
}
}
现在问题出现了,因为少数用户的推送构建失败并出现错误
> Could not resolve all files for configuration ':compileClasspath'.
> Could not find com.example.group:artifact-name:versionname.
Required by:
project :
显然,当很少有其他用户简单地 re-trigger 失败的工作时,它就像一个魅力,但 re-trigger 不会帮助推动更改的用户。所以它看起来像是在某处发生了一些魔法。
从 GitLab 令牌文档中了解了问题的根本原因。
https://docs.gitlab.com/ee/ci/jobs/ci_job_token.html
以下是问题摘要
在对 CI/CD 作业令牌身份验证问题进行故障排除时,请注意:
当启用 CI/CD 作业令牌限制时,作业令牌被用于访问不同的项目:
- 执行作业的用户必须是正在访问的项目的成员。
- 用户必须具有执行操作的权限。
- 目标项目必须列入工作令牌范围限制的许可名单。
在对构建失败的成员进行故障排除时,我们发现他们是作为直接成员添加到 Repo1 中的,而不是 Repo2 的一部分。
所以理想的解决方案是,将它们添加为 SubGroup1 中的成员,这样 Repo1 和 Repo2 可以访问,因为它们在同一个组中,并且访问是从组访问继承的。如果将新的 repo 添加到组中,这也会有所帮助,成员将自动继承访问权限,从而减少维护。
在我的依赖项目中我有一个 ci_settings.xml:
<settings xmlns="http://maven.apache.org/SETTINGS/1.1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
<servers>
<server>
<id>gitlab-maven</id>
<configuration>
<httpHeaders>
<property>
<name>Job-Token</name>
<value>${env.CI_JOB_TOKEN}</value>
</property>
</httpHeaders>
</configuration>
</server>
</servers>
</settings>
并且我已经在 pom.xml:
中配置了注册表 <repositories>
<repository>
<id>gitlab-maven</id>
<!--suppress UnresolvedMavenProperty -->
<url>${env.CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url>
</repository>
</repositories>
<distributionManagement>
<repository>
<id>gitlab-maven</id>
<!--suppress UnresolvedMavenProperty -->
<url>${CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url>
</repository>
<snapshotRepository>
<id>gitlab-maven</id>
<!--suppress UnresolvedMavenProperty -->
<url>${CI_API_V4_URL}/projects/${env.CI_PROJECT_ID}/packages/maven</url>
</snapshotRepository>
</distributionManagement>
当我 运行 带有以下 .gitlab-ci.yml 的 CI 管道时:
deploy:
image: maven:3.6-jdk-11
script:
- mvn deploy -s ci_settings.xml
only:
- main
依赖项正在成功部署到包存储库。
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.jar
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.jar (35 kB at 61 kB/s)
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.pom
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-20211216.121731-6.pom (3.8 kB at 6.3 kB/s)
Downloading from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml
Downloaded from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml (283 B at 1.6 kB/s)
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/maven-metadata.xml
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/maven-metadata.xml (773 B at 1.3 kB/s)
Uploading to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml
Uploaded to gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/maven-metadata.xml (283 B at 455 B/s)
当我尝试在同一组中的另一个 gitlab 项目中使用部署使用的相同 ci_settings.xml 时,问题现在出现了。我已经像这样设置了 pom:
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>de.group.my</groupId>
<artifactId>parent</artifactId>
<version>0.0.1-SNAPSHOT</version>
</parent>
<artifactId>app</artifactId>
<version>0.0.1-SNAPSHOT</version>
<dependencies>
...
<dependency>
<groupId>de.group.my</groupId>
<artifactId>model</artifactId>
<version>0.0.1-SNAPSHOT</version>
</dependency>
...
</dependencies>
<repositories>
<repository>
<id>gitlab-maven</id>
<url>https://gitlab.my.de/api/v4/projects/255/packages/maven</url>
<releases>
<enabled>true</enabled>
</releases>
<snapshots>
<enabled>true</enabled>
</snapshots>
</repository>
</repositories>
<distributionManagement>
<repository>
<id>gitlab-maven</id>
<url>https://gitlab.my.de/api/v4/projects/255/packages/maven</url>
</repository>
<snapshotRepository>
<id>gitlab-maven</id>
<url>https://gitlab.my.de/api/v4/projects/255/packages/maven</url>
</snapshotRepository>
</distributionManagement>
</project>
但是当我使用 运行 CI 管道时,它总是以:
结尾[ERROR] Failed to execute goal on project app: Could not resolve dependencies for project de.group.my:app:jar:0.0.1-SNAPSHOT: Could not find artifact de.group.my:model:jar:0.0.1-SNAPSHOT in gitlab-maven (https://gitlab.my.de/api/v4/projects/255/packages/maven) -> [Help 1]
...
