AWS CodeArtifact:mvn deploy:deploy-file 无法部署工件:无法传输工件 401 Unauthorized
Posted
技术标签:
【中文标题】AWS CodeArtifact:mvn deploy:deploy-file 无法部署工件:无法传输工件 401 Unauthorized【英文标题】:AWS CodeArtifact: mvn deploy:deploy-file Failed to deploy artifacts: Could not transfer artifact 401 Unauthorized 【发布时间】:2021-11-19 22:55:10 【问题描述】:我在尝试将 java 库 (jar) 发布到 AWS CodeArtifact Maven 存储库时遇到问题。当我尝试发布它时,我得到 HTTP 状态代码 401(未经授权)。这表明我做错了什么,比如缺少 CODEARTIFACT_AUTH_TOKEN 环境变量,或者使用了错误的 aws 凭证/配置文件等。但是 AWS CodeArtifact 非常简单:我们只需要:
生成新的 CODEARTIFACT_AUTH_TOKEN 并将其设置为环境变量, 使用 username=aws 和 password=$env.CODEARTIFACT_AUTH_TOKEN 更新我们的本地 Maven .m2/settings.xml 以指向 AWS CodeArtifact 服务器 确保我们从有权访问 AWS CodeArtifact 域和 Maven 存储库的帐户生成该令牌(如果我们无权访问,则会出错)。...超级简单。然而,当我尝试使用我的设置“mvn deploy-file”时,我得到 401 Unauthorized ......请参阅下面的完整设置:
我通过 Cloudformation 模板设置了 AWS CodeArtifact 域和 Maven 存储库(如果需要,请忽略 NPM 和上游存储库):
AWSTemplateFormatVersion: "2010-09-09"
Description: CodeArtifact Domain, Maven repo, NPM repo, and upsteam repos
Resources:
CodeArtifactDomain:
Type: AWS::CodeArtifact::Domain
Properties:
DomainName: mydomain
PermissionsPolicyDocument:
Version: 2012-10-17
Statement:
- Action:
- codeartifact:CreateRepository
- codeartifact:DescribeDomain
- codeartifact:GetAuthorizationToken
- codeartifact:GetDomainPermissionsPolicy
- codeartifact:ListRepositoriesInDomain
- sts:GetServiceBearerToken
- codeartifact:DescribePackageVersion
- codeartifact:DescribeRepository
- codeartifact:GetPackageVersionReadme
- codeartifact:GetRepositoryEndpoint
- codeartifact:ListPackageVersionAssets
- codeartifact:ListPackageVersionDependencies
- codeartifact:ListPackageVersions
- codeartifact:ListPackages
- codeartifact:ReadFromRepository
- codeartifact:PublishPackageVersion
- codeartifact:PutPackageMetadata
Effect: Allow
Principal:
AWS:
- "arn:aws:iam::123456788904:root"
- "arn:aws:iam::123456789098:root"
- "arn:aws:iam::123456789087:root"
Resource: "*"
Tags:
- Key: Name
Value: CodeArtifact Domain
ArtifactUpstreamRepositoryMaven:
Type: AWS::CodeArtifact::Repository
Properties:
RepositoryName: maven-upstream-repo
DomainName: !GetAtt CodeArtifactDomain.Name
ExternalConnections:
- public:maven-central
ArtifactRepositoryMaven:
Type: AWS::CodeArtifact::Repository
Properties:
RepositoryName: maven-repo
Description: Maven CodeArtifact Repository
DomainName: !GetAtt CodeArtifactDomain.Name
Upstreams:
- !GetAtt ArtifactUpstreamRepositoryMaven.Name
Tags:
- Key: Name
Value: Maven CodeArtifact Repository
ArtifactUpstreamRepositoryNPM:
Type: AWS::CodeArtifact::Repository
Properties:
RepositoryName: npm-upstream-repo
DomainName: !GetAtt CodeArtifactDomain.Name
ExternalConnections:
- public:npmjs
ArtifactRepositoryNPM:
Type: AWS::CodeArtifact::Repository
Properties:
RepositoryName: npm-repo
Description: NPM CodeArtifact Repository
DomainName: !GetAtt CodeArtifactDomain.Name
Upstreams:
- !GetAtt ArtifactUpstreamRepositoryNPM.Name
Tags:
- Key: Name
Value: NPM CodeArtifact Repository
Outputs:
CodeArtifactDomain:
Description: The CodeArtifact Domain
Value: !Ref CodeArtifactDomain
Export:
Name: CodeArtifactDomain
我运行了上述 cloudformation 模板并确认它已成功完成,然后导航到 CodeArtifact 以检查 CodeArtifact 域和存储库是否已成功创建(它们是)。然后我查找了我的存储库的连接说明。使用这些连接说明,我首先剪切并粘贴了第一个:
export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token --domain mydomain --domain-owner <MY_ACCOUNT_NUMBER --query authorizationToken --output text`