Caused by: org.eclipse.aether.transfer.ArtifactNotFoundException: Could not find artifact de.group.my:model:jar:0.0.1-SNAPSHOT in gitlab-maven (https://gitlab.fronetic.de/api/v4/projects/255/packages/maven
- metadata.xml
- pom.xml
- 罐子
但是将 metadata.xml 的 link 复制到浏览器中它正在下载:
<?xml version="1.0" encoding="UTF-8"?>
<metadata modelVersion="1.1.0">
<groupId>de.group.my</groupId>
<artifactId>model</artifactId>
<version>0.0.1-SNAPSHOT</version>
<versioning>
<snapshot>
<timestamp>20211216.121731</timestamp>
<buildNumber>6</buildNumber>
</snapshot>
<lastUpdated>20211216121731</lastUpdated>
<snapshotVersions>
<snapshotVersion>
<extension>jar</extension>
<value>0.0.1-20211216.121731-6</value>
<updated>20211216121731</updated>
</snapshotVersion>
<snapshotVersion>
<extension>pom</extension>
<value>0.0.1-20211216.121731-6</value>
<updated>20211216121731</updated>
</snapshotVersion>
</snapshotVersions>
</versioning>
</metadata>
在它尝试下载的日志中:
Downloading from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/de/group/my/model/0.0.1-SNAPSHOT/model-0.0.1-SNAPSHOT.jar
但是这个神器并不存在。它应该下载 model-0.0.1-20211216.121731-6 但它没有。
可以下载其他依赖项(镜像)
[INFO] Downloading from gitlab-maven: https://gitlab.my.de/api/v4/projects/255/packages/maven/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom
[DEBUG] Writing tracking file /root/.m2/repository/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom.lastUpdated
[DEBUG] Using transporter WagonTransporter with priority -1.0 for https://repo.maven.apache.org/maven2
[DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://repo.maven.apache.org/maven2
[INFO] Downloading from central: https://repo.maven.apache.org/maven2/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom
[INFO] Downloaded from central: https://repo.maven.apache.org/maven2/io/micrometer/micrometer-core/1.5.1/micrometer-core-1.5.1.pom (8.2 kB at 91 kB/s)
discussion, the OP Mulgard确认后:
I solved it locally.
I needed to add my gitlab user to the project as a maintainer. Adding it to the group was not enough.But thats only for local.
The gitlab build still does not run since I cant get the
CI_JOB_TOKENinside the docker.
But that is a different topic I guess.
根据项目成员权限,至少需要 Developer 才能 package registry 发布。
CI_JOB_TOKEN 问题看起来像 this issue:
We are having this exact same issue on our gitlab-ce environment, with any attempt to push with "
CI_JOB_TOKEN" as part of a pipeline resulting in:[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-deploy) on project <our project>: Failed to deploy artifacts: Could not find artifact com.<our namespace>.spring.ext:<our jar>:0.0.1-20190207.112431-1 in gitlab-maven (https://git.<our tld>/api/v4/projects/19/packages/maven) -> [Help 1]I suspect the issues are related as attempting to run the same commands from via the API directly return a 404 for unauthorised users (See: issue 42586).
Modifying our
settings.xmlto use a personal token with only the "api" scope enabled works.
在我们了解根本原因和解决方案之前,这个问题让我和整个团队困惑了一段时间。
因此,我们在 GitLab 中的同一个子组中有 2 个回购协议,比如 SubGroup1。 Repo1指的是在build.gradle文件中发布到Repo2的Package Registry的依赖,如下所示
repositories {
mavenLocal()
mavenCentral()
maven {
url 'https://gitlab.example.com/api/v4/projects/**projectID**/packages/maven'
credentials(HttpHeaderCredentials) {
name = project.findProperty("gitlab.token.name") ?: "Job-Token"
value = project.findProperty("gitlab.token.key") ?: System.getenv("CI_JOB_TOKEN")
}
authentication {
header(HttpHeaderAuthentication)
}
}
}
现在问题出现了,因为少数用户的推送构建失败并出现错误
> Could not resolve all files for configuration ':compileClasspath'.
> Could not find com.example.group:artifact-name:versionname.
Required by:
project :
显然,当很少有其他用户简单地 re-trigger 失败的工作时,它就像一个魅力,但 re-trigger 不会帮助推动更改的用户。所以它看起来像是在某处发生了一些魔法。
从 GitLab 令牌文档中了解了问题的根本原因。 https://docs.gitlab.com/ee/ci/jobs/ci_job_token.html
以下是问题摘要 在对 CI/CD 作业令牌身份验证问题进行故障排除时,请注意: 当启用 CI/CD 作业令牌限制时,作业令牌被用于访问不同的项目:
- 执行作业的用户必须是正在访问的项目的成员。
- 用户必须具有执行操作的权限。
- 目标项目必须列入工作令牌范围限制的许可名单。
在对构建失败的成员进行故障排除时,我们发现他们是作为直接成员添加到 Repo1 中的,而不是 Repo2 的一部分。
所以理想的解决方案是,将它们添加为 SubGroup1 中的成员,这样 Repo1 和 Repo2 可以访问,因为它们在同一个组中,并且访问是从组访问继承的。如果将新的 repo 添加到组中,这也会有所帮助,成员将自动继承访问权限,从而减少维护。