然后我在 ~/.m2/settings.xml 中设置我的 maven 设置,并将所有设置显示在我的存储库的连接说明中(在 AWS 控制台中):
<?xml version="1.0" encoding="UTF-8"?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">
<servers>
<server>
<id>mydomain-maven-repo</id>
<username>aws</username>
<password>$env.CODEARTIFACT_AUTH_TOKEN</password>
</server>
</servers>
<profiles>
<profile>
<id>mydomain-maven-repo</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>mydomain-maven-repo</id>
<url>https://mydomain-<MY_ACCOUNT_NUMBER>.d.codeartifact.us-east-1.amazonaws.com/maven/maven-repo/</url>
</repository>
</repositories>
</profile>
</profiles>
</settings>
最后,我尝试 mvn:将我的一个库部署到 AWS CodeArtifact maven 存储库:
mvn deploy:deploy-file \
-DgroupId=com.myorg \
-DartifactId=my-client_2.12 \
-Dversion=1.0.1-play28 \
-Dfile=./my-client_2.12-1.0.1-play28.jar \
-Dsources=./my-client_2.12-1.0.1-play28-sources.jar \
-Djavadoc=./my-client_2.12-1.0.1-play28-javadoc.jar \
-Dpackaging=jar \
-DrepositoryId=maven-repo \
-Durl=https://mydomain-<MY_ACCOUNT_NUMBER>.d.codeartifact.us-east-1.amazonaws.com/maven/maven-repo/
我得到这个错误:
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------< org.apache.maven:standalone-pom >-------------------
[INFO] Building Maven Stub Project (No POM) 1
[INFO] --------------------------------[ pom ]---------------------------------
[INFO]
[INFO] --- maven-deploy-plugin:2.7:deploy-file (default-cli) @ standalone-pom ---
Uploading to maven-repo: https://my-domain-<MY_ACCOUNT_NUMBER>.d.codeartifact.us-east-1.amazonaws.com/maven/maven-repo/.../my-client_2.12/1.0.1-play28/my-client_2.12-1.0.1-play28.jar
Uploading to maven-repo: https://my-domain-<MY_ACCOUNT_NUMBER>.d.codeartifact.us-east-1.amazonaws.com/maven/maven-repo/.../my-client_2.12/1.0.1-play28/my-client_2.12-1.0.1-play28.pom
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.319 s
[INFO] Finished at: 2021-09-27T15:10:56-04:00
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy-file (default-cli) on project standalone-pom: Failed to deploy artifacts: Could not transfer artifact my-client_2.12:jar:1.0.1-play28 from/to maven-repo (https://my-domain-<MY_ACCOUNT_NUMBER>.d.codeartifact.us-east-1.amazonaws.com/maven/maven-repo/): Transfer failed for https://my-domain-<MY_ACCOUNT_NUMBER>.d.codeartifact.us-east-1.amazonaws.com/maven/maven-repo/.../my-client_2.12/1.0.1-play28/my-client_2.12-1.0.1-play28.jar 401 Unauthorized -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
我可以通过运行确认我在 ~/.aws/credentials 中使用了正确的凭据
aws sts get-caller-identity
我也确认我
拥有最新的 mvn 可执行文件 将 M2_HOME 设置为指向我的 ~/.m2 获得最近的令牌(不超过 12 小时)我不知道为什么我在 mvn deploy-file 时得到 401 未授权...有什么想法吗?
【问题讨论】:
【参考方案1】:Arg,找到了。问题在于“mvn deploy:deploy-file”参数之一:
:
-DrepositoryId=maven-repo
...需要匹配~/.m2/settings.xml中的服务器id:
<id>mydomain-maven-repo</id>
如果我将 mvn 命令更改为 put:
-DrepositoryId=mydomain-maven-repo
... 401 Unauthorized 错误消失了!!! Argg AWS:这不应该是 404、400 还是其他?这不是未经授权的,它是一个未知的存储库。它正在推动 401 的定义……
无论如何,亲爱的互联网:如果 CodeArtifact 曾经对您返回 401,请注意您可能配置错误。这可能不是授权问题。
【讨论】:
以上是关于AWS CodeArtifact:mvn deploy:deploy-file 无法部署工件:无法传输工件 401 Unauthorized的主要内容,如果未能解决你的问题,请参考以下文章
如何在云上创建自己的 Artifactory,例如 AWS 的 Codeartifact、Jfrog 的 Artifactory
缺少 AWS CodeArtifact 公共 npm 包版本
执行命令时出错:mvn test。原因:退出状态 1 - AWS
powershell 来自http://www.abhinavrastogi.com/powershell_for_remote_tomcat_deployment.html
powershell 来自http://www.abhinavrastogi.com/powershell_for_remote_tomcat_deployment.